Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
- {
- string userName = Login1.UserName;
- string password = Login1.Password;
- bool rememberUserName = Login1.RememberMeSet;
- if (validateuser(userName, password))
- {
- //Fetch the role
- Database db = DatabaseFactory.CreateDatabase();
- //Create Command object
- System.Data.Common.DbCommand cmd = db.GetStoredProcCommand("sp_RolesForUser");
- db.AddInParameter(cmd, "@Uid", System.Data.DbType.String, 15);
- db.SetParameterValue(cmd, "@Uid", Login1.UserName);
- System.Data.IDataReader reader = db.ExecuteReader(cmd);
- System.Collections.ArrayList roleList = new System.Collections.ArrayList();
- if (reader.Read())
- {
- roleList.Add(reader[0]);
- string myRoles = (string)roleList[0];
- //Create Form Authentication ticket
- //Parameter(1) = Ticket version
- //Parameter(2) = User ID
- //Parameter(3) = Ticket Current Date and Time
- //Parameter(4) = Ticket Expiry
- //Parameter(5) = Remember me check
- //Parameter(6) = User Associated Roles in this ticket
- //Parameter(7) = Cookie Path (if any)
- FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, userName, DateTime.Now,
- DateTime.Now.AddMinutes(20), rememberUserName, myRoles, FormsAuthentication.FormsCookiePath);
- //For security reasons we may hash the cookies
- string hashCookies = FormsAuthentication.Encrypt(ticket);
- HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashCookies);
- // add the cookie to user browser
- Response.Cookies.Add(cookie);
- if (HttpContext.Current.User.IsInRole("Administrators"))
- {
- Response.Redirect("~/Admin/Default.aspx");
- }
- else
- {
- string returnURL = "~/Default.aspx";
- // get the requested page
- //string returnUrl = Request.QueryString["ReturnUrl"];
- //if (returnUrl == null)
- // returnUrl = "~/Default.aspx";
- Response.Redirect(returnURL);
- }
- }
- }
- }
- protected bool validateuser(string UserName, string Password)
- {
- Boolean boolReturnValue = false;
- //Create Connection using Enterprise Library Database Factory
- Database db = DatabaseFactory.CreateDatabase();
- //Create Command object
- DbCommand cmd = db.GetStoredProcCommand("sp_ValidateUser");
- db.AddInParameter(cmd, "@userid", DbType.String, 15);
- db.SetParameterValue(cmd, "@userid", Login1.UserName);
- db.AddInParameter(cmd, "@password", DbType.String, 15);
- db.SetParameterValue(cmd, "@password", Login1.Password);
- db.AddOutParameter(cmd, "@retval", DbType.Int16, 2);
- db.ExecuteNonQuery(cmd);
- int theStatus = (System.Int16)db.GetParameterValue(cmd, "@retval");
- if (theStatus > 0) //Authenticated user
- boolReturnValue = true;
- else //UnAuthorized...
- boolReturnValue = false;
- return boolReturnValue;
- }
- public class User
- {
- public int UserId { get; set; }
- public string Name { get; set; }
- public string Username { get; set; }
- public string Password { get; set; }
- public string Email { get; set; }
- public bool IsAdmin { get; set; }
- }
- public class UserRepository
- {
- Context context = new Context();
- public User GetByUsernameAndPassword(User user)
- {
- return context.Users.Where(u => u.Username==user.Username & u.Password==user.Password).FirstOrDefault();
- }
- }
- public class UserApplication
- {
- UserRepository userRepo = new UserRepository();
- public User GetByUsernameAndPassword(User user)
- {
- return userRepo.GetByUsernameAndPassword(user);
- }
- }
- public class AccountController : Controller
- {
- UserApplication userApp = new UserApplication();
- SessionContext context = new SessionContext();
- public ActionResult Login()
- {
- return View();
- }
- [HttpPost]
- public ActionResult Login(User user)
- {
- var authenticatedUser = userApp.GetByUsernameAndPassword(user);
- if (authenticatedUser != null)
- {
- context.SetAuthenticationToken(authenticatedUser.UserId.ToString(),false, authenticatedUser);
- return RedirectToAction("Index", "Home");
- }
- return View();
- }
- public ActionResult Logout()
- {
- FormsAuthentication.SignOut();
- return RedirectToAction("Index", "Home");
- }
- public class SessionContext
- {
- public void SetAuthenticationToken(string name, bool isPersistant, User userData)
- {
- string data = null;
- if (userData != null)
- data = new JavaScriptSerializer().Serialize(userData);
- FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, name, DateTime.Now, DateTime.Now.AddYears(1), isPersistant, userData.UserId.ToString());
- string cookieData = FormsAuthentication.Encrypt(ticket);
- HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieData)
- {
- HttpOnly = true,
- Expires = ticket.Expiration
- };
- HttpContext.Current.Response.Cookies.Add(cookie);
- }
- public User GetUserData()
- {
- User userData = null;
- try
- {
- HttpCookie cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
- if (cookie != null)
- {
- FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value);
- userData = new JavaScriptSerializer().Deserialize(ticket.UserData, typeof(User)) as User;
- }
- }
- catch (Exception ex)
- {
- }
- return userData;
- }
- }
- <authentication mode="Forms">
- <forms loginUrl="~/Account/Login" timeout="2880" />
- </authentication>
- [Authorize]
- public class ClassController : Controller
- {
- ...
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement