Example #1
0
        public ActionResult Login(LoginModel model)
        {
            if (ModelState.IsValid)
            {
                string password            = model.Password;
                VideoGameStoreDBContext db = new VideoGameStoreDBContext();
                var users = db.Users.Where(u => u.email == model.Email).ToList();
                if (users.Count == 1)
                {
                    User   user           = users.FirstOrDefault();
                    string hashedPassword = user.user_password;
                    if (CheckPassword(password, hashedPassword))
                    {
                        var role = "";
                        if (user.is_admin)
                        {
                            role = "Admin";
                        }
                        else if (user.is_employee)
                        {
                            role = "Employee";
                        }
                        else if (user.is_member)
                        {
                            role = "Member";
                        }
                        else
                        {
                            role = "Customer";
                        }
                        var identity = new ClaimsIdentity(new[] {
                            new Claim(ClaimTypes.Name, user.username),
                            new Claim(ClaimTypes.Email, user.email),
                            new Claim(ClaimTypes.Role, role)
                        },
                                                          "ApplicationCookie");
                        var context     = Request.GetOwinContext();
                        var authManager = context.Authentication;

                        authManager.SignIn(identity);

                        return(RedirectToAction("Index", "Home"));
                    }
                    ModelState.AddModelError("", "Incorrect password.");
                    return(View(model));
                }
                else
                {
                    ModelState.AddModelError("", "Email address not found.");
                    return(View(model));
                }
            }

            else
            {
                ModelState.AddModelError("", "Invalid email or password.");
                return(View(model));
            }
        }
Example #2
0
        public ActionResult Register(User user)
        {
            if (ModelState.IsValid)
            {
                string password       = user.user_password;
                string hashedPassword = Crypto.HashPassword(password);

                user.user_password = hashedPassword;

                VideoGameStoreDBContext db = new VideoGameStoreDBContext();
                db.Users.Add(user);
                db.SaveChanges();
                return(RedirectToAction("Index", "Home"));
            }
            else
            {
                ModelState.AddModelError("", "One or more fields are invalid");
                return(View());
            }
        }
Example #3
0
        public bool CheckPassword(string plainTextPassword, string hashedPassword)
        {
            VideoGameStoreDBContext db = new VideoGameStoreDBContext();

            return(Crypto.VerifyHashedPassword(hashedPassword, plainTextPassword));
        }