public ActionResult Login([Bind(Include = "email,password,rememberMe")] LoginViewModel loginViewModel)
{
try
{
Employee emp = db.Employees.Single(e => e.EmployeeEmail.Equals(loginViewModel.Email));
var r = from l in db.EmployeeRoles
where l.Employee.EmployeeID == emp.EmployeeID
select l.Role.RoleName;
List <string> roles = r.ToList();
if (emp != null)
{
string pass = EmployeesController.getHashedPassword(loginViewModel.Password);
if (pass.Equals(emp.PasswordHash))
{
Session["user"] = emp;
Session["roles"] = roles;
if (loginViewModel.RememberMe)
{
HttpCookie ckUsername = new HttpCookie("username");
ckUsername.Expires = DateTime.Now.AddSeconds(3600);
ckUsername.Value = emp.EmployeeEmail;
Response.Cookies.Add(ckUsername);
}
if (roles.Contains("Super User"))
{
return(RedirectToAction("Index", "EmployeeLeaveRequestViewModels"));
}
else if (roles.Contains("Department Manager"))
{
return(RedirectToAction("Index", "DepartmentManagerLeaveRequestViewModels"));
}
else if (roles.Contains("Delivery Manager"))
{
return(RedirectToAction("Index", "DeliveryManagerViewModel"));
}
else if (roles.Contains("Worker"))
{
return(RedirectToAction("Index", "EmployeeLeaveRequestViewModels"));
}
else
{
return(RedirectToAction("Index", "EmployeeLeaveRequestViewModels"));
}
}
else
{
TempData["PasswordError"] = "Leave Manager password is incorrect!";
TempData["User"] = emp.EmployeeEmail.ToString();
return(RedirectToAction("Index", "Login"));
}
}
return(RedirectToAction("Index", "Login"));
}
catch
{
TempData["EmailError"] = "There is no user with that email!";
return(RedirectToAction("Index", "Login"));
}
}
public ActionResult ForgottenPassword([Bind(Include = "email")] LoginViewModel loginViewModel)
{
var r = from l in db.Employees
where l.EmployeeEmail == loginViewModel.Email
select l;
if (!r.Any())
{
ViewBag.emailError = "Wrong email address.";
return(View());
}
else
{
Employee emp = r.First();
string password = Membership.GeneratePassword(10, 3);
db.Employees.Single(e => e.EmployeeID == emp.EmployeeID).PasswordHash = EmployeesController.getHashedPassword(password);
db.SaveChanges();
sendMailWithNewPass(emp, password);
TempData["resetSuccess"] = "New password is send to your email address.";
return(RedirectToAction("Index"));
}
}