public ActionResult LogIn()
{
if (User.Identity.IsAuthenticated)
{
return RedirectToRoute("Admin_Default");
}
var viewModel = new AuthLogInViewModel() {
Username = string.Empty,
Password = string.Empty
};
return View("LogIn", viewModel);
}
public void LogInRequiresBothUsernameAndPassword()
{
var withNeither = new AuthLogInViewModel();
Assert.IsFalse(Validator.TryValidateObject(withNeither, new ValidationContext(withNeither), new List<ValidationResult>()));
var withJustUsername = new AuthLogInViewModel() { Username = "******" };
Assert.IsFalse(Validator.TryValidateObject(withJustUsername, new ValidationContext(withJustUsername), new List<ValidationResult>()));
var withJustPassword = new AuthLogInViewModel() { Password = "******" };
Assert.IsFalse(Validator.TryValidateObject(withJustPassword, new ValidationContext(withJustPassword), new List<ValidationResult>()));
var withUsernameAndPassword = new AuthLogInViewModel() { Username = "******", Password = "******" };
Assert.IsTrue(Validator.TryValidateObject(withUsernameAndPassword, new ValidationContext(withUsernameAndPassword), new List<ValidationResult>()));
}
public ActionResult LogIn(AuthLogInViewModel viewModel)
{
if (!ModelState.IsValid)
{
return View("LogIn", viewModel);
}
string hashedPassword = PasswordGenerator.Hash(viewModel.Password);
using (RowanHouseDb db = new RowanHouseDb())
{
var user = db.Users.FirstOrDefault(e => e.Username.ToLower().Equals(viewModel.Username.ToLower()) && e.Password.Equals(hashedPassword));
if (user != null)
{
FormsAuthentication.SetAuthCookie(user.Username, false);
if (Request.QueryString["returnUrl"] != null)
{
return Redirect(Request.QueryString["returnUrl"]);
}
return Redirect(FormsAuthentication.DefaultUrl);
}
ModelState.AddModelError(string.Empty, "There was no user that matches the username and password specified.");
return View("LogIn", viewModel);
}
}