using Bootstrap.Admin.Models; using Bootstrap.DataAccess; using Longbow.Security.Principal; using System; using System.Web.Mvc; using System.Web.Security; namespace Bootstrap.Admin.Controllers { /// /// /// public class HomeController : Controller { /// /// /// /// public ActionResult Index() { var v = new ContentModel(); v.Url = "/Content/html/dummy.html"; return View(v); } /// /// /// /// public ActionResult Lock(LockModel model) { if (!string.IsNullOrEmpty(model.Password)) { return RedirectToAction("Login", new { userName = model.UserName, password = model.Password }); } var user = UserHelper.RetrieveUsersByName(User.Identity.Name); model.UserName = user.UserName; model.DisplayName = user.DisplayName; return View(model); } /// /// /// /// /// /// /// [AllowAnonymous] public ActionResult Login(string userName, string password, string remember) { //UNDONE: 本方法有严重安全漏洞,发布前需要修正 var model = new LoginModel(); model.UserName = userName; if (LgbPrincipal.IsAdmin(userName) || UserHelper.Authenticate(userName, password)) { LgbPrincipal.SavePrincipalCookie(new LgbUser() { RealUserName = userName }); FormsAuthentication.RedirectFromLoginPage(userName, false); } return View(model); } /// /// /// /// [AllowAnonymous] public ActionResult Logout() { FormsAuthentication.SignOut(); return RedirectToAction("Login"); } /// /// /// /// [AllowAnonymous] public ActionResult Register(string userName, string displayName, string password) { var result = UserHelper.RegisterUser(userName, displayName, password); if (result) return RedirectToAction("Login"); else return View(); } } }