public IHttpActionResult Authenticate(user model) { using (var context = new NGOEventsEntities()) { UserRequest userRequest = new UserRequest { }; userRequest.Username = model.email.ToLower(); userRequest.Password = model.password; bool isUsernamePasswordValid = false; if (model != null) { isUsernamePasswordValid = context.users.Any(x => x.email == model.email && x.password == model.password); } //if credentials are valid if (isUsernamePasswordValid) { var userDetails = context.users.Where(x => x.email == model.email && x.password == model.password).FirstOrDefault(); int id = userDetails.userID; string role = userDetails.role; return(Ok(createToken(model, id, role))); } else { // if credentials are not valid send unauthorized status code in response return(Content(HttpStatusCode.NotFound, "Wrong username and/or password!")); } } }
public ActionResult login(user model) { using (var context = new NGOEventsEntities()) { var userDetails = context.users.Where(x => x.email == model.email && x.password == model.password).FirstOrDefault(); bool isValid = context.users.Any(x => x.email == model.email && x.password == model.password); if (!isValid || userDetails == null) { ViewBag.Message = "Wrong Email and/or Password"; return(View()); } else { Session["role"] = userDetails.role; Session["email"] = userDetails.email; Session["firstName"] = userDetails.firstName; Session["lastName"] = userDetails.lastName; Session["userID"] = userDetails.userID; FormsAuthentication.SetAuthCookie(model.email, false); if (userDetails.role == "admin") { return(RedirectToAction("Index", "AdminView")); } return(RedirectToAction("Index", "UserView")); } } }