public ActionResult StaffLogin(IFormCollection formData) { //Email address converted to lowercase string loginID = formData["username"].ToString().ToLower(); string password = formData["password"].ToString(); int id = 0; CustomerDAL customerDAL = new CustomerDAL(); FlightPersonnelDAL flightPersonnelDAL = new FlightPersonnelDAL(); if (flightPersonnelDAL.VaildAdmin(email: loginID, password: password, staffID: out id)) { //Store Login ID in session with the key "LoginID" HttpContext.Session.SetInt32("id", id); //Store the user role "Staff" as a string in session with the key "Role" HttpContext.Session.SetString("Role", "Admin"); //Redirect use to the Staff Main return(RedirectToAction("Index", "Home")); } else if (customerDAL.VaildCustomer(email: loginID, password: password, customerID: out id)) { //Store Login ID in session with the key "LoginID" HttpContext.Session.SetInt32("id", id); //Store Password in session with the key "password" HttpContext.Session.SetString("password", password); //Store the user role "Customer" as a string in session with the key "Role" HttpContext.Session.SetString("Role", "Customer"); //Store login datetime in session as a string HttpContext.Session.SetString("Datetime", @DateTime.Now.ToString()); //Redirect use to the Staff Main return(RedirectToAction("CustomerMain")); } else if (flightPersonnelDAL.VaildStaff(email: loginID, password: password, staffID: out id)) { //Store Login ID in session with the key "LoginID" HttpContext.Session.SetInt32("id", id); //Store the user role "Staff" as a string in session with the key "Role" HttpContext.Session.SetString("Role", "Staff"); //Redirect use to the Staff Main return(RedirectToAction("StaffMain")); } else { //Store an error message in TempData for display at the index view TempData["Message"] = "Invalid Login Credentials!"; //Redirect user back to the index view through an action return(RedirectToAction("Index")); } }
public ActionResult StaffMain() { //Stop accessing the action if not logged in //or account not in the "Staff" Role if ((HttpContext.Session.GetString("Role") != null) || (HttpContext.Session.GetString("Role") == "Staff")) { int id = (int)HttpContext.Session.GetInt32("id"); List <FlightPersonnel> flightPersonnels = new FlightPersonnelDAL().GetAllFlightPersonal(id); return(View(flightPersonnels)); } return(RedirectToAction("Index", "Home")); }