//
// GET: /Admin/
public ActionResult Admin()
{
if ((Request.Cookies["cookie"] != null) && ModelState.IsValid)
{
LoginModel AuthUser = new LoginModel();
AuthUser.UserName = "******";
return View("AdminArea", AuthUser);
}
//! in-case there isn't cookie reffer to login page
return View(new LoginModel());
}
public ActionResult AdminArea(LoginModel currentLogin)
{
//! Case Logeedin already
if (Request.Cookies["cookie"] != null)
{
if (currentLogin == null)
{
LoginModel AuthUser = new LoginModel();
AuthUser.UserName = "******";
currentLogin = AuthUser;
return View("AdminArea", currentLogin);
}
else return View("AdminArea", currentLogin);
}
//! Verifying the currentLogin details.
LoginDAL logDAL = new LoginDAL();
//! Testing in DB if has a match
var testLogin = logDAL.Logins.FirstOrDefault( user =>
(user.UserName.Equals(currentLogin.UserName)) &&
(user.Password.Equals(currentLogin.Password)) );
if (testLogin != null)
{
/*
* Lets set a cookie for successful connection
* expired date: today + one day.
*
* Just Noting: This is not the orthodox way to work around cookies
* The right way is to store the cookie with a uniqe strings inside the DB.
* then each time we ask for auth, it should make an assessment if the cookie
* matches the logged on users. In other words; Real-life session cookie.
*
* */
FormsAuthentication.SetAuthCookie("cookie", true);
Response.Cookies["cookie"].Expires = DateTime.Now.AddDays(1);
//! Reffering to AdminArea page
return View("AdminArea", currentLogin);
}
else
return View("Admin", currentLogin);
}
public ActionResult Logon(LoginModel currentLogin)
{
if (ModelState.IsValid)
return AdminArea(currentLogin);
else return View("Admin", currentLogin);
}
