private bool Authorize(LoginModel model) { //Check if user is in DB and write into cookie if (!string.IsNullOrEmpty(model.Name) && !string.IsNullOrEmpty(model.Password)) { string hash; using (MD5 md5Hash = MD5.Create()) { hash = GetMd5Hash(md5Hash, model.Password); } //TODO: check if db contains user with same Name and hash User user; using (qStoreDBEntities db = new qStoreDBEntities()) { user = db.Users.FirstOrDefault(x => x.Email == model.Name && x.PassHash == hash); } if (user != null) { var cookie = new HttpCookie("credentials", model.Name); cookie.Expires = DateTime.Now.AddDays(2); Response.Cookies.Add(cookie); return true; } } return false; }
public ActionResult SendLogIn(LoginModel model) { if (Authorize(model)) { return Redirect(model.ReturnUrl); } else { ModelState.AddModelError("Name", "Incorrect User Name or Password"); return View("LogIn", model); } }