// GET: see profile if logged in public IActionResult Profile() { // if try access profile without login, go to login page var loginCust = HttpContext.Session.GetObject <Customers>("login"); if (loginCust == null) { return(View("Login")); } else { var id = loginCust.CustomerId; var profile = CustomerProfileManager.Find(id); //return View(loginCust); return(View(profile)); } }
public async Task <IActionResult> Login(LoginViewModel login) { // compare input username and password against database var cust = await CustomerProfileManager.CompareLogin(login.username, login.password); if (cust != null) { // if username and pin match, add user to session HttpContext.Session.SetObject("login", cust); // direct to history page, with parameter customerId return(RedirectToAction("CustomerHistory", new { customerId = cust.CustomerId })); } else { // if username and pin don't match, go back to login page with error msg ViewBag.msg = "Sorry, username or password is invalid."; return(View("Login")); } }
public async Task <IActionResult> Register(UserViewModel user) { // 1. do server side validation. 2. if validation failed, go to register page with old inputs and error message. if (!ValidateUser(user)) { ViewBag.msg = "validation failed, please fill in valid information and try again."; return(View("Register", user)); } else { // 3. if validation passed, create a Customers obj from received UserViewModel, insert into DB var newCust = new Customers { CustLastName = user.CustLastName, CustFirstName = user.CustFirstName, CustBusPhone = Regex.Replace(user.CustBusPhone, @"[-.]", ""), // remove . and - CustPostal = user.CustPostal.Replace('-', ' ').ToUpper(), // T2G-1X6 => T2G 1X6 CustHomePhone = user.CustHomePhone != null?Regex.Replace(user.CustHomePhone, @"[-.]", "") : null, CustAddress = user.CustAddress, CustCity = user.CustCity, CustCountry = user.CustCountry, CustEmail = user.CustEmail, CustProv = user.CustProv.ToUpper(), // ab => AB Password = user.Password, Username = user.Username }; try { // 4. if insert successfully, go to login page show success msg await CustomerProfileManager.Add(newCust); ViewBag.success = "Congratulations! Your account is active now, please log in."; return(View("Login")); } catch (Exception e) { // 5. if insert failed, go to register page with old inputs and error msg ViewBag.msg = "username is already in use, please login."; ViewBag.reason = e.InnerException.Message; // sqlserver exception message, not very readable return(View("Register", user)); } } }