public ActionResult Index(LoginModel lm)
{
string returnUrl = "";
if (TempData["returnUrl"] != null)
{
returnUrl = TempData["returnUrl"].ToString();
if (returnUrl.ToLower().Contains("logout"))
{
returnUrl = "Home";
}
}
else
{
returnUrl = lm.ReturnUrl;
}
if (!ModelState.IsValid)
{
ModelState.AddModelError("", "Username and Password is required.");
lm.ReturnUrl = returnUrl;
return(View(lm));
}
lm.Username = lm.Username.ToUpper().Trim();
Accounts accnts = new Accounts();
Accounts.Account accnt = accnts.SelectUserByUsername(lm.Username);
if (accnt.Username == null)
{
ModelState.AddModelError("", "Username does not exist.");
lm.ReturnUrl = returnUrl;
return(View(lm));
}
string hashing = PRMS.GetMD5Hash(lm.Password);
if (PRMS.GetMD5Hash(lm.Password) != accnt.Password)
{
ModelState.AddModelError("", "Password is incorrect.");
return(View(lm));
}
else
{
JavaScriptSerializer serializer = new JavaScriptSerializer();
string data = serializer.Serialize(accnt);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, lm.Username, DateTime.Now, DateTime.Now.AddHours(8), true, data, FormsAuthentication.FormsCookiePath);
string encriptedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie ticketCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encriptedTicket);
Accounts.Account x = serializer.Deserialize <Accounts.Account>(data);
Response.Cookies.Add(ticketCookie);
Parameters.UserID = accnt.ID;
Parameters.UserName = accnt.Name;
Parameters.UsedUsername = accnt.Username;
Parameters.Password = accnt.Password;
Parameters.Department = accnt.DepartmentID;
Parameters.Role = accnt.RoleID;
return(RedirectToAction("Index", "Home"));
}
}