public IActionResult Login(LoginViewModel usercred)
{
if (Request.Method == "POST")
{
_logger.LogInformation(9, " got form post " + Request.Form["Name"].ToString());
if (usercred.Name != null && usercred.Name.Length > 0)
{
User user = null;
var found = DbHelper.findUserId(_context, usercred.Name);
if (found > 0)
{
//check password
user = _context.Users
.Where(u => u.Id == found)
.First();
if (user != null && user.Password == usercred.Password)
{
_logger.LogInformation(usercred.Name + " logged in");
user.Logincount++;
_context.SaveChanges();
}
else
{
_logger.LogWarning("invalid password " + usercred.Password);
usercred.ErrorMessage = "Invalid password";
return(View(usercred));
}
}
else
{
//TODO set in user controller...
user = new User();
user.Name = usercred.Name;
user.Password = usercred.Password;
user.AccessLevel = 10;
_logger.LogWarning("creating user " + usercred.Name);
_context.Users.Add(user);
_context.SaveChanges();
}
HttpContext.Session.SetString("username", usercred.Name);
HttpContext.Session.SetString("userId", user.Id.ToString());
return(this.Redirect("Index"));
}
}
return(View(usercred));
}
public async Task <IActionResult> Checkout([Bind("Id,Comment,BankAccount")] Order order)
{
order.UserId = Int32.Parse(HttpContext.Session.GetString("userId"));
order.OrderLines = getOrderLinesFromSession();
_context.SaveChanges();
_context.Add(order);
await _context.SaveChangesAsync();
_logger.LogInformation("-- order created: " + order.Id);
//send to requestbin
RequestBinHelper.sendOrder(order);
return(RedirectToAction(nameof(Index)));
}
