public JsonResult doesUserNameExist(string Username) { using (BusinessLogic.UsersBusiness ctx = new BusinessLogic.UsersBusiness()) { UsersEntity user = ctx.FindUserByUsername(Username); if (user != null) { return(Json(true, JsonRequestBehavior.AllowGet)); } string suggestedUID = String.Format(CultureInfo.InvariantCulture, $"{Username} is not available."); for (int i = 1; i < 100; i++) { string altCandidate = Username + i.ToString(); user = ctx.FindUserByUsername(altCandidate); if (user != null) { suggestedUID = String.Format(CultureInfo.InvariantCulture, $"{Username} is not available. Try {altCandidate}."); break; } } return(Json(suggestedUID, JsonRequestBehavior.AllowGet)); } }
public ActionResult Login(LoginModel info) { using (BusinessLogic.UsersBusiness ctx = new BusinessLogic.UsersBusiness()) { UsersEntity user = ctx.FindUserByUsername(info.Username); if (user == null) { info.message = $"The Username '{info.Username}' does not exist in the database"; return(View(info)); } string actual = user.Password; //string potential = user.Salt + info.Password; string potential = info.Password; bool validateduser = false; if (info.Username.ToLower() == "admin") { validateduser = potential == actual; } else { // check password hash validateduser = System.Web.Helpers.Crypto.VerifyHashedPassword(actual, potential); } if (validateduser) { Session["AUTHUsername"] = user.Username; Session["AUTHRole"] = user.Role; Session["AUTHUserID"] = user.UserID; Session["ChosenOwnerID"] = 0; if (user.Role == "Owner") { using (BusinessLogic.OwnersBusiness ctx2 = new BusinessLogic.OwnersBusiness()) { OwnersEntity owner = ctx2.FindOwnerByUserId(user.UserID); Session["AUTHOwnerID"] = owner.OwnerID; return(Redirect("~/Owners/Details/" + owner.OwnerID)); } } else if (user.Role == "Sitter") { using (BusinessLogic.SittersBusiness ctx2 = new BusinessLogic.SittersBusiness()) { SittersEntity sitter = ctx2.FindSitterByUserId(user.UserID); Session["AUTHSitterID"] = sitter.SitterID; return(Redirect("~/Sitters/Details/" + sitter.SitterID)); } } else if (user.Role == "Admin") { return(Redirect("~/Users/ListAll")); } } info.message = "The password was incorrect"; return(View(info)); } }