The following lines do not work. The bool is always false. I have been having trouble getting danni's site to work so if the reply is too short it's 'cuz I typed in the longer version three times and got errrors.
FormsAuthentication.SetAuthCookie(login.EmailAddress, login.RememberMe);
bool isauth = User.Identity.IsAuthenticated;
Here is the login controller;
/*Author: Cameron Block*/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
using CameronBlog.Models;
namespace CameronBlog.Controllers {
public class LoginController : Controller {
// GET: Login
public ActionResult Index() {
return View();
}//end method
[HttpGet]
public ActionResult Login() {
return View();
}//end method
[HttpPost]
public ActionResult Login(Models.Login login) {
if (ModelState.IsValid) {
if (login.IsValid()) {
FormsAuthentication.SetAuthCookie(login.EmailAddress, login.RememberMe);
bool isauth = User.Identity.IsAuthenticated;
return RedirectToAction("Index", "Home");
}
else {
ModelState.AddModelError("", "Incorrect email or password. ");
}
}
return View(login);
}//end method
public ActionResult Logout() {
FormsAuthentication.SignOut();
return RedirectToAction("Index", "Home");
}//end method
}//end class
}//end namespaceHere is the markup;
<!-- Author: Cameron Block -->
@model CameronBlog.Models.Login
@{
ViewBag.Title = "Login";
}
<div class="jumbotron">
<h1>Login</h1>
<p class="lead">Log into Cameron's Web Blog. </p>
</div>
@using (Html.BeginForm("Login", "Login", new { @class = "form-horizontal" })) {
@Html.ValidationSummary(true, "Login Failed. Check your login credentials. ");
<div class="row">
<div class="col-md-5">
<div class="form-group">
@Html.LabelFor(login => login.EmailAddress, new { @class = "control-label col-sm-3" })
<div class="col-sm-9 form-control-static">
@Html.TextBoxFor(login => login.EmailAddress, new { @class = "form-control" })
@Html.ValidationMessageFor(login => login.EmailAddress)
</div>
</div>
<div class="form-group">
@Html.LabelFor(login => login.Password, new { @class = "control-label col-sm-3" })
<div class="col-sm-9 form-control-static">
@Html.PasswordFor(login => login.Password, new { @class = "form-control" })
@Html.ValidationMessageFor(login => login.Password)
</div>
</div>
<div class="form-group">
<div class="col-sm-6 form-control-static">
@Html.CheckBoxFor(login => login.RememberMe, new { @class = "form-control col-sm-4" })
</div>
@Html.LabelFor(login => login.RememberMe, new { @class = "col-sm-4" })
</div>
</div>
</div>
<input type="submit" class="btn btn-primary" value="Log In" />
}Here is the Login Model;
/*Author: Cameron Block*/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.ComponentModel.DataAnnotations;
using CameronBlog.Repositories;
namespace CameronBlog.Models {
/// <summary>
/// The object associated with the login procedure.
/// </summary>
public class Login {
/// <summary>
/// The User's Email Address.
/// </summary>
[Required]
[Display(Name = "User Name")]
public String EmailAddress {
get; set;
}//end property
/// <summary>
/// The User's password.
/// </summary>
[Required]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public String Password {
get; set;
}//end property
/// <summary>
/// Login control can remember users when they log in next time.
/// </summary>
[Display(Name = "Remember Me")]
public bool RememberMe {
get; set;
}//end property
public bool IsValid() {
try {
using (UserRepository usrRepo = new UserRepository()) {
usrRepo.BeginTransaction();
return usrRepo.IsValidLogin(this);
}
}
catch (Exception ex) {
return false;
}
}//end method
}//end class
}//end namespaceHere is the User object;
/*Author: Cameron Block*/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Web;
using System.Configuration;
namespace CameronBlog.Models {
/// <summary>
/// Representation of users in the blogging system.
/// </summary>
public class User {
/// <summary>
/// Unique identifier for group used by program and database layer.
/// </summary>
public int UserId {
get; set;
}
/// <summary>
/// The user's email address.
/// </summary>
public String EmailAddress {
get; set;
}
/// <summary>
/// A hash of the users password is stored in the database and used for logins.
/// Storing a hash is more secure than storing plaintext.
/// No Company should have a comprehensive plaintext wordlist of it's users.
/// SHA-256 with a byte array storage size of 256
/// </summary>
public byte[] PasswordHash {
get; set;
}
public User() {
}
public void SetPassword(String password) {
//get salt from web config
byte[] salt = Encoding.UTF8.GetBytes(System.Configuration.ConfigurationManager.AppSettings["salt"].ToString());
byte[] passBytes = Encoding.UTF8.GetBytes(password);
//perpend salt to password
byte[] catPass = salt.Concat(passBytes).ToArray();
//call all the hash algorithims here
HashAlgorithm hashAlg = SHA512.Create();
this.PasswordHash = hashAlg.ComputeHash(catPass);
}//end method
public bool ComparePassword(String password) {
//get salt from web config
byte[] salt = Encoding.UTF8.GetBytes(System.Configuration.ConfigurationManager.AppSettings["salt"].ToString());
byte[] passBytes = Encoding.UTF8.GetBytes(password);
//perpend salt to password
byte[] catPass = salt.Concat(passBytes).ToArray();
//call all the hash algorithims here
HashAlgorithm hashAlg = SHA512.Create();
byte[] incomingHash = hashAlg.ComputeHash(catPass);
if (incomingHash.SequenceEqual(this.PasswordHash))
return true;
return false;
}//end method
}//end class
}//end namespaceP.S. There may be a length problem with the site.
Your community is lame. I have posted about 3 discussions here about professional programming and no-body could help.
@overwraith. It's a two way street. There are some that demand support but all this is volunteer like other forums. I see you dumped a lot of code so folk may shy away. Be precise with what is broken. Keep it short.
Also, read https://www.daniweb.com/programming/threads/435023/read-this-before-posting-a-question
I think your post may have failed the "What is wrong with my code?" concept.
I have a workaround of sorts, I will be looking into entity framework Identity framework for future projects, but instead of a cookie I will be using Session variables to store user name on the server. After the user logs in the user will have a session variable populated with their user name/email address, If the variable is null the user is re-directed to the login page. The user name can be used with a standard cookie, but it is not advisable to use a password cookie of the standard nature.
In addition here is an example of my IsValidLogin method:
public bool IsValidLogin(Login login) {
bool isValid = false;
ISession session = OpenSession();
using (ITransaction tx = session.BeginTransaction()) {
User user = session.Query<User>()
.Where(usr => usr.EmailAddress.ToLower() == login.EmailAddress.ToLower() && usr.IsActive == true)
.ToList()
.First();
isValid = user.ComparePassword(login.Password);
}
return isValid;
}//end methodI added another method where the program checks if the user has been banned or not, Ex: IsActive.
Here is my Login method on the login controller;
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Login(Models.Login login) {
if (login.RememberMe) {
HttpCookie cookie = new HttpCookie("AdHockeyLogin");
cookie.Values.Add("UserName", login.EmailAddress);
cookie.Values.Add("RememberMe", login.RememberMe.ToString());
cookie.Expires = DateTime.Now.AddDays(15);
Response.Cookies.Add(cookie);
}
if (ModelState.IsValid) {
if (login.IsValid()) {
//log the user login attempt
log.Debug(String.Format("User {0} logged in. ", login.EmailAddress));
Session["USER_NAME"] = login.EmailAddress.ToString();
Session["PASSWORD"] = login.Password.ToString();
return RedirectToAction("Index", "Home");
}
else {
ModelState.AddModelError("", "Incorrect email or password. ");
}
}
return View("index", login);
}//end methodWe're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.