public ActionResult CheckCredentials(User currentUser, string username, string password, string reason)
{
var returnContent = Globalizer.GetGlobalizedString("MSG_LOGINPORTLET_INVALID");
if (currentUser.Username == "Guest")
return Content("User Not Loged In");
var currentPortalUser = _portalUserFacade.FindByUsername(currentUser.Username);
if (Request.IsAjaxRequest())
{
try
{
if (_loginService.IsLoginValid(currentUser.Username, password) || ! _requirePassword)
{
if (System.Web.HttpContext.Current.Session["ProxyLoginOriginalUser"] != null)
return Content(Globalizer.GetGlobalizedString("CUS_BC_PL_ALREADY_PROXIED"));
var user = _portalUserFacade.FindByUsername(username);
if (user != null)
{
var roleCheck = new RoleChecker().RoleCheck(user, _portletTemplateFacade.FindByName("[CUS] BCProxyLogin"), currentPortalUser);
if (roleCheck.Success)
{
LogAction(reason, user.ID, currentPortalUser.ID);
System.Web.HttpContext.Current.Session.Clear();
System.Web.HttpContext.Current.Session["file_access"] = new StringDictionary();// UploadFile doesn't check to see if there is a valid StringDictionary here, and does a cast. This causes a unhandled exception that bubbles up to a YSOD
_formsAuthenticationService.SignIn(username, false);
System.Web.HttpContext.Current.Session["ProxyLoginOriginalUser"] = currentUser;
returnContent = "OK";
}else
{
if (_logFailures)
LogAction(roleCheck.Reason, user.ID, currentPortalUser.ID);
returnContent = roleCheck.Reason;
}
}else
{
returnContent = Globalizer.GetGlobalizedString("CUS_BC_PL_USER_NOT_FOUND");
}
}
}
catch (Exception ex)
{
returnContent = ex.GetBaseException().Message;
}
}
return Content(returnContent);
}
private void PerformLogin()
{
var username = tbUserName.Text;
var user = getPortalUserByUserName(username);
if (user != null)
{
var roleCheck = new RoleChecker().RoleCheck(user, ParentPortlet.Portlet.PortletTemplate);
if (roleCheck.Success)
{
if (LogAction(tbReason.Text, user.ID))
{
var currentUser = PortalUser.Current.Username;
HttpContext.Current.Session.Clear();
HttpContext.Current.Session["file_access"] = new StringDictionary();// UploadFile doesn't check to see if there is a valid StringDictionary here, and does a cast. This causes a unhandled exception that bubbles up to a YSOD
PortalGlobal.Login(user.Username, String.Empty);
HttpContext.Current.Session["ProxyLoginOriginalUser"] = currentUser;
BCProxyLogin.RedirectUrl(Response);
}
}
else
{
ParentPortlet.ShowFeedback(FeedbackType.Message, roleCheck.Reason);
if (_logFailures)
LogAction(roleCheck.Reason, user.ID);
}
}
else
{
ParentPortlet.ShowFeedback(FeedbackType.Message, Globalizer.GetGlobalizedString("CUS_BC_PL_USER_NOT_FOUND"));
}
}
private void PerformLogin()
{
var username = tbUserName.Text;
var user = getPortalUserByUserName(username);
if (user != null)
{
var roleCheck = new RoleChecker().RoleCheck(user, _portletTemplate);
if (roleCheck.Success)
{
if (LogAction(tbReason.Text, user.ID))
{
var currentUser = PortalUser.Current.Username;
HttpContext.Current.Session.Clear();
PortalGlobal.Login(user.Username, String.Empty);
HttpContext.Current.Session["file_access"] = new StringDictionary(); // UploadFile doesn't check to see if there is a valid StringDictionary here, and does a cast. This causes a unhandled exception that bubbles up to a YSOD
HttpContext.Current.Session["ProxyLoginOriginalUser"] = currentUser;
HttpContext.Current.Session["ProxyLoginDontRedirect"] = true;
}
}
else
{
divmessage.InnerHtml = roleCheck.Reason;
divmessage.Visible = true;
if (_logFailures)
LogAction(roleCheck.Reason, user.ID);
}
}
else
{
divmessage.InnerHtml = Globalizer.GetGlobalizedString("CUS_BC_PL_USER_NOT_FOUND");
divmessage.Visible = true;
}
}