//Authenticate the user by taking a model value from the form
public bool Authenticate(LogOnModel model)
{
//Making a connection to database for checking a username and password
try
{
using (cn = new SqlConnection(ConnectionString))
{
cmd = new SqlCommand("CheckAuthentication",cn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@UserName", model.UserName);
cmd.Parameters.AddWithValue("@PassWord", model.Password);
dr = cmd.ExecuteReader();
//if the user is a valid user return true
if(dr.Read() )
return true;
else//return false if the user is not a valid user
return false;
}
}
//Cathe the Exception and write to a log file
catch(Exception ex){
//Because of the exception return false
return false;
}
//Error if Something wrong
return false;
}
public ActionResult Login(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
//check id usename and password exists
try
{
//If the username and password is valid
if (WebSecurity.Login(model.UserName, model.Password))
{
//Redirect to Index method of Home Controller
return RedirectToAction("Index", "Home");
}
else
{
//Display the error back to the user
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return View(model);
}
}
//If not found
catch (Exception ex)
{
//Any Error on catch write a to a log file
ModelState.AddModelError("", "Please contct to support help desk");
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
