API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 4th, 2018
86
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.86 KB | None | 0 0
raw download clone embed print report
  1. <--LoginControler-->
  2. using System;
  3. using System.Collections.Generic;
  4. using System.Linq;
  5. using System.Threading.Tasks;
  6. using Microsoft.AspNetCore.Mvc;
  7. using WellnessAndSpaCentar.web.Models;
  8. using WellnessAndSpaCentar.web.ViewModels;
  9. using WellnessAndSpaCentar.web.Helper;
  10. using Microsoft.AspNetCore.Mvc.ModelBinding;
  11. using Microsoft.AspNetCore.Http;
  12.  
  13. namespace WellnessAndSpaCentar.web.Controllers
  14. {
  15. public class LoginController : Controller
  16. {
  17. private Wellness___spa_centar___RSIContext ctx = new Wellness___spa_centar___RSIContext();
  18. public IActionResult LoginPage()
  19. {
  20.  
  21. if (Authentication.GetLoggedUser(HttpContext) != null)
  22. return RedirectToAction("");
  23.  
  24. return View("LoginPage", new LoginVM());
  25. }
  26. public IActionResult VerifyRequest(LoginVM model)
  27. {
  28. User user = ctx.User.Where(x => x.UserName == model.LoginData).FirstOrDefault();
  29. if(user == null)
  30. {
  31. ModelState.AddModelError("", "User does not exist!");
  32. }
  33. else
  34. {
  35. if(!Security.UserExist(model.LoginData, model.Password, user))
  36. {
  37. ModelState.AddModelError("", "Username or password is incorrect!");
  38. }
  39. }
  40. if (!ModelState.IsValid)
  41. {
  42. return View("LoginPage", model);
  43. }
  44. Authentication.NewSession(user, HttpContext); //httpContext je null
  45. return RedirectToAction("Index", "Home");
  46. }
  47. }
  48. }
  49.  
  50.  
  51.  
  52.  
  53. <--Folder: Helper, Klasa: Autentifikacija-->
  54. using Microsoft.AspNetCore.Http;
  55. using System;
  56. using System.Collections.Generic;
  57. using System.Linq;
  58. using System.Threading.Tasks;
  59. using WellnessAndSpaCentar.web.Models;
  60.  
  61. namespace WellnessAndSpaCentar.web.Helper
  62. {
  63. public class Authentication
  64. {
  65. //Authentication is the act of confirming the truth of an attribute of a single piece of data claimed true by an entity.
  66. private const string _loggedUser = "logged_user";
  67. private IHttpContextAccessor _httpContextAccessor;
  68. public Authentication(IHttpContextAccessor httpContextAccessor)
  69. {
  70. this._httpContextAccessor = httpContextAccessor;
  71. }
  72. public static void NewSession(User user, HttpContext ctx)
  73. {
  74. ctx.Session.SetJson(_loggedUser, user);
  75. }
  76. public static void EndSession(User user, HttpContext ctx)
  77. {
  78. ctx.Session.SetJson(_loggedUser, null);
  79. // ukoliko ne bude prihvatao null koristiti ovu komandu -> ctx.Session.SetString(_loggedUser, "");
  80. }
  81. public static User GetLoggedUser(HttpContext ctx)
  82. {
  83. User user = ctx.Session.GetJson<User>(_loggedUser);
  84. if(user != null)
  85. {
  86. return user;
  87. }
  88. NewSession(user, ctx);
  89. return user;
  90. }
  91. }
  92. }
  93.  
  94.  
  95.  
  96.  
  97. <--folder Helper, klasa Autorizacija-->
  98. using Microsoft.AspNetCore.Mvc.Filters;
  99. using System;
  100. using System.Collections.Generic;
  101. using System.Linq;
  102. using System.Threading.Tasks;
  103. using WellnessAndSpaCentar.web.Models;
  104.  
  105. namespace WellnessAndSpaCentar.web.Helper
  106. {
  107. public class Authorization
  108. {
  109. //Authorization is the function of specifying access rights/privileges to resources
  110. private readonly bool _allUsers;
  111. public Authorization(bool allUsers)
  112. {
  113. _allUsers = allUsers;
  114. }
  115. public void OnAuthoritazion(AuthorizationFilterContext context)
  116. {
  117. User user = Authentication.GetLoggedUser(context.HttpContext);
  118. if(user == null)
  119. {
  120. context.HttpContext.Response.Redirect("/Login/LoginPage");//neka akcija
  121. return;
  122. }
  123. if(_allUsers && user.Active)
  124. {
  125. return;
  126. }
  127. if(!_allUsers && user.Active && user.RoleId == 1) //provjera da li je administrator
  128. {
  129. return;
  130. }
  131. if (!_allUsers && user.Active && user.RoleId == 2) //provjera da li je employee
  132. {
  133. return;
  134. }
  135. if (!_allUsers && user.Active && user.RoleId == 3) //provjera da li je client
  136. {
  137. return;
  138. }
  139. if (!_allUsers && user.Active && user.RoleId == 4) //provjera da li je supplier
  140. {
  141. return;
  142. }
  143. context.HttpContext.Response.Redirect("/Login/LoginPage");
  144. }
  145. }
  146. }
  147.  
  148.  
  149. <--folder Helper, klasa Security-->
  150. using System;
  151. using System.Collections.Generic;
  152. using System.Linq;
  153. using System.Threading.Tasks;
  154. using WellnessAndSpaCentar.web.Models;
  155.  
  156. namespace WellnessAndSpaCentar.web.Helper
  157. {
  158. public class Security
  159. {
  160. public static bool UserExist(string username, string password, User user)
  161. {
  162. if(user.UserName == username && user.Password == password)
  163. {
  164. return true;
  165. }
  166. return false;
  167. }
  168. }
  169. }
  170.  
  171.  
  172. <--folder Helper, klasa Session-->
  173. using Microsoft.AspNetCore.Http;
  174. using Newtonsoft.Json;
  175. using System;
  176. using System.Collections.Generic;
  177. using System.Linq;
  178. using System.Threading.Tasks;
  179.  
  180. namespace WellnessAndSpaCentar.web.Helper
  181. {
  182. public static class SessionExtension
  183. {
  184. public static void SetJson(this ISession session, string key, object value) => session.SetString(key, JsonConvert.SerializeObject(value));
  185. public static T GetJson<T>(this ISession session, string key) => session.GetString(key) == null ? default(T) : JsonConvert.DeserializeObject<T>(session.GetString(key));
  186. }
  187. }
  188.  
  189.  
  190. <-- folder Viewv, klasa LoginPage-->
  191. @{
  192. Layout = "_Layout";
  193. }
  194.  
  195. @model WellnessAndSpaCentar.web.ViewModels.LoginVM
  196.  
  197. <body>
  198. <div class="login-div">
  199. <div class="login-content">
  200. <img src="~/images/logo-white.png" alt="Logo" style="width:150px; height:150px;" />
  201. <h5 style="color:white; text-transform:uppercase; font-size:24px;">Wellness & spa center</h5>
  202. <form name="login-form" asp-action="VerifyRequest" method="post" onsubmit="validateForm()">
  203.  
  204. <br />
  205. <input asp-for="LoginData" name="LoginData" class="form-control" placeholder="Username" autofocus /><br/>
  206. <input asp-for="Password" name="Password" class="form-control" placeholder="Password"/><br />
  207. <button type="submit" class="btn btn-primary">Login</button><br /><br />
  208. @if (!ViewData.ModelState.IsValid)
  209. {
  210. <div asp-validation-summary="All" class="alert alert-danger"> </div>
  211. }
  212. </form>
  213. </div>
  214. </div>
  215.  
  216. </body>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!