public ActionResult Login(Login l)
{
try
{
if (l.Id == null || l.Password == null)
{
return(View(l));
}
if (s.IsValidLogin((int)l.Id, l.Password))
{
EmployeeService es = new EmployeeService();
Employee e = es.GetEmployee((int)l.Id);
Session["EmployeeId"] = l.Id;
Session["Credential"] = s.GetLoginCredential((int)l.Id);
Session["Name"] = e.FirstName + " " + e.LastName;
return(RedirectToAction("Index", "Home"));
}
else
{
l.AddError(new ValidationError("Login Failed"));
}
return(View(l));
}
catch (Exception ex)
{
return(View("Error", new HandleErrorInfo(ex, "Login", "Login")));
}
}
private bool IsValidEntity(Login login)
{
ValidationContext context = new ValidationContext(login);
List <ValidationResult> results = new List <ValidationResult>();
bool isValid = Validator.TryValidateObject(login, context, results, true);
foreach (ValidationResult r in results)
{
login.AddError(new Error(login.Errors.Count, r.ErrorMessage, "Model"));
}
return(isValid);
}
public ActionResult Index(Login login)
{
byte[] passtohash = System.Text.Encoding.UTF8.GetBytes(login.Password);
login.Password = Md5hash(passtohash);
LoginDTO loginDTO = service.GetLoginInformation(login);
if (login.EmployeeId < 10000000 || login.EmployeeId > 99999999)
{
login.AddError(new Error(8, "Employee ID must be an 8 digit number", "Model"));
return(View(login));
}
if (loginDTO == null)
{
login.AddError(new Error(9, "Employee ID and/or Password incorrect", "Model"));
return(View(login));
}
else if (loginDTO.Status != EmploymentStatus.Active)
{
login.AddError(new Error(10, "Employee is not active", "Business"));
return(View(login));
}
System.Web.HttpContext.Current.Session["employeeId"] = loginDTO.EmployeeId;
System.Web.HttpContext.Current.Session["employeeName"] = loginDTO.EmployeeName;
System.Web.HttpContext.Current.Session["employeeType"] = (int)loginDTO.EmployeeType;
System.Web.HttpContext.Current.Session["department"] = loginDTO.Department;
if (Session["browsePoId"] != null)
{
ActionResult actionResult = RedirectToAction("Browse", "PO", new { purchaseOrderId = Convert.ToInt32(Session["browsePoId"]) });
Session.Remove("browsePoId");
return(actionResult);
}
return(RedirectToAction("Welcome", loginDTO));
}
public bool Create(Login login)
{
List <ParmStruct> parms = new List <ParmStruct>()
{
new ParmStruct("@EmployeeId", login.EmployeeId, SqlDbType.Int),
new ParmStruct("@Password", login.Password, SqlDbType.NVarChar, size: 50)
};
if (IsValidId(login.EmployeeId))
{
return(db.ExecuteNonQuery("CreateLogin", CommandType.StoredProcedure, parms) > 0);
}
else
{
login.AddError(new Error(login.Errors.Count() + 1, "This employee Id does not exist.", "Business"));
return(false);
}
}
