private void SetAuthCookie(MyAspNetUser user) { // Real implementation is FormsAuthentication.SetAuthCookie(); // GetAuthCookie: https://github.com/Microsoft/referencesource/blob/master/System.Web/Security/FormsAuthentication.cs HttpCookie cookie = new HttpCookie(MyOwinMiddleware.AuthenticationKey); cookie.Value = $"{user.UserName}:{user.Password}"; cookie.Expires = DateTime.Now.AddDays(1); this.HttpContext.Response.Cookies.Add(cookie); }
public ActionResult Register(MyAspNetUser user) { if (this.context.MyAspNetUsers.Any(x => x.UserName == user.UserName)) { this.ModelState.AddModelError(nameof(MyAspNetUser.UserName), $"Name {user.UserName} is already taken."); } if (this.ModelState.IsValid) { this.context.MyAspNetUsers.Add(user); // TODO save only password hash this.context.SaveChanges(); this.SetAuthCookie(user); return(this.RedirectToAction("Index", "Home")); } return(View(user)); }
public ActionResult Login(MyAspNetUser user) { var dbUser = this.context.MyAspNetUsers.FirstOrDefault(x => x.UserName == user.UserName); if (dbUser == null) { this.ModelState.AddModelError(nameof(MyAspNetUser.UserName), $"User with name {user.UserName} does not exists in the DB"); } if (dbUser.Password != user.Password) { this.ModelState.AddModelError(nameof(MyAspNetUser.Password), $"Wrong password"); } if (this.ModelState.IsValid) { this.SetAuthCookie(user); return(this.RedirectToAction("Index", "Home")); } return(View(user)); }
// GET: MyAccountController public ActionResult Login() { var model = new MyAspNetUser(); return(View(model)); }