public IHttpResponse PostLoginView(IHttpRequest request)
{
var usernameOrEmail = request.FormData["usernameOrEmail"].ToString().Trim();
var password = request.FormData["password"].ToString();
var isEmail = Regex.IsMatch(WebUtility.UrlDecode(usernameOrEmail), EmailRegex);
var isUsername = Regex.IsMatch(usernameOrEmail, UsernameRegex);
if ((!isEmail && !isUsername) || usernameOrEmail.Length < UsernameOrEmailLength)
{
return(this.ErrorView(InvalidCredentials));
}
var hashedPassword = this.HashService.Hash(password);
var user = this.Db.Users.FirstOrDefault(
u =>
(u.Username == usernameOrEmail && u.Password == hashedPassword) ||
(u.Email == usernameOrEmail && u.Password == hashedPassword));
if (user == null)
{
return(this.ErrorView(InvalidUsernameEmailOrPassword));
}
var cookieContent = this.UserCookieService.GetUserCookie(usernameOrEmail);
//request.Session.AddParamter("username", cookieContent);
var cookie = new HttpCookie(".auth-cookie", cookieContent);
cookie.SetPath("/");
var response = new RedirectResult("/");
response.AddCookie(cookie);
return(response);
}
