public ActionResult Authenticate(string login, string password)
{
string passwordHash = EncodeMD5(password);
//check user exists and password is correct
if (db.People.Any(p => p.Login == login))
{
Person user = db.People.SingleOrDefault(u => u.Login == login && u.Password == passwordHash);
if (user == null)
{
ViewBag.ErrorLoginOrPassword = ErrorMessages.AuthenticateError();
return(View());
}
else
{
FormsAuthentication.SetAuthCookie(user.ID.ToString(), false);
Session["ID"] = user.ID.ToString();
Session["Login"] = user.FullName.ToString();
if ((db.Students.FirstOrDefault(p => p.ID == user.ID)) != null)
{
Session["Type"] = "Student";
}
else
{
Session["Type"] = "Instructor";
}
return(RedirectToAction("Index", "Home"));
}
}
else
{
ViewBag.ErrorLoginOrPassword = ErrorMessages.AuthenticateError();
return(View());
}
}
