public ActionResult Login(UserLogin login, string ReturnUrl = "") { bool Status = false; string message = ""; if (SqlUser.CheckUserExists(login.Email)) { if (!SqlUser.CheckEmailVeryfied(login)) { ViewBag.Message = Resources.Texts.VerifyYourEmail; return View(); } if (string.Compare(Crypto.Hash(login.Password), SqlUser.GetUserPassword(login)) == 0) { int timeout = login.RememberMe ? 525600 : 30; // 525600 min = 1 rok, 30 dni czas zycia cookiem var ticket = new FormsAuthenticationTicket(login.Email, login.RememberMe, timeout); string encrypted = FormsAuthentication.Encrypt(ticket); var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted) { Expires = DateTime.Now.AddMinutes(timeout), HttpOnly = true }; Response.Cookies.Add(cookie); Status = true; if (Url.IsLocalUrl(ReturnUrl)) { return Redirect(ReturnUrl); } else { switch (SqlUser.GetUserRole(login.Email)) { case "administrator": return RedirectToAction("Index", "Admin"); //case "worker": //return RedirectToAction("Profile", "User"); case "user": return RedirectToAction("Profile", "User"); } } } else { message = Resources.Texts.InvalidPassword; } } else { message = Resources.Texts.InvalidUser; } ViewBag.Message = message; ViewBag.Status = Status; return View(); }
public ActionResult Registration([Bind(Exclude = "IsEmailVerified,ActivationCode")] User user) { bool Status = false; string message = ""; // Walidacja modelu uzytkownika if (ModelState.IsValid) { // czy email istnieje bool isExist = SqlUser.CheckUserExists(user.Email); if (isExist) { ViewBag.Message = Resources.Texts.EmailExistsMessage; ModelState.AddModelError("EmailExist", Resources.Texts.EmailExistsMessage); return View(user); } // generowanie kodu aktywacji user.ActivationCode = Guid.NewGuid().ToString(); // hashing hasla user.Password = Crypto.Hash(user.Password); user.IsEmailVeryfied = false; user.RoleID = SqlDatabase.UserRoleId; // domyślnie dodawany użytkownik o roli zwykłego user'a user.CustomerID = SqlDatabase.CustomerAtr; // dodanie adresu użytkownika - atrapa, żeby baza przyjęła dane //zapis do bazy danych SqlUser.InsertUser(user); // wyslanie emaila do uzytkownika SendVerificationLinkEmail(user.Email, user.ActivationCode, user.FirstName); message = Resources.Texts.EmailVerificationMessage + user.Email; Status = true; } else { message = Resources.Texts.InvalidRequest; } ViewBag.Message = message; ViewBag.Status = Status; return View(user); }