// GET: TimeSheetEntry/Create
public ActionResult punch(bgce_timetracker.Models.LOGIN loginModel)
{
int id = (int)Session["UserID"];
TempData["id"] = id;
bool isClockedIn = db.TIME_SHEET_ENTRY.Where(timeSheet => timeSheet.employee == id && timeSheet.is_clocked_in == true).FirstOrDefault() != null;
if (!isClockedIn) //if the user is not clocked in, clock them in and display a confirmation message telling them they clocked in successfully.
{
if (clockUserIn())
{
loginModel.punchStatusConfirmation = "Successfully clocked in.";
}
}
else
{ //if the user is clocked in, clock them out and display a confirmation message telling them they clocked out successfully.
if (clockUserOut())
{
loginModel.punchStatusConfirmation = "Successfully clocked out.";
}
}
return(RedirectToAction("punchConfirmation", "Logins", loginModel));
}
public ActionResult punchConfirmation(bgce_timetracker.Models.LOGIN loginModel)
{
return(View("Authorize", loginModel));
}
public ActionResult Authorize(bgce_timetracker.Models.LOGIN userModel, String answer)
{
using (trackerEntities db = new trackerEntities())
{
var userDetails = db.LOGINs.Where(x => x.username == userModel.username).ToList();
byte[] ss;
string hashword;
//Encoding enc = Encoding.UTF8;
PasswordHash pass = new PasswordHash();
if (userDetails == null)
{
userModel.LoginErrorMessage = "Wrong Username";
return(View("Authorize", userModel));
}
else
{
foreach (var item in userDetails)
{
string userSaltString = item.password_salt;
ss = Convert.FromBase64String(userSaltString);
//check the getbytes method used in the creation and login parts. make it consistant **PasswordHash.cs
//pass.GetHash(item.password, ss);
String password = userModel.password;
if (password == null)
{
return(View("Authorize", userModel));
}
if (item.password == pass.GetHash(userModel.password, ss))
{
if (answer.Equals("Log in"))
{
Session["userID"] = item.userID;
var timeSheet = db.TIME_SHEET.Where(x => x.active == true && x.employee == item.userID)
.Select(x => x.timesheetID)
.FirstOrDefault();
TempData["activeTimesheetID"] = timeSheet;
var claims = new List <Claim>();
claims.Add(new Claim(ClaimTypes.Name, item.username));
var identity = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie);
HttpContext.GetOwinContext().Authentication.SignIn(identity);
return(RedirectToAction("Index", "Home"));
}
else if (answer.Equals("Punch in/out"))
{
Session["UserID"] = item.userID;
TempData["isFoodService"] = "False";
return(RedirectToAction("punch", "TimeSheetEntry", userModel));
}
else
{
Session["UserID"] = item.userID;
TempData["isFoodService"] = "True";
return(RedirectToAction("punch", "TimeSheetEntry", userModel));
}
}
}
}
userModel.LoginErrorMessage = "Wrong Username or password";
return(View("Authorize", userModel));
}
}