This repository has been archived on 2023-12-31. You can view files and clone it, but cannot push or open issues or pull requests.
EDA263/lab3/cs_lab3/myWebApplication/login.aspx.cs
2022-02-23 14:05:00 +01:00

48 lines
1.4 KiB
C#

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Security.Cryptography;
namespace myWebApplication
{
public partial class login : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void submit_Click(object sender, EventArgs e)
{
String record;
if ((record = SQLaccess.checkUserPass(txtusername.Text, txtpassword.Text)) == null)
{
//no such user, redirect
Response.Redirect("login.aspx");
}
//this is a problem
else
{
//set cookie
//generate secure random number as session cookie
byte [] b = new byte[10];
RandomNumberGenerator rng = RandomNumberGenerator.Create();
rng.GetBytes(b);
String sid = Helpers.CalculateMD5Hash(b);
HttpCookie auth = new HttpCookie("auth",sid);
//write session cookie to database for user
SQLaccess.InsertSessionID(record, sid);
Session["auth"] = auth;
Response.Cookies.Add(auth);
Response.Redirect("default.aspx?page=0");
}
}
}
}