protected override bool AuthorizeCore(HttpContextBase httpContext)
{
User user = HttpContext.Current.Session[SessionVars.User] as User;
HttpCookie c = httpContext.Request.Cookies.Get(FormsAuthentication.FormsCookieName);
#region Persistent Login
if (user == null && c != null && !string.IsNullOrEmpty(c.Value))
{
FormsAuthenticationTicket t = FormsAuthentication.Decrypt(c.Value);
string email = t.UserData.Split(' ')[0];
string password = t.UserData.Split(' ')[1];
Credentials credentials = new Credentials() { Email = email, Password = password };
if (this.LoginUser(credentials))
{
user = new User() { Email = credentials.Email, Password = credentials.Password };
httpContext.Session["user"] = user;
}
}
#endregion
if (user != null)
return true;
return false;
}
private void CreateAuthenticationTicket( User user )
{
Session[SessionVars.User] = user;
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
user.Email,
DateTime.Now,
DateTime.Now.AddYears(1),
true,
user.Email + " " + user.Password,
FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
// Create the cookie.
HttpCookie cookie = new HttpCookie("AuthCookie");
cookie.Value = encTicket.ToString();
cookie.Expires = DateTime.Now.AddYears(1);
Response.Cookies.Add(cookie);
}