public ActionResult Login(LoginViewModel LoginVM) { if (ModelState.IsValid) { var patient = db.Patients.Where(u => u.Email == LoginVM.Email).FirstOrDefault(); if (patient != null) { //valid email address if (string.Compare(SecurityUtilities.Hash(LoginVM.PW), patient.PW) == 0) { //valid login password, reset access faild counter and create FormAuthentication Cookie Response.Cookies.Add(SecurityUtilities.CreateAuthenticationCookie(patient.FName, patient.ID.ToString())); //redirect to home page return(RedirectToAction("Index", "Home")); } else { //invalid password ModelState.AddModelError("InvalidPassword", "Invalid Password. "); } } else { //wrong email address ModelState.AddModelError("InvalidEmail", "Invalid Email Address. "); } } else { ModelState.AddModelError("loginerror", "An error occured while sign in ."); } // If we got this far, something failed, redisplay form return(View(LoginVM)); }
public ActionResult Register(Patient patient, HttpPostedFileBase uploaded) { if (ModelState.IsValid) { var isExist = SecurityUtilities.IsEmailExists(patient.Email); if (isExist) { //username is registered before ModelState.AddModelError("EmailExist", "Email already exists ."); ViewBag.BloodGroupID = new SelectList(db.BloodGroups, "ID", "Name", patient.BloodGroupID); return(View(patient)); } //Completing user model data patient.PW = SecurityUtilities.Hash(patient.PW); if (uploaded != null && uploaded.ContentLength > 0) { string extension = Path.GetExtension(uploaded.FileName); string pattern = @".(jpg|JPG|jpeg|JPEG|png|PNG)$"; if (Regex.IsMatch(extension, pattern)) { // convert image to array of binary patient.Img = new byte[uploaded.ContentLength]; uploaded.InputStream.Read(patient.Img, 0, uploaded.ContentLength); } else { ModelState.AddModelError("ImgError", "Only Images allowed ."); ViewBag.BloodGroupID = new SelectList(db.BloodGroups, "ID", "Name", patient.BloodGroupID); return(View(patient)); } } // insert user data in User and UserRoles tables in one transaction db.Patients.Add(patient); db.SaveChanges(); //Registeration succeeded, Sign in this account Response.Cookies.Add(SecurityUtilities.CreateAuthenticationCookie(patient.FName, patient.ID.ToString())); // Redirect to Dashboard return(RedirectToAction("Index", "Home")); } else { ModelState.AddModelError("RegisterError", "An error occured while registeration ."); } // If we got this far, something failed, redisplay form ViewBag.BloodGroupID = new SelectList(db.BloodGroups, "ID", "Name", patient.BloodGroupID); return(View(patient)); }