Пример #1
0
        //[ValidateAntiForgeryToken]
        public ActionResult AdminLogin(string emailAddress, string password)
        {
            try
            {
                var PwdHashing = new PasswordHashing();
                //string username = emailAddress;
                //string passwords = password;
                //int role = 0;
                var chkUser = (from l in db.Users
                               //join r in db.Roles on l.UserRole
                               //equals Convert.ToInt16(r.RoleiD)
                               where l.UserEmail == emailAddress && l.IsDeleted == false && l.IsActivated == true
                               select l).FirstOrDefault();

                if (chkUser != null)
                {
                    try
                    {
                        var decriptPwd = PwdHashing.Decrypt(chkUser.UserPassword);
                        if (chkUser.UserEmail == emailAddress && decriptPwd == password)
                        {
                            Session["username"] = chkUser.UserEmail;
                            Session["password"] = chkUser.UserPassword;
                            Session["userRole"] = chkUser.UserRole;

                            return(RedirectToAction("SecurityQuestion", "SecurityQuestions"));
                        }
                        else
                        {
                            ViewBag.DisplayMessage = "Info";
                            ModelState.AddModelError("", "Email or Password not valid!");
                        }
                    }
                    catch (Exception ex)
                    {
                        ViewBag.DisplayMessage = "Info";
                        ModelState.AddModelError("", "Database Password not encripted! " + ex.Message);
                    }
                }
                else
                {
                    ViewBag.DisplayMessage = "Info";
                    ModelState.AddModelError("", "User does not exist!");
                }
            }
            catch (Exception ex)
            {
                ViewBag.DisplayMessage = "Info";
                ModelState.AddModelError("", "login unsuccessful, please check your network connection!" + ex.Message);
                // return View();
            }
            return(View());
        }
Пример #2
0
        // [ValidateAntiForgeryToken()]
        public ActionResult SecurityQuestion(string securityAnswer)
        {
            try
            {
                var sqtn = Session["username"].ToString();
                var sas  = Session["SA"].ToString();

                var seDecript = PwdHashing.Decrypt(sas);
                if (seDecript.ToLower() == securityAnswer.ToLower())
                {
                    var role = Convert.ToInt16(Session["userrole"].ToString());
                    if (role == 1)
                    {
                        return(RedirectToAction("DashBoard", "Admindefault"));
                    }
                    else if (role == 2)
                    {
                        return(RedirectToAction("DashBoard", "Staff"));
                    }
                    else if (role == 3)
                    {
                        return(RedirectToAction("DashBoard", "Developer"));
                    }
                }
                else
                {
                    ViewBag.DisplayMessage = "Info";
                    ModelState.AddModelError("", "Security Answer not valid!");
                }
            }
            catch (Exception)
            {
                ViewBag.DisplayMessage = "Info";
                ModelState.AddModelError("", "The entered security answer is invalid.");
            }

            return(View());
        }