public JsonResult doesUserNameExist(string Username)
{
using (BusinessLogic.UsersBusiness ctx = new BusinessLogic.UsersBusiness())
{
UsersEntity user = ctx.FindUserByUsername(Username);
if (user != null)
{
return(Json(true, JsonRequestBehavior.AllowGet));
}
string suggestedUID = String.Format(CultureInfo.InvariantCulture,
$"{Username} is not available.");
for (int i = 1; i < 100; i++)
{
string altCandidate = Username + i.ToString();
user = ctx.FindUserByUsername(altCandidate);
if (user != null)
{
suggestedUID = String.Format(CultureInfo.InvariantCulture,
$"{Username} is not available. Try {altCandidate}.");
break;
}
}
return(Json(suggestedUID, JsonRequestBehavior.AllowGet));
}
}
public ActionResult Login(LoginModel info)
{
using (BusinessLogic.UsersBusiness ctx = new BusinessLogic.UsersBusiness())
{
UsersEntity user = ctx.FindUserByUsername(info.Username);
if (user == null)
{
info.message = $"The Username '{info.Username}' does not exist in the database";
return(View(info));
}
string actual = user.Password;
//string potential = user.Salt + info.Password;
string potential = info.Password;
bool validateduser = false;
if (info.Username.ToLower() == "admin")
{
validateduser = potential == actual;
}
else
{
// check password hash
validateduser = System.Web.Helpers.Crypto.VerifyHashedPassword(actual, potential);
}
if (validateduser)
{
Session["AUTHUsername"] = user.Username;
Session["AUTHRole"] = user.Role;
Session["AUTHUserID"] = user.UserID;
Session["ChosenOwnerID"] = 0;
if (user.Role == "Owner")
{
using (BusinessLogic.OwnersBusiness ctx2 = new BusinessLogic.OwnersBusiness())
{
OwnersEntity owner = ctx2.FindOwnerByUserId(user.UserID);
Session["AUTHOwnerID"] = owner.OwnerID;
return(Redirect("~/Owners/Details/" + owner.OwnerID));
}
}
else if (user.Role == "Sitter")
{
using (BusinessLogic.SittersBusiness ctx2 = new BusinessLogic.SittersBusiness())
{
SittersEntity sitter = ctx2.FindSitterByUserId(user.UserID);
Session["AUTHSitterID"] = sitter.SitterID;
return(Redirect("~/Sitters/Details/" + sitter.SitterID));
}
}
else if (user.Role == "Admin")
{
return(Redirect("~/Users/ListAll"));
}
}
info.message = "The password was incorrect";
return(View(info));
}
}
