public ActionResult Login(LoginModel model)
{
if (ModelState.IsValid)
{
var userDetails = new UserDetails();
var result = loginService.ValidateUser(model.Username, model.Password, ref userDetails);
switch (result)
{
case UserLoginResult.Successful : // validation is sucessful the page will redirect based on user role
System.Web.HttpContext.Current.Cache["UserDetils"] = userDetails; // save user details into cache
FormsAuthentication.SetAuthCookie(encriptDecript.Encrypt(userDetails.Id.ToString()), false); // save user id into form authendication
return RedirectToAction("Index", "Home", new { area = userDetails.Role });
//return RedirectToAction("Index", "Registration");
case UserLoginResult.WrongPassword:
ModelState.AddModelError("", "Username and password doesnot match"); //alert
break;
case UserLoginResult.NotRegistered:
ModelState.AddModelError("", "User not registered");//alert
break;
}
return View(model);
}
return View();
}
/// <summary>
/// validate the user's username and password.if exists the details bind into
/// </summary>
/// <param name="username">Username</param>
/// <param name="password">password</param>
/// <param name="userDetails">referance userdetails class</param>
/// <returns>userdetails</returns>
public UserLoginResult ValidateUser(string username, string password,ref UserDetails userDetails)
{
var result = new UserDetails();
string[,] str = new string[1, 2];
str[0, 0] = "@username";
str[0, 1] =username;
string xmlResult = db.StoreprocedureExecuteQueryReturned("[dbo].[usp_User_Log]", str);
var serializer = new XmlSerializer(typeof(UserDetails));
if (!string.IsNullOrEmpty(xmlResult))
{
using (var reader = new StringReader(xmlResult))
{
result = (UserDetails)serializer.Deserialize(reader);
}
}
if (result.Id != 0)
{
if (encriptDecript.Decrypt(result.Password) == password)
{
userDetails = result;
return UserLoginResult.Successful;
}
else
{
return UserLoginResult.WrongPassword;
}
}
return UserLoginResult.NotRegistered;
}