[HttpPost]
public JsonResult Auth(Models.AuthForm data)
{
if (ModelState.IsValid)
{
userdata userdata = null;
try
{
userdata = db.userdatas.Single(u => u.login == data.Login && u.password == data.Password);
Response.AddHeader("Set-Cookie", "CookieName=CookieValue; path=/; HttpOnly");
Response.SetCookie(new HttpCookie("session-id") { Value = Guid.NewGuid().ToString(), HttpOnly = true });
Response.SetCookie(new HttpCookie("user-name") { Value = data.Login, HttpOnly = true });
}
catch { }
if (userdata != null) return Json(new Models.AuthResult { Value = "ok" }, JsonRequestBehavior.AllowGet);
}
return Json(new Models.AuthResult { Value = "failed" }, JsonRequestBehavior.AllowGet);
}
W0h0dHBQb3N0XQogICAgICAgIHB1YmxpYyBKc29uUmVzdWx0IEF1dGgoTW9kZWxzLkF1dGhGb3JtIGRhdGEpCiAgICAgICAgewogICAgICAgICAgICBpZiAoTW9kZWxTdGF0ZS5Jc1ZhbGlkKQogICAgICAgICAgICB7CiAgICAgICAgICAgICAgICB1c2VyZGF0YSB1c2VyZGF0YSA9IG51bGw7CiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIHRyeQogICAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgICAgIHVzZXJkYXRhID0gZGIudXNlcmRhdGFzLlNpbmdsZSh1ID0+IHUubG9naW4gPT0gZGF0YS5Mb2dpbiAmJiB1LnBhc3N3b3JkID09IGRhdGEuUGFzc3dvcmQpOwogICAgICAgICAgICAgICAgICAgIFJlc3BvbnNlLkFkZEhlYWRlcigiU2V0LUNvb2tpZSIsICJDb29raWVOYW1lPUNvb2tpZVZhbHVlOyBwYXRoPS87IEh0dHBPbmx5Iik7CiAgICAgICAgICAgICAgICAgICAgUmVzcG9uc2UuU2V0Q29va2llKG5ldyBIdHRwQ29va2llKCJzZXNzaW9uLWlkIikgeyBWYWx1ZSA9IEd1aWQuTmV3R3VpZCgpLlRvU3RyaW5nKCksIEh0dHBPbmx5ID0gdHJ1ZSB9KTsKICAgICAgICAgICAgICAgICAgICBSZXNwb25zZS5TZXRDb29raWUobmV3IEh0dHBDb29raWUoInVzZXItbmFtZSIpIHsgVmFsdWUgPSBkYXRhLkxvZ2luLCBIdHRwT25seSA9IHRydWUgfSk7CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBjYXRjaCB7IH0KICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgaWYgKHVzZXJkYXRhICE9IG51bGwpIHJldHVybiBKc29uKG5ldyBNb2RlbHMuQXV0aFJlc3VsdCB7IFZhbHVlID0gIm9rIiB9LCBKc29uUmVxdWVzdEJlaGF2aW9yLkFsbG93R2V0KTsKICAgICAgICAgICAgfQoKICAgICAgICAgICAgcmV0dXJuIEpzb24obmV3IE1vZGVscy5BdXRoUmVzdWx0IHsgVmFsdWUgPSAiZmFpbGVkIiB9LCBKc29uUmVxdWVzdEJlaGF2aW9yLkFsbG93R2V0KTsKICAgICAgICB9