public ActionResult Login(LoginModel model)
{
try
{
if (ModelState.IsValid)
{
BLLAccess _bllAccess = new BLLAccess();
GetEmployeeAccessModel _employeeAccess = new GetEmployeeAccessModel();
_bllAccess.idno = model.IDNO;
_employeeAccess = _bllAccess.GetEmployeeAccess();
if (_employeeAccess.IsLocked)
{
ModelState.AddModelError("", "Your account is locked. Please contact your System Administrator.");
return View();
}
if (!_bllAccess.VerifyUser(model.Password, _employeeAccess.PasswordHash, _employeeAccess.PasswordSalt))
{
ModelState.AddModelError("", "User and/or password is incorrect.");
return View();
}
string _userData = Newtonsoft.Json.JsonConvert.SerializeObject(_employeeAccess);
System.Web.Security.FormsAuthenticationTicket authTicket = new System.Web.Security.FormsAuthenticationTicket(
1,
_employeeAccess.IDNO,
System.DateTime.Now,
System.DateTime.Now.AddMinutes(15),
false,
_userData);
string encTicket = System.Web.Security.FormsAuthentication.Encrypt(authTicket);
System.Web.HttpCookie faCookie = new System.Web.HttpCookie(System.Web.Security.FormsAuthentication.FormsCookieName,
encTicket);
Response.Cookies.Add(faCookie);
_bllAccess.UpdateLoginCountAndDate(model.IDNO);
return RedirectToAction("Index", "DTR");
}
else
{
return View();
}
}
catch
{
ModelState.AddModelError("", "User and/or password is incorrect.");
return View();
}
}
public ActionResult ChangePassword(EMP.Models.Account.ChangePasswordModel model)
{
try
{
BLLAccess _bllAccess = new BLLAccess();
_bllAccess.idno = User.IDNO;
int _status = _bllAccess.UpdateAccessPass(model.OldPassword, User.PasswordHash,
User.PasswordSalt, model.NewPassword, User.IDNO);
if (_status == 1)
{
return RedirectToAction("Logout", "Account");
}
if (_status == 0)
{
ModelState.AddModelError("", "Old password is incorrect. Please try again.");
}
return View();
}
catch (Exception e)
{
ModelState.AddModelError("", e.Message);
return View();
}
}
public ActionResult ResetPassword(EMP.Models.Account.ResetPasswordModel model)
{
try
{
if(ModelState.IsValid)
{
BLLAccess _bllAccess = new BLLAccess();
_bllAccess.idno = model.IDNO;
if(_bllAccess.ResetAccessPass(model.Password, User.IDNO))
{
TempData["resetPassword_result"] = "Password was successfully reset.";
}
else
{
TempData["resetPassword_result"] = "An error has occurred.";
}
}
return View();
}
catch (Exception e)
{
ModelState.AddModelError("", e.Message);
return View();
}
}