示例#1
0
        public static UserLoggedInProfile AuthenticateUser(string username, string password)
        {
            SqlDataReader reader;
            UserLoggedInProfile profile = new UserLoggedInProfile();
            using (SqlConnection conn = new SqlConnection(Connection.connectionString))
            {
                conn.Open();
                //SqlCommand sqlCmd = new SqlCommand("SELECT Password From Users WHERE UserName='******'", conn);
                SqlCommand sqlCmd = new SqlCommand("SELECT Password, Role, UserID, FirstName From Users WHERE UserName=@userName", conn);
                sqlCmd.Parameters.AddWithValue("@userName", username);
                reader = sqlCmd.ExecuteReader();

                if (reader.HasRows)
                {
                    reader.Read();
                    Console.WriteLine("password hashed" + getSHA1Hash(password));
                    if (getSHA1Hash(password).Equals(reader["Password"]))
                    {
                        //string roleAcquired = (string)reader["Role"];
                        profile.UserID = (int) reader["UserID"];
                        profile.UserName = (string) reader["FirstName"];
                        profile.Role = (string)reader["Role"];
                        return profile;
                        //return roleAcquired;
                    }
                }
            }
            return new UserLoggedInProfile{Role="InvalidRole", UserName="",UserID=-1};
        }
示例#2
0
        public ActionResult Login(UserLogin model, string returnUrl)
        {
            //string role = UserDAL.AuthenticateUser(model.UserName, model.Password);
            UserLoggedInProfile userProfile=new UserLoggedInProfile();
            if (Session["UserID"] != null) //already logged in
            {
                if (Session["Role"].Equals("admin")||Session["Role"].Equals("member"))
                {
                    return RedirectToLocal(returnUrl);
                }
                else
                {
                    //TODO: Logger
                    Console.WriteLine("Some error occured");
                }
            }
            try
            {
                userProfile = UserDAL.AuthenticateUser(model.UserName, model.Password);
            }
            catch (Exception)
            {
                ModelState.AddModelError("", "");

            }
            //new login
            string role=userProfile.Role; //populated above from database
            if (ModelState.IsValid && (role.Equals("admin") || role.Equals("member")))
            {
                //if(role
                Session["Role"] = userProfile.Role;
                Session["UserName"] = userProfile.UserName;
                Session["UserID"] = userProfile.UserID;
                return RedirectToLocal(returnUrl);
            }

            // If we got this far, something failed, redisplay form
            ModelState.AddModelError("", "The user name or password provided is incorrect.");
            return View(model);
        }
示例#3
0
 //
 // POST: /Account/LogOff
 /*public ActionResult Logout()
 {
     Session.Abandon(); //end  and abandon user session
     return RedirectToAction("Index", "Home");
 }
 */
 //[ChildActionOnly]
 //public ActionResult Logout(UserLoggedInProfile module)
 //{
 //    try
 //    {
 //        Session.Abandon(); //end  and abandon user session
 //    }
 //    catch (Exception e)
 //    {
 //        ModelState.AddModelError("", "Some error occured.");
 //    }
 //    return RedirectToAction("Index", "Home");
 //}
 public ActionResult Logout(UserLoggedInProfile module)
 {
     try
     {
         Session.Abandon(); //end  and abandon user session
     }
     catch(Exception){
     ModelState.AddModelError("", "Some error occured.");
     }
     return RedirectToAction("Index", "Home");
 }