public bool Authenticate(User prof)
{
//Check for prof.Username to be in dbo.tlProfessors
//Otherwise return false because we need to be able
//to tie the username to their classes and what not.
string inDB = Database.ScalarString(@"SELECT COUNT(*)
FROM tlProfessors
WHERE CBAUserName = '******'");
try
{
if ( !(Convert.ToInt32(inDB) > 0) )
return false;
}
catch
{
return false;
}
if (!this.ModelState.IsValid)
return false;
if (Membership.ValidateUser(prof.Username, prof.Password))
{
FormsAuthentication.SetAuthCookie(prof.Username, true);
return true;
}
return false;
}
public ActionResult Index(User prof)
{
if (Authenticate(prof))
Session["User"] = prof.Username;
else
{
ModelState.AddModelError(String.Empty, "Incorrect Username/Password");
return View();
}
return RedirectToAction("Home");
}
public ActionResult Home(User prof)
{
if (!CheckCookie())
return RedirectToAction("Index");
return View();
}