public ActionResult Login(Login login, string ReturnUrl = "")
{
using (db)
{
string hashedPassword = Hasher.HashPassword(login.Username, login.Password);
var user = db.users.Where(a => a.username.Equals(login.Username) && a.password.Equals(hashedPassword)).FirstOrDefault();
ModelState.Remove("Password");
if (user != null)
{
FormsAuthentication.SetAuthCookie(user.username, login.RememberMe);
var recommender = new Recommender(this.db);
workout recommendation = recommender.Recommend(user.id);
if (Session != null && recommendation != null) Session["recommendedId"] = recommendation.id;
if (user.is_admin == 1)
{
return RedirectToAction("Index", "AdminHome");
}
//ReturnUrl = Request.QueryString["ReturnURL"];
if (!string.IsNullOrEmpty(ReturnUrl) && Url.IsLocalUrl(ReturnUrl))
{
return Redirect(ReturnUrl);
}
else
{
return RedirectToAction("Index", "MyProfile");
}
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
return View();
}
public ActionResult Register(user user)
{
Login login = new Login();
login.Username = user.username;
login.Password = user.password;
string hashedPassword = Hasher.HashPassword(user.username, user.password);
user.password = hashedPassword;
user.is_admin = 0;
//checks if username already exists in db
var isDuplicate = db.users.Where(u => u.username == user.username).FirstOrDefault();
if (isDuplicate != null)
{
ModelState.AddModelError("username", "This username already exists. Please choose another one.");
return View();
}
if (ModelState.IsValid)
{
try
{
db.users.Add(user);
db.SaveChanges();
return Login(login);
}
catch (Exception ex)
{
return View("DetailedError", new HttpStatusCodeResult(HttpStatusCode.InternalServerError, "An error occured while trying to register new account"));
}
}
else
{
return View("DetailedError", new HttpStatusCodeResult(HttpStatusCode.BadRequest, "An error occured while trying to register new account"));
}
}