Changed webservice authentication to use configured membership provider.

[TFS Changeset #63868]
2010-02-09 11:01:18 +00:00
parent 8ac0e2fa54
commit 851b565294
1 changed files with 14 additions and 7 deletions
--- a/components/umbraco.webservices/BaseWebService.cs
+++ b/components/umbraco.webservices/BaseWebService.cs
@@ -9,6 +9,8 @@ using System.Web.UI.WebControls.WebParts;
 using System.Web.UI.HtmlControls;
 using System.Web.Services;
 using System.Web.Services.Protocols;
+using umbraco.BusinessLogic;
+using System.IO;

 namespace umbraco.webservices
 {
@@ -45,19 +47,24 @@ namespace umbraco.webservices
        /// </summary>
        public umbraco.BusinessLogic.User GetUser(string username, string password)
        {
+           
+            User u = new User(username);
+            if(!HttpContext.Current.Request.Url.Scheme.Equals("https"))
+                BusinessLogic.Log.Add(BusinessLogic.LogTypes.Debug, u, -1, "Webservices login attempted without https");
+
            try
            {
-                umbraco.BusinessLogic.User u =
-                    new umbraco.BusinessLogic.User(username, password);
-                if (u == null || u.Id == -1)
-                    throw new ArgumentException("Invalid username/password");
-
-                return u;
+                if (Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].ValidateUser(username, password))
+                {
+                    BusinessLogic.Log.Add(BusinessLogic.LogTypes.Login, u, -1,"Webservices");
+                    return u;
+                }
            }
            catch
            {
-                return null;
+                
            }
+            return null;
        }