asp.net mvc - nopCommerce / Logging user in programmatically via API or Controller -


i'm trying nopcommerce (using 3.2) , how login/authenticate user programmatically. objective log user in phonegap-based mobile app. i'm weak on security/authentication/etc, please correct me if i'm not doing properly, here's strategy...

i've duplicated nopcom's login action in customercontroller , called loginmobile. pass user info, send username , password (over ssl) in base64 encoding decode in controller, , pull out user , pass. works. issue i'm having when call authenticationservice.signin(...,...) nopcom method, user never getting authenticated though signin method seems work perfectly. i'll put code below, it's using same exact calls in same controller. why wouldn't user authenticated?

also, strategy logging in user on phonegap app use ajax post call requisite added info in headers pass user info. i'm using fiddler test , seems working. 

    [httppost] public actionresult loginm() {     var username = "";     var password = "";     customerloginresults loginresult = new customerloginresults();     var authheader = this.controllercontext.httpcontext.request.headers.get("authorization");      debug.print("authheader >" + authheader.tostring() + "<");      if (authheader.startswith("basic", stringcomparison.ordinalignorecase) &&         !string.isnullorwhitespace(authheader))     {         debug.print("authheader found basic authentication");          var authsplit = authheader.split(' ');          if (authsplit[1].length > 0)         {             var rawcredentials = authsplit[1].trim();             var encoding = encoding.getencoding("iso-8859-1");             var credentials = encoding.getstring(convert.frombase64string(rawcredentials));             var split = credentials.split(':');             username = split[0];             password = split[1];              loginresult = _customerregistrationservice.validatecustomer(username, password);             switch (loginresult)             {                 case customerloginresults.successful:                     {                         var customer = _customerservice.getcustomerbyusername(username);                          //migrate shopping cart                         _shoppingcartservice.migrateshoppingcart(                             _workcontext.currentcustomer,                              customer,                              true);                          //sign in new customer                         _authenticationservice.signin(customer, true);                          //activity log                         _customeractivityservice.insertactivity("publicstore.login",                              _localizationservice.getresource("activitylog.publicstore.login"),                              customer);                          break;                     }                 default:                     {                         break;                     }              }         }      }     // random test code     return json(         new {              userguid = "0123456789",             username = username,             password = password,             loginresult = loginresult,             isauth = this.controllercontext.httpcontext.user.identity.isauthenticated         });  }

side note... trying follow along pluralsight's api course go through securing api basic authentication using custom attribute , passing info via headers. less successful that. while tried use same code here, couldn't user show registered. @ least controller method, can user signed in properly. including in case trying sort out similar problem.

my best shot information provide have problem cookie handling. signin sets cookie called nopcommerce.auth needs sent again every request keep user authenticated.

my suggestion use fiddler you're doing now, check presence of cookie.

  1. does server send cookie app after successful login?
  2. does app send again server next request?

the problem, , solution, different in both cases.

kind regards.


Comments

Post a Comment

Popular posts from this blog

apache - Remove .php and add trailing slash in url using htaccess not loading css -

i have add following code htaccess file removing .php extension , add trailing slash urls. worked fine reduced page loading speed , css code not loading @ all. pages ugly. please help rewriteengine on rewritebase / ## hide .php extension snippet # externally redirect /dir/foo.php /dir/foo rewritecond %{the_request} ^[a-z]{3,}\s([^.]+)\.php [nc] rewriterule ^ %1/ [r,l] # add trailing slash rewritecond %{request_filename} !-f rewritecond %{request_uri} !/$ rewriterule . %{request_uri}/ [l,r=301] # internally forward /dir/foo /dir/foo.php rewritecond %{request_filename} !-d rewritecond %{request_filename}.php -f rewriterule ^(.*?)/?$ $1.php [l] we can rewrite urls using .htaccess files. before writing in .htaccess files need verify kind of server using. can check server adding a <?php phpinfo(); ?> in php page. ensure mod_rewrite module enabled in apache server. can identified checking phpinfo included page. common methods used url rewriting follows ...
Read more

javascript - jQuery show full size image on click -

pretty self explanatory not workking . i want display full image when user click on image... yes know there tons of plugins but i want keep simple. any idea ? css : .full { display: none; width: 500px; height: 500px; margin-left: 100px; margin-top: -300px; position: fixed; background-color: #f00; z-index: 6; } .thumbnail { width: 50px; height: 50px; } html: <img class="thumbnail" src="http://4.bp.blogspot.com/-uhbdp2esxng/txneptvi92i/aaaaaaaaaky/upfqis7zto0/s1600/rihanna-wallpaper.jpg"> jquery: $(document).ready(function() { $('.thumbnail').on('click', function() { var img = $('<img />',{src:this.src,'class':'full'}); $('.full').html(img).show(); console.log('done!'); }); }); try looking how jquery works. $(document).ready(function() { $('.thumbnail').on('click', function(...
Read more