public ActionResult Login(UserModel userModel) { if (ValidateInputs(userModel)) { using (ComputerGamesLibraryContext context = new ComputerGamesLibraryContext()) { User foundUser = context.Users .Where(user => user.Username == userModel.Username) .SingleOrDefault(); bool isUserValid = foundUser != null && Crypto.VerifyHashedPassword(foundUser.HashedPassword, userModel.Password); if (isUserValid) { FormsAuthentication.SetAuthCookie(foundUser.ID.ToString(), false); Session["CurrentUserId"] = foundUser.ID; return(RedirectToAction("Index", "UserComputerGames")); } else { ModelState.AddModelError("", "User credentials are incorrect"); return(View("Login")); } } } else { return(View(userModel)); } }
public ActionResult Register(UserModel userModel) { if (IsUsernameTaken(userModel.Username)) { ModelState.AddModelError("", "Username is taken"); return(View("Register")); } if (ValidateInputs(userModel)) { // Password is hashed for extra security string hashedPassword = Crypto.HashPassword(userModel.Password); User user = new User { Username = userModel.Username, HashedPassword = hashedPassword }; using (ComputerGamesLibraryContext context = new ComputerGamesLibraryContext()) { context.Users.Add(user); context.SaveChanges(); } return(RedirectToAction("Login", "Accounts")); } else { return(View("Register", userModel)); } }
private bool IsUsernameTaken(string username) { bool isUsernameTaken; using (ComputerGamesLibraryContext context = new ComputerGamesLibraryContext()) { isUsernameTaken = context.Users.Any(user => user.Username == username); } return(isUsernameTaken); }