public async Task <IActionResult> Index(User _user)
{
var user = await userRepository.GetUser(_user.Email, _user.Password);
if (!(user is User))
{
ModelState.AddModelError("invalid-login", "Ongeldige inlog");
return(View(_user));
}
var session = await userSessionRepository.CreateSession(user.Id);
if (!(session is UserSession))
{
return(View(_user));
}
HttpContext.Response.Cookies.Append("User", string.Format("IdUser={0}&Code={1}", user.Id, session.Token), new Microsoft.AspNetCore.Http.CookieOptions
{
Expires = DateTimeOffset.Now.AddMonths(1)
});
return(RedirectToAction("Index", "Home"));
}
private void StartNewSession(HttpContextBase context, int?userID)
{
if (userID.HasValue)
{
var oldUserSession = _userSessionRepository.GetSessionIDByUserID(userID.Value);
if (oldUserSession != null)
{
EndAndDeleteSession(oldUserSession);
}
}
var random = new Random();
var sessionID = random.Next(int.MinValue, int.MaxValue);
context.Response.Cookies.Set(new HttpCookie(_sessionIDCookieName, sessionID.ToString()));
_securityLogService.CreateLogEntry(null, userID, context.Request.UserHostAddress, sessionID.ToString(), SecurityLogType.UserSessionStart);
_userSessionRepository.CreateSession(sessionID, userID, DateTime.UtcNow);
}
private int StartNewSession(int?userID, string ip, Action <int> createSession)
{
if (userID.HasValue)
{
var oldUserSession = _userSessionRepository.GetSessionIDByUserID(userID.Value);
if (oldUserSession != null)
{
EndAndDeleteSession(oldUserSession);
}
}
var random = new Random();
var sessionID = random.Next(int.MinValue, int.MaxValue);
_securityLogService.CreateLogEntry(null, userID, ip, sessionID.ToString(), SecurityLogType.UserSessionStart);
_userSessionRepository.CreateSession(sessionID, userID, DateTime.UtcNow);
createSession(sessionID);
return(sessionID);
}