public ActionResult Register(RegisterViewModel model, string returnUrl) { if (ModelState.IsValid) { // Attempt to register the user try { if (Context.Users.Where(u => u.Username.ToUpper() == model.UserName.ToUpper()).Count() > 0) { ModelState.AddModelError("", "Username is already used"); return View(model); } var user = new User() { Username = model.UserName, Password = model.Password, Roles = new List<Role>() }; var role = Context.Roles.Where(r => r.RoleName == "User").FirstOrDefault(); user.Roles.Add(role); Context.Users.Add(user); Context.SaveChanges(); var roles = user.Roles.Select(m => m.RoleName).ToArray(); CustomPrincipalSerializeModel serializeModel = new CustomPrincipalSerializeModel(); serializeModel.UserId = user.UserId; serializeModel.UserName = user.Username; serializeModel.roles = roles; string userData = JsonConvert.SerializeObject(serializeModel); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1, user.Username, DateTime.Now, DateTime.Now.AddMinutes(15), false, userData); string encTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket); Response.Cookies.Add(faCookie); if (returnUrl == null) return RedirectToAction("Index", "Books"); try { return Redirect(returnUrl); } catch { return RedirectToAction("Index", "Books"); } } catch { ModelState.AddModelError("", "Cannot create user account"); } } // If we got this far, something failed, redisplay form return View(model); }
public ActionResult Login(LoginViewModel model, string returnUrl) { if (ModelState.IsValid) { var user = Context.Users.Where( u => u.Username.ToUpper() == model.Username.ToUpper() && u.Password == model.Password) .FirstOrDefault(); if (user != null) { var roles = user.Roles.Select(m => m.RoleName).ToArray(); CustomPrincipalSerializeModel serializeModel = new CustomPrincipalSerializeModel(); serializeModel.UserId = user.UserId; serializeModel.UserName = user.Username; serializeModel.roles = roles; string userData = JsonConvert.SerializeObject(serializeModel); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1, user.Username, DateTime.Now, DateTime.Now.AddMinutes(15), false, userData); string encTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket); Response.Cookies.Add(faCookie); if (roles.Contains("Admin")) { return RedirectToAction("Index", "Admin"); } else { if (returnUrl == null) return RedirectToAction("Index", "Books"); try { return Redirect(returnUrl); } catch { return RedirectToAction("Index", "Books"); } } } ModelState.AddModelError("", "Incorrect username and/or password"); } return View(model); }