//Authenticate the user by taking a model value from the form public bool Authenticate(LogOnModel model) { //Making a connection to database for checking a username and password try { using (cn = new SqlConnection(ConnectionString)) { cmd = new SqlCommand("CheckAuthentication",cn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@UserName", model.UserName); cmd.Parameters.AddWithValue("@PassWord", model.Password); dr = cmd.ExecuteReader(); //if the user is a valid user return true if(dr.Read() ) return true; else//return false if the user is not a valid user return false; } } //Cathe the Exception and write to a log file catch(Exception ex){ //Because of the exception return false return false; } //Error if Something wrong return false; }
public ActionResult Login(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { //check id usename and password exists try { //If the username and password is valid if (WebSecurity.Login(model.UserName, model.Password)) { //Redirect to Index method of Home Controller return RedirectToAction("Index", "Home"); } else { //Display the error back to the user ModelState.AddModelError("", "The user name or password provided is incorrect."); return View(model); } } //If not found catch (Exception ex) { //Any Error on catch write a to a log file ModelState.AddModelError("", "Please contct to support help desk"); } } // If we got this far, something failed, redisplay form return View(model); }