public ActionResult Login(LoginDto login) { if (ModelState.IsValid) { var users = UnitOfWork.DocumentSession.Query<User>() .Where(u => u.Login == login.UserName) .ToList(); if (users.Any(u => u.HashedPassword.Text.ToPlainString() == login.Password)) { var user = users.Single(u => u.HashedPassword.Text.ToPlainString() == login.Password && u.Login == login.UserName); var savedSalt = user.HashedPassword.Salt.ToPlainString(); var savedHash = user.HashedPassword.Hash.ToPlainString(); if (new SaltedHash().VerifyHashString(login.Password, savedHash, savedSalt)) { HttpContext.Session[Globals.CurrentUser] = user; if (user is AgencyAdmin || user is Recruiter) { if (user is AgencyAdmin) { HttpContext.Session[Globals.Agency] = ((AgencyAdmin) user).Agency.Id; return RedirectToAction("Recruiters", "Admin"); } if (user is Recruiter) { HttpContext.Session[Globals.Agency] = ((Recruiter)user).Agency.Id; return RedirectToAction("Inbox", "Recruiter"); } } // TODO : cookie implementation //if (login.RememberMe) } } } return View(); }
public ActionResult Login() { var model = new LoginDto(); return View(model); }