public GetEmployeeAccessModel GetEmployeeAccess() { DALAccess _dalAccess = new DALAccess(); GetEmployeeAccessModel _employeeAccess = new GetEmployeeAccessModel(); _employeeAccess = _dalAccess.GetEmployeeAccess(idno); _employeeAccess.Roles = GetEmployeeRole(); return _employeeAccess; }
public ActionResult Login(LoginModel model) { try { if (ModelState.IsValid) { BLLAccess _bllAccess = new BLLAccess(); GetEmployeeAccessModel _employeeAccess = new GetEmployeeAccessModel(); _bllAccess.idno = model.IDNO; _employeeAccess = _bllAccess.GetEmployeeAccess(); if (_employeeAccess.IsLocked) { ModelState.AddModelError("", "Your account is locked. Please contact your System Administrator."); return View(); } if (!_bllAccess.VerifyUser(model.Password, _employeeAccess.PasswordHash, _employeeAccess.PasswordSalt)) { ModelState.AddModelError("", "User and/or password is incorrect."); return View(); } string _userData = Newtonsoft.Json.JsonConvert.SerializeObject(_employeeAccess); System.Web.Security.FormsAuthenticationTicket authTicket = new System.Web.Security.FormsAuthenticationTicket( 1, _employeeAccess.IDNO, System.DateTime.Now, System.DateTime.Now.AddMinutes(15), false, _userData); string encTicket = System.Web.Security.FormsAuthentication.Encrypt(authTicket); System.Web.HttpCookie faCookie = new System.Web.HttpCookie(System.Web.Security.FormsAuthentication.FormsCookieName, encTicket); Response.Cookies.Add(faCookie); _bllAccess.UpdateLoginCountAndDate(model.IDNO); return RedirectToAction("Index", "DTR"); } else { return View(); } } catch { ModelState.AddModelError("", "User and/or password is incorrect."); return View(); } }