public IActionResult Login(LoginViewModel usercred) { if (Request.Method == "POST") { _logger.LogInformation(9, " got form post " + Request.Form["Name"].ToString()); if (usercred.Name != null && usercred.Name.Length > 0) { User user = null; var found = DbHelper.findUserId(_context, usercred.Name); if (found > 0) { //check password user = _context.Users .Where(u => u.Id == found) .First(); if (user != null && user.Password == usercred.Password) { _logger.LogInformation(usercred.Name + " logged in"); user.Logincount++; _context.SaveChanges(); } else { _logger.LogWarning("invalid password " + usercred.Password); usercred.ErrorMessage = "Invalid password"; return(View(usercred)); } } else { //TODO set in user controller... user = new User(); user.Name = usercred.Name; user.Password = usercred.Password; user.AccessLevel = 10; _logger.LogWarning("creating user " + usercred.Name); _context.Users.Add(user); _context.SaveChanges(); } HttpContext.Session.SetString("username", usercred.Name); HttpContext.Session.SetString("userId", user.Id.ToString()); return(this.Redirect("Index")); } } return(View(usercred)); }
public async Task <IActionResult> Checkout([Bind("Id,Comment,BankAccount")] Order order) { order.UserId = Int32.Parse(HttpContext.Session.GetString("userId")); order.OrderLines = getOrderLinesFromSession(); _context.SaveChanges(); _context.Add(order); await _context.SaveChangesAsync(); _logger.LogInformation("-- order created: " + order.Id); //send to requestbin RequestBinHelper.sendOrder(order); return(RedirectToAction(nameof(Index))); }