public async Task<IHttpActionResult> AddUser(LoginViewModel model)
{
if (string.IsNullOrWhiteSpace(model.UserName))
{
return NotFound();
}
User existing = await db.Users.Where(w => w.Email == model.UserName).FirstOrDefaultAsync();
if (existing != null)
{
return BadRequest();
}
string hashPass = BCrypt.Net.BCrypt.HashPassword(model.Password, BCrypt.Net.BCrypt.GenerateSalt());
User user = new User();
user.Active = true;
user.Email = model.UserName;
user.Password = hashPass;
user.CreatedDate = System.DateTime.UtcNow;
db.Users.Add(user);
await db.SaveChangesAsync();
return Ok(user);
}
public ActionResult Login(LoginViewModel model)
{
if (string.IsNullOrWhiteSpace(model.UserName))
{
ViewBag.error = "Username is required";
ViewBag.username = model.UserName;
return View();
}
if (string.IsNullOrWhiteSpace(model.Password))
{
ViewBag.error = "Password is required";
ViewBag.username = model.UserName;
return View();
}
using(DocEasyContext db = new DocEasyContext())
{
var user = db.Users.Where(w =>
w.Active == true &&
w.Email == model.UserName ).FirstOrDefault();
if(user == null)
{
ViewBag.error = "Invalid username or password";
ViewBag.username = model.UserName;
return View();
}
else
{
if(BCrypt.Net.BCrypt.Verify(model.Password, user.Password))
{
FormsAuthentication.SetAuthCookie(user.Id.ToString(), false);
return Redirect("/admin");
}
else
{
ViewBag.error = "Invalid username or password";
ViewBag.username = model.UserName;
return View();
}
}
}
return View();
}
public ActionResult Login()
{
LoginViewModel model = new LoginViewModel();
return View(model);
}