public ActionResult Login(LoginModel model, string returnUrl = null) { if (ModelState.IsValid) { using (var db = new OnlineShoppingEntity()) { var user = db.UserLogins.FirstOrDefault(x => x.UserName == model.UserName); if (user != null) { var passwordHash = Helper.CreatePasswordHash(model.Password, user.PasswordSalt); if (user.Password.Equals(passwordHash)) { Session["UserId"] = user.UserId; Session["UserName"] = user.FullName; FormsAuthentication.SetAuthCookie(user.UserName, model.RememberMe); if (!string.IsNullOrEmpty(returnUrl)) { return(Redirect(returnUrl)); } return(RedirectToAction("Index", "Home")); } } } } // If we got this far, something failed, redisplay form ModelState.AddModelError(string.Empty, "The user name or password provided is incorrect."); return(View(model)); }
public ActionResult Register(RegisterModel model, string returnUrl = null) { if (ModelState.IsValid) { // Attempt to register the user try { using (var db = new OnlineShoppingEntity()) { if (db.UserLogins.FirstOrDefault(x => x.UserName == model.UserName) != null) { ModelState.AddModelError(model.UserName, "User name is already taken."); return(View(model)); } if (db.UserLogins.FirstOrDefault(x => x.Email == model.Email) != null) { ModelState.AddModelError(model.UserName, "Email address is already registered."); return(View(model)); } var saltKey = Helper.CreateSaltKey(5); var passwordHash = Helper.CreatePasswordHash(model.Password, saltKey); db.UserLogins.Add(new UserLogin() { UserName = model.UserName, Password = passwordHash, Address = model.Address, ContactNumber = model.ContactNumber, Email = model.Email, FullName = model.FullName, JoinedDate = DateTime.UtcNow, PasswordSalt = saltKey }); db.SaveChanges(); this.Login(new LoginModel { UserName = model.UserName, Password = model.Password, RememberMe = false }); if (!string.IsNullOrEmpty(returnUrl)) { return(this.Redirect(returnUrl)); } } return(RedirectToAction("Index", "Home")); } catch (MembershipCreateUserException e) { ModelState.AddModelError("", ErrorCodeToString(e.StatusCode)); } } // If we got this far, something failed, redisplay form return(View(model)); }