public ActionResult Login(UserModel userModel)
{
if (ValidateInputs(userModel))
{
using (ComputerGamesLibraryContext context = new ComputerGamesLibraryContext())
{
User foundUser = context.Users
.Where(user => user.Username == userModel.Username)
.SingleOrDefault();
bool isUserValid = foundUser != null &&
Crypto.VerifyHashedPassword(foundUser.HashedPassword, userModel.Password);
if (isUserValid)
{
FormsAuthentication.SetAuthCookie(foundUser.ID.ToString(), false);
Session["CurrentUserId"] = foundUser.ID;
return(RedirectToAction("Index", "UserComputerGames"));
}
else
{
ModelState.AddModelError("", "User credentials are incorrect");
return(View("Login"));
}
}
}
else
{
return(View(userModel));
}
}
public ActionResult Register(UserModel userModel)
{
if (IsUsernameTaken(userModel.Username))
{
ModelState.AddModelError("", "Username is taken");
return(View("Register"));
}
if (ValidateInputs(userModel))
{
// Password is hashed for extra security
string hashedPassword = Crypto.HashPassword(userModel.Password);
User user = new User
{
Username = userModel.Username,
HashedPassword = hashedPassword
};
using (ComputerGamesLibraryContext context = new ComputerGamesLibraryContext())
{
context.Users.Add(user);
context.SaveChanges();
}
return(RedirectToAction("Login", "Accounts"));
}
else
{
return(View("Register", userModel));
}
}
private bool IsUsernameTaken(string username)
{
bool isUsernameTaken;
using (ComputerGamesLibraryContext context = new ComputerGamesLibraryContext())
{
isUsernameTaken = context.Users.Any(user => user.Username == username);
}
return(isUsernameTaken);
}
