public ActionResult Login(Store.Data.User user)
{
using (MyDataEntities db = new MyDataEntities())
{
//Check to see that the UserName matches a User and that the Password matches that User
if (manager.AuthenticateUser(user.UserName, user.Password))
{
//AUTHORIZATION USING COOKIES
//--------------------------------------------------------------
int timeout = 100;
var ticket = new FormsAuthenticationTicket(1, user.UserID.ToString(), DateTime.Now, DateTime.Now.AddMinutes(20),
false, user.UserName.ToString(), FormsAuthentication.FormsCookiePath);
string encrypt = FormsAuthentication.Encrypt(ticket);
FormsAuthentication.SetAuthCookie(user.UserName, false);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypt);
cookie.Expires = DateTime.Now.AddMinutes(timeout);
cookie.HttpOnly = true;
Response.Cookies.Add(cookie);
//--------------------------------------------------------------
//Makes sure that the UserNames match and create a variable to hold the user in question
var usr = db.Users.Where(U => U.UserName == user.UserName).FirstOrDefault();
Session["UserID"] = usr.UserID.ToString();
Session["UserName"] = usr.UserName.ToString();
if (usr.IsAdmin == true)
{
Session["IsAdmin"] = 1;
}
else
{
Session["IsAdmin"] = 0;
}
//Create a list of the user's ShoppingCartProducts in order to find the total quantity of items
int temp = Convert.ToInt32(Session["UserID"].ToString());
var productList = db.ShoppingCartProducts.Where(a => a.ShoppingCartID == temp);
int quan = 0;
foreach (var item in productList)
{
quan += item.Quantity;
}
//Set the Session variable Quantity to the found value.
Session["Quantity"] = quan;
//Redirect the now logged in user back to the Homepage
return(Redirect("~/Home/Index"));
}
else
{
ModelState.AddModelError("", "Username or Password is incorrect");
}
}
return(View());
}
public new ViewResult DisplayProfile(int userID)
{
//Find the specific user based on the userID
Store.Data.User user = db.Users.Find(userID);
//If the user is not null then display the view
if (user != null)
{
return(View(user));
}
//Otherwise redirect to the noProfile view.
return(noProfile());
}
public int RegisterUser(Store.Data.User U)
{
//Passback is our return value. A value of 1 indicates a successful registered user while a value of -1 indicates an unsuccessful register
int passBack = 0;
using (MyDataEntities db = new MyDataEntities())
// Check if UserName already exists
if (db.Users.FirstOrDefault(t => t.UserName.ToLower() == U.UserName.ToLower()) == null)
{
//Populate the User with necessary information while also hashing the Password
U.Password = CreateTheHash(U.Password);
U.ConfirmPassword = U.Password;
U.IsAdmin = false;
U.CreatedBy = "dbo";
DateTime date1 = DateTime.Now;
U.DateCreated = date1;
U.ModifiedBy = "dbo";
U.DateModified = date1;
//Add the User to the DB
db.Users.Add(U);
//Try saving the DB
try
{
SaveUser();
}
catch (System.Data.Entity.Validation.DbEntityValidationException dbEx)
{
Exception raise = dbEx;
foreach (var validationErrors in dbEx.EntityValidationErrors)
{
foreach (var validationError in validationErrors.ValidationErrors)
{
string message = string.Format("{0}:{1}",
validationErrors.Entry.Entity.ToString(),
validationError.ErrorMessage);
// raise a new exception nesting
// the current instance as InnerException
raise = new InvalidOperationException(message, raise);
}
}
throw raise;
}
passBack = 1;
}//End IF
else
{
passBack = -1;
}//END ELSE
return(passBack);
}
public ViewResult Register(Store.Data.User U)
{
if (ModelState.IsValid)
{
int result = manager.RegisterUser(U);
if (result == 1)
{
ModelState.Clear();
U = null;
ViewBag.Message = "User Successfully Registered";
}
else
{
ModelState.AddModelError("UserName", "This Username already exists");
}
}
return(View(U));
}