Last active
May 16, 2018 12:54
-
-
Save bhdryrdm/a64a197fd7a0dbcd77865c6638bca616 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using DevF_LABS.Presentation.Filter; | |
using DevF_LABS.RequestResponse; | |
using DevF_LABS.RequestResponse.BrokenAuth; | |
using System; | |
using System.Linq; | |
using System.Web; | |
using System.Web.Mvc; | |
using System.Web.Security; | |
namespace DevF_LABS.Presentation.Controllers | |
{ | |
public class BrokenAccessController : BaseController | |
{ | |
private const string cookieName = "DevF_LABS_BrokenAccessAuth_CustomCookie"; | |
public ActionResult Index() => View(); | |
[HttpPost] | |
[ValidateAntiForgeryToken] | |
public JsonResult Login(BrokenAccess_S1_LoginRequest request) | |
{ | |
BaseResponse response = new BaseResponse(); | |
if(request.BrokenAccess_S1_LoginRequest_Email == "admin@devf.com" && request.BrokenAccess_S1_LoginRequest_Password == "123") | |
{ | |
if(request.BrokenAccess_S1_LoginRequest_LoginType) | |
{ | |
String cookieValue = $"SessionID:{Session.SessionID}-Email:{request.BrokenAccess_S1_LoginRequest_Email}-IP:{Request.UserHostAddress}"; | |
FormsAuthentication.SetAuthCookie(cookieValue, true); | |
response.Message = "Tebrikler... Gizli sayfayı görebilirsiniz! /BrokenAccess/SecretPageDefault . " + | |
"Tekrar giriş yapabilmek için lütfen sayfayı yenileyin!"; | |
return Json(response); | |
} | |
else | |
{ | |
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket | |
( | |
name: request.BrokenAccess_S1_LoginRequest_Email, | |
cookiePath: FormsAuthentication.FormsCookiePath, | |
issueDate: DateTime.Now, | |
expiration: DateTime.Now + FormsAuthentication.Timeout, | |
isPersistent: true, | |
userData: $"SessionID:{Session.SessionID};Email:{request.BrokenAccess_S1_LoginRequest_Email};IP:{Request.UserHostAddress};{request.BrokenAccess_S1_LoginRequest_Password}", | |
version: 1 | |
); | |
HttpCookie httpCookie = new HttpCookie(cookieName, FormsAuthentication.Encrypt(ticket)); | |
httpCookie.Expires = DateTime.Now.AddMonths(1); | |
httpCookie.HttpOnly = true; | |
if (Request.Cookies.AllKeys.Contains(cookieName)) | |
Response.SetCookie(httpCookie); | |
else | |
Response.AppendCookie(httpCookie); | |
response.Message = "Tebrikler... Gizli sayfayı görebilirsiniz! /BrokenAccess/SecretPageCustom ." + | |
"Tekrar giriş yapabilmek için lütfen sayfayı yenileyin!"; | |
return Json(response); | |
} | |
} | |
response.IsSuccess = false; | |
response.Message = "Kullanıcı bulunmadı!"; | |
response.ResponseCode = 404; | |
return Json(response); | |
} | |
[Authorize] | |
public ActionResult SecretPageDefault() | |
{ | |
ViewBag.Username = HttpContext.User.Identity.Name; | |
return View("~/Views/BrokenAccess/SecretPage.cshtml"); | |
} | |
[BrokenAccessAuthorizeFilter] | |
public ActionResult SecretPageCustom() | |
{ | |
ViewBag.Username = Session[Session.SessionID + "-BrokenAccessUser"]; | |
return View("~/Views/BrokenAccess/SecretPage.cshtml"); | |
} | |
public ActionResult AuthorityForgottenPage() => View(); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment