public ActionResult Login( Models.User user )
{
if( ModelState.IsValid ) {
//Check if password is valid
if( user.IsPasswordValid( user.Username, user.Password ) ) {
//Password is valid, create authentication cookie
FormsAuthentication.SetAuthCookie( user.Username, false );
//Update LastLoginDate in the database for future usage statistics
user.UpdateLastLoginDate( user.Username );
//Refresh site
return RedirectToAction( "Index", "Index" );
}
else {
//Username or password is not valid, display an error
//For additional security do not specify if username exists
ModelState.AddModelError( "", "Username or password is incorrect" );
}
}
return View( user );
}
public ActionResult Create( Models.User user )
{
if( ModelState.IsValid ) {
//Check if username already exists in the database
if( user.IsUsernameInUse( user.Username ) ) {
ModelState.AddModelError( "", "Username already exists, please try a different one" );
}
else {
//Username does not exist, create new user
user.CreateNewUser( user.Username, user.Password );
//Create authentication cookie for new account
FormsAuthentication.SetAuthCookie( user.Username, false );
//Update LastLoginDate in the database for future usage statistics
user.UpdateLastLoginDate( user.Username );
//Refresh site
return RedirectToAction( "Index", "Index" );
}
}
return View( user );
}
