public ActionResult Authenticate(string username, string password)
{
try
{
string hasedPassword = new SecurityHandler().HashPassword(password).ToLower();
Staff staff = (from staffs in db.Staffs
where
(staffs.Username.Equals(username.ToLower()) && staffs.Password.Equals(hasedPassword))
select staffs).FirstOrDefault();
if (staff != null)
{
Session["StaffId"] = staff.Id;
Session["StaffName"] = staff.Fullname;
Session["ClinicId"] =
(from c in db.Clinics where c.UniqueId == staff.ClinicId select c.Id).FirstOrDefault();
return Json("success", JsonRequestBehavior.AllowGet);
}
}
catch (Exception exception)
{
Debug.WriteLine(exception.Message);
}
return View("Login");
}
public ActionResult Create(Staff staff)
{
if (ModelState.IsValid)
{
string hash = new SecurityHandler().HashPassword(staff.Password);
staff.Password = hash;
db.Staffs.Add(staff);
db.SaveChanges();
return RedirectToAction("Index");
}
return View(staff);
}