public IHttpActionResult Authenticate(user model)
{
using (var context = new NGOEventsEntities())
{
UserRequest userRequest = new UserRequest {
};
userRequest.Username = model.email.ToLower();
userRequest.Password = model.password;
bool isUsernamePasswordValid = false;
if (model != null)
{
isUsernamePasswordValid = context.users.Any(x => x.email == model.email && x.password == model.password);
}
//if credentials are valid
if (isUsernamePasswordValid)
{
var userDetails = context.users.Where(x => x.email == model.email && x.password == model.password).FirstOrDefault();
int id = userDetails.userID;
string role = userDetails.role;
return(Ok(createToken(model, id, role)));
}
else
{
// if credentials are not valid send unauthorized status code in response
return(Content(HttpStatusCode.NotFound, "Wrong username and/or password!"));
}
}
}
public ActionResult login(user model)
{
using (var context = new NGOEventsEntities())
{
var userDetails = context.users.Where(x => x.email == model.email && x.password == model.password).FirstOrDefault();
bool isValid = context.users.Any(x => x.email == model.email && x.password == model.password);
if (!isValid || userDetails == null)
{
ViewBag.Message = "Wrong Email and/or Password";
return(View());
}
else
{
Session["role"] = userDetails.role;
Session["email"] = userDetails.email;
Session["firstName"] = userDetails.firstName;
Session["lastName"] = userDetails.lastName;
Session["userID"] = userDetails.userID;
FormsAuthentication.SetAuthCookie(model.email, false);
if (userDetails.role == "admin")
{
return(RedirectToAction("Index", "AdminView"));
}
return(RedirectToAction("Index", "UserView"));
}
}
}
