public ActionResult Login(LoginDto login)
{
if (ModelState.IsValid)
{
var users = UnitOfWork.DocumentSession.Query<User>()
.Where(u => u.Login == login.UserName)
.ToList();
if (users.Any(u => u.HashedPassword.Text.ToPlainString() == login.Password))
{
var user = users.Single(u => u.HashedPassword.Text.ToPlainString() == login.Password && u.Login == login.UserName);
var savedSalt = user.HashedPassword.Salt.ToPlainString();
var savedHash = user.HashedPassword.Hash.ToPlainString();
if (new SaltedHash().VerifyHashString(login.Password, savedHash, savedSalt))
{
HttpContext.Session[Globals.CurrentUser] = user;
if (user is AgencyAdmin || user is Recruiter)
{
if (user is AgencyAdmin)
{
HttpContext.Session[Globals.Agency] = ((AgencyAdmin) user).Agency.Id;
return RedirectToAction("Recruiters", "Admin");
}
if (user is Recruiter)
{
HttpContext.Session[Globals.Agency] = ((Recruiter)user).Agency.Id;
return RedirectToAction("Inbox", "Recruiter");
}
}
// TODO : cookie implementation
//if (login.RememberMe)
}
}
}
return View();
}
public ActionResult Login()
{
var model = new LoginDto();
return View(model);
}
