Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /// <summary>
- /// Check the user's login
- /// </summary>
- /// <param name="username">Merchant's username</param>
- /// <param name="password">Merchant's password</param>
- /// <returns></returns>
- public static string checkLogin(string username, string password)
- {
- bool IsSpoof = false;
- Merchant merch;
- Login login;
- /* find the user */
- try
- {
- string[] aryUsername = username.Split(new string[] { "|*|" }, StringSplitOptions.None);
- if(aryUsername.Length > 1)
- {
- login = new Login(aryUsername[0]);
- /* now match the passwords */
- if (login.Password != FormsAuthentication.HashPasswordForStoringInConfigFile(password + login.Salt, "sha1") || !login.HasAccess(Merchant.MerchantLevel.SuperAdmin))
- {
- throw new Exception();
- }
- login = new Login(aryUsername[1]);
- IsSpoof = true;
- }else
- {
- login = new Login(username);
- //HttpContext.Current.Session["login"] = login;
- //return login.Username;
- if(login.LoginAttempts == 6)
- {
- // throw (new ApplicationException("Account has been locked."));
- }
- merch = login.Merchant;
- string MerchantSiteType = ConfigurationManager.AppSettings["MerchantSiteType"].ToString();
- Merchant.SiteTypes siteType = (Merchant.SiteTypes)Enum.Parse(typeof(Merchant.SiteTypes), MerchantSiteType);
- if (!merch.HasSiteType(siteType) || login.LoginStatus == Core.Login.Status.Inactive)
- {
- throw new Exception();
- }
- login.LoginAttempts = login.LoginAttempts + 1;
- login.Update();
- }
- }
- catch (ApplicationException ex)
- {
- throw ex;
- }
- catch
- {
- /* verify we have found the user */
- throw (new ApplicationException("Username was not found or invalid"));
- }
- string hashedPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(password + login.Salt, "sha1");
- /* now match the passwords */
- if (login.Password != hashedPassword && IsSpoof == false)
- {
- throw (new ApplicationException("Username and password were not valid"));
- }
- login.LoginAttempts = 0;
- login.LastLoginDate = DateTime.Now;
- login.Update();
- /* set the session */
- HttpContext.Current.Session["login"] = login;
- /* return the merchant ID */
- return login.Username;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement