private bool Authorize(LoginModel model)
{
//Check if user is in DB and write into cookie
if (!string.IsNullOrEmpty(model.Name) && !string.IsNullOrEmpty(model.Password))
{
string hash;
using (MD5 md5Hash = MD5.Create())
{
hash = GetMd5Hash(md5Hash, model.Password);
}
//TODO: check if db contains user with same Name and hash
User user;
using (qStoreDBEntities db = new qStoreDBEntities())
{
user = db.Users.FirstOrDefault(x => x.Email == model.Name && x.PassHash == hash);
}
if (user != null)
{
var cookie = new HttpCookie("credentials", model.Name);
cookie.Expires = DateTime.Now.AddDays(2);
Response.Cookies.Add(cookie);
return true;
}
}
return false;
}
public ActionResult SendLogIn(LoginModel model)
{
if (Authorize(model))
{
return Redirect(model.ReturnUrl);
}
else
{
ModelState.AddModelError("Name", "Incorrect User Name or Password");
return View("LogIn", model);
}
}
