// GET: see profile if logged in
public IActionResult Profile()
{
// if try access profile without login, go to login page
var loginCust = HttpContext.Session.GetObject <Customers>("login");
if (loginCust == null)
{
return(View("Login"));
}
else
{
var id = loginCust.CustomerId;
var profile = CustomerProfileManager.Find(id);
//return View(loginCust);
return(View(profile));
}
}
public async Task <IActionResult> Login(LoginViewModel login)
{
// compare input username and password against database
var cust = await CustomerProfileManager.CompareLogin(login.username, login.password);
if (cust != null)
{
// if username and pin match, add user to session
HttpContext.Session.SetObject("login", cust);
// direct to history page, with parameter customerId
return(RedirectToAction("CustomerHistory", new { customerId = cust.CustomerId }));
}
else
{
// if username and pin don't match, go back to login page with error msg
ViewBag.msg = "Sorry, username or password is invalid.";
return(View("Login"));
}
}
public async Task <IActionResult> Register(UserViewModel user)
{
// 1. do server side validation. 2. if validation failed, go to register page with old inputs and error message.
if (!ValidateUser(user))
{
ViewBag.msg = "validation failed, please fill in valid information and try again.";
return(View("Register", user));
}
else
{
// 3. if validation passed, create a Customers obj from received UserViewModel, insert into DB
var newCust = new Customers
{
CustLastName = user.CustLastName,
CustFirstName = user.CustFirstName,
CustBusPhone = Regex.Replace(user.CustBusPhone, @"[-.]", ""), // remove . and -
CustPostal = user.CustPostal.Replace('-', ' ').ToUpper(), // T2G-1X6 => T2G 1X6
CustHomePhone = user.CustHomePhone != null?Regex.Replace(user.CustHomePhone, @"[-.]", "") : null,
CustAddress = user.CustAddress,
CustCity = user.CustCity,
CustCountry = user.CustCountry,
CustEmail = user.CustEmail,
CustProv = user.CustProv.ToUpper(), // ab => AB
Password = user.Password,
Username = user.Username
};
try
{
// 4. if insert successfully, go to login page show success msg
await CustomerProfileManager.Add(newCust);
ViewBag.success = "Congratulations! Your account is active now, please log in.";
return(View("Login"));
}
catch (Exception e)
{
// 5. if insert failed, go to register page with old inputs and error msg
ViewBag.msg = "username is already in use, please login.";
ViewBag.reason = e.InnerException.Message; // sqlserver exception message, not very readable
return(View("Register", user));
}
}
}
