public override void OnActionExecuting(ActionExecutingContext filterContext) { var sessionCookie = filterContext.HttpContext.Request.Cookies["SESSION_ID"]; if (sessionCookie != null) { var accountService = new AccountService(); var sessionId = new Guid(sessionCookie.Value); if (accountService.ValidateSession(sessionId)) { return; } } filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary { { "controller", "Account" }, { "action", "Login" } }); }
public ActionResult Login(Account account) { var sessionID = Guid.NewGuid(); var sessionExpiresAt = DateTime.Now.AddHours(5); account.sessionID = sessionID; account.sessionExpiresAt = sessionExpiresAt; var accountService = new AccountService(); if (accountService.Login(account)) { var sessionCookie = new HttpCookie("SESSION_ID") { Value = sessionID.ToString(), Expires = sessionExpiresAt }; Response.Cookies.Add(sessionCookie); var redirectURI = Url.Action("Index"); return Json(new { redirect = redirectURI }); } return new HttpStatusCodeResult((int)HttpStatusCode.InternalServerError); }