public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe))
{
UserBusinessLayer ubl = new UserBusinessLayer();
UserProfile user = ubl.GetUserByUserName(model.UserName);
System.Diagnostics.Debug.Write(ubl.GetUserStatus(user));
Session["Permission"] = ubl.GetUserStatus(user);
return(RedirectToLocal(returnUrl));
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return(View(model));
}
public ActionResult DoLogin(FormCollection form)
{
if (ModelState.IsValid)
{
UserBusinessLayer userBusiness = new UserBusinessLayer();
var userName = form["UserName"].ToString();
var passWord = form["Password"].ToString();
passWord = Encryptor.MD5Hash(passWord);
UserStatus userStatus = userBusiness.GetUserStatus(userName, passWord);
bool IsAdmin = false;
if (userStatus == UserStatus.AuthenticatedAdmin)
{
IsAdmin = true;
}
else if (userStatus == UserStatus.AuthenticatedUser)
{
IsAdmin = false;
}
else
{
ModelState.AddModelError("CredentialError", "User name hoặc Password không hợp lệ.");
return(View("Login"));
}
FormsAuthentication.SetAuthCookie(userName, false);
Session["UserName"] = userName;
Session["IsAdmin"] = IsAdmin;
if (IsAdmin == true)
{
return(RedirectToAction("Index", "UserDetails"));
}
else
{
return(RedirectToAction("Index", "HoSoBenhNhans"));
}
}
return(View("Login"));
}
