public ActionResult Register(RegisterViewModel rvm) { AccountModel am = new AccountModel(); Account recieved = new Account { FullName = rvm.FullName, Email = rvm.Email, Username = rvm.Username, Password = rvm.Password, Roles = rvm.Roles };//creating an account from viewmodel recieved data thats why its called recieved //for testing //ViewBag.Error = recieved.Email; if (am.find(recieved.Username)!=null) { ViewBag.Error = "Username already exists,please choose other one"; return View(); } if (ModelState.IsValid) { db.Accounts.Add(recieved); db.SaveChanges(); } SessionPersister.Username = recieved.Username; //return View("Success"); //ViewBag.Success = "User Successfully created"; return RedirectToAction("Index", "Home"); }
public ActionResult Login(AccountViewModel avm) { AccountModel am = new AccountModel(); if ( am.login(avm.Account.Username, avm.Account.Password) == null) { ViewBag.Error = "Account's Invalid"; return View(); } SessionPersister.Username = avm.Account.Username; return RedirectToAction("Index", "Home"); }
public override void OnAuthorization(AuthorizationContext filterContext) { if(string.IsNullOrEmpty(SessionPersister.Username)) { filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { Controller = "Account", Action = "Index" })); } else { AccountModel am = new AccountModel(); CustomPrincipal mp = new CustomPrincipal(am.find(SessionPersister.Username)); if(!mp.IsInRole(Roles)) { filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { Controller = "AccessDenied", Action = "Index" })); } } }