Exemple #1
0
        public ActionResult Index(UserAccount UA)
        {
            string ErrorMessage = string.Empty;

            if (!string.IsNullOrEmpty(UA.Password) && !string.IsNullOrEmpty(UA.AccountNo))
            {
                UA.Password = Security.Encrypt <string>(UA.Password);
                UA.SystemIp = GetRemoteIp.GetIPAddress(HttpContext);
                UserAccount U = _userDao.AuthenticateUser(UA);
                if (U != null && U.UserRole != null)
                {
                    if (!U.IsLocked && U.Status == null)
                    {
                        Session["UserAccount"] = U;
                        string SystemIP = GetRemoteIp.GetIPAddress(HttpContext);
                        _userDao.SaveUserAccountLoginLog(U.GUID.ToString(), SystemIP);
                        if (U.IsPasswordChanged)
                        {
                            if (U.UserRole.Id == 1)
                            {
                                return(RedirectToRoute("Admin_Index"));
                            }
                            else if (U.UserRole.Id == 2)
                            {
                                return(RedirectToRoute("Admin_Index"));
                            }
                            else if (U.UserRole.Id == 3)
                            {
                                return(RedirectToRoute("Admin_Index"));
                            }
                            else
                            {
                                return(RedirectToAction("Logout", "Login"));
                            }
                        }
                        else
                        {
                            return(RedirectToAction("ResetFirstTimePassword"));
                        }
                    }
                    else if (U.IsLocked && U.Status == "Locked")
                    {
                        ErrorMessage = "You have made 5 unsuccessful attempts. Your account has been locked.";
                    }
                    else if (U.Status == "Invalid Password")
                    {
                        ErrorMessage = "Invalid password.";
                    }
                }
                else
                {
                    ErrorMessage = "Invalid account no or password.";
                }
            }
            ViewBag.Error = ErrorMessage;
            return(View());
        }