public ActionResult Login(LoginModel model)
{
// clears the errors from the model
model.ClearToaster();
// checks if the user passed in their login data
if (!String.IsNullOrEmpty(model.UsernameOrEmail) && !String.IsNullOrEmpty(model.Password))
{
using (var e = new EntityContext()) // db context
{
//check username and password from database
CachedUser cachedUser = null;
var isEmail = CredentialsHelper.IsEmailValid(model.UsernameOrEmail);
if (isEmail) // is an email
{
cachedUser = Authorize.CredentialsByEmail(model.UsernameOrEmail, model.Password, e);
}
else // is username
{
cachedUser = Authorize.CredentialsByUsername(model.UsernameOrEmail, model.Password, e);
}
if (cachedUser != null)
{
//if username and password is correct, create session and return Success
SessionHelper.SetSessionUser(cachedUser);
FormsAuthentication.SetAuthCookie(cachedUser.Username, true);
// goes to home screen or previous screen
FormsAuthentication.RedirectFromLoginPage(cachedUser.Username, true);
}
// check if we can give any more detail to errors
var errors = Authorize.GetAuthorizeErrors();
if (!errors.Any()) // if no errors, throw unknown error
{
model.AddError(LoginErrors.UnknownError);
}
// if the user does not have the right username and password, don't give any more info
else if (errors.Contains(Authorize.AuthorizeErrorsEnum.PasswordNotVerified) ||
errors.Contains(Authorize.AuthorizeErrorsEnum.NoLoginData))
{
model.AddError(LoginErrors.InvalidUsernameOrPassword);
}
else // checks to see if we can find another issue
{
if (errors.Contains(Authorize.AuthorizeErrorsEnum.EmailNotConfirmed))
{
model.AddError(LoginErrors.EmailNotConfirmed);
}
if (errors.Contains(Authorize.AuthorizeErrorsEnum.LoginSuspended))
{
model.AddError(LoginErrors.Suspended);
}
}
}
}
else
{
// throws a EmptyUsernameOrPassword error
model.AddError(GlobalErrors.EmptyFields);
}
// if we got here there was an error
return(View(model));
}