public ActionResult Login(user user)
{
try
{
NSHNContext db = new NSHNContext();
//ENCRYPT PASSWORD HERE
//CREATE A VARIABLE TO HOLD THE FIRST USER WHERE THE DATABASE USERNAME/PASSWORD (ACCESSED WITH LAMBDA EXPRESSION) MATCHES THE POSTED USERNAME/PASSWORD
var currUser = db.users.Where(u => u.username == user.username && u.password == user.password).FirstOrDefault();
//IF THE USER IS VALID, ASSIGN SESSION ID AND USERNAME, THEN REDIRECT TO THE LOGIN ACTION
if (currUser != null)
{
Session["userId"] = currUser.id.ToString();
Session["userName"] = currUser.username.ToString();
Session["role"] = currUser.role.role_code.ToString();
return(RedirectToAction("LoggedIn"));
}
else
{
ModelState.AddModelError("", "Username or password is incorrect");
}
return(View());
}
catch (Exception e)
{
ViewBag.GenericException = e.Message;
}
return(View("~/Views/Navigate/Errors.cshtml"));
}
public ActionResult Register(user user, FormCollection form)
{
try
{
if (ModelState.IsValid)
{
NSHNContext db = new NSHNContext();
//ENCRYPTION GOES HERE
//DETERMINE IF ADMIN TO SHOW THE OPTION OF CHOOSING ADMIN/USER STATUS
if (Session["role"] != null)
{
if (Session["role"].ToString() == "ADM")
{
user.user_role = form["user-role"];
}
}
else
{
user.user_role = "USR";
}
//DO NOT ALLOW A USERNAME TO BE REGISTERED TWICE
var users = db.users.Where(u => u.username == user.username);
foreach (var u in users)
{
if (u.username == user.username)
{
ViewBag.RegisterStatus = "This username has already been taken. Please choose another one.";
return(View("~/Views/Account/Register.cshtml"));
}
}
db.users.Add(user);
db.SaveChanges();
ModelState.Clear();
ViewBag.RegisterStatus = "user " + user.username + " Successfully registered!";
return(View("~/Views/Account/Register.cshtml"));
}
}
catch (DbUpdateException e)
{
ViewBag.DbExceptionMessage = e.Message;
}
catch (SqlException e)
{
ViewBag.SqlExceptionMessage = e.Message;
}
catch (Exception e)
{
ViewBag.GenericException = e.Message;
}
return(View("~/Views/Navigate/Errors.cshtml"));
}
