Exemple #1
0
        public ActionResult Login(LoginModel model)
        {
            // clears the errors from the model
            model.ClearToaster();
            // checks if the user passed in their login data
            if (!String.IsNullOrEmpty(model.UsernameOrEmail) && !String.IsNullOrEmpty(model.Password))
            {
                using (var e = new EntityContext()) // db context
                {
                    //check username and password from database
                    CachedUser cachedUser = null;
                    var        isEmail    = CredentialsHelper.IsEmailValid(model.UsernameOrEmail);
                    if (isEmail) // is an email
                    {
                        cachedUser = Authorize.CredentialsByEmail(model.UsernameOrEmail, model.Password, e);
                    }
                    else // is username
                    {
                        cachedUser = Authorize.CredentialsByUsername(model.UsernameOrEmail, model.Password, e);
                    }

                    if (cachedUser != null)
                    {
                        //if username and password is correct, create session and return Success
                        SessionHelper.SetSessionUser(cachedUser);
                        FormsAuthentication.SetAuthCookie(cachedUser.Username, true);

                        // goes to home screen or previous screen
                        FormsAuthentication.RedirectFromLoginPage(cachedUser.Username, true);
                    }
                    // check if we can give any more detail to errors
                    var errors = Authorize.GetAuthorizeErrors();
                    if (!errors.Any()) // if no errors, throw unknown error
                    {
                        model.AddError(LoginErrors.UnknownError);
                    }
                    // if the user does not have the right username and password, don't give any more info
                    else if (errors.Contains(Authorize.AuthorizeErrorsEnum.PasswordNotVerified) ||
                             errors.Contains(Authorize.AuthorizeErrorsEnum.NoLoginData))
                    {
                        model.AddError(LoginErrors.InvalidUsernameOrPassword);
                    }
                    else // checks to see if we can find another issue
                    {
                        if (errors.Contains(Authorize.AuthorizeErrorsEnum.EmailNotConfirmed))
                        {
                            model.AddError(LoginErrors.EmailNotConfirmed);
                        }
                        if (errors.Contains(Authorize.AuthorizeErrorsEnum.LoginSuspended))
                        {
                            model.AddError(LoginErrors.Suspended);
                        }
                    }
                }
            }
            else
            {
                // throws a EmptyUsernameOrPassword error
                model.AddError(GlobalErrors.EmptyFields);
            }
            // if we got here there was an error
            return(View(model));
        }