public ActionResult Authenticate(string username, string password) { try { string hasedPassword = new SecurityHandler().HashPassword(password).ToLower(); Staff staff = (from staffs in db.Staffs where (staffs.Username.Equals(username.ToLower()) && staffs.Password.Equals(hasedPassword)) select staffs).FirstOrDefault(); if (staff != null) { Session["StaffId"] = staff.Id; Session["StaffName"] = staff.Fullname; Session["ClinicId"] = (from c in db.Clinics where c.UniqueId == staff.ClinicId select c.Id).FirstOrDefault(); return Json("success", JsonRequestBehavior.AllowGet); } } catch (Exception exception) { Debug.WriteLine(exception.Message); } return View("Login"); }
public ActionResult Create(Staff staff) { if (ModelState.IsValid) { string hash = new SecurityHandler().HashPassword(staff.Password); staff.Password = hash; db.Staffs.Add(staff); db.SaveChanges(); return RedirectToAction("Index"); } return View(staff); }