public ActionResult Login(string username, string password)
{
try
{
UsersBL uBL = new UsersBL();
//if user & pass are valid an Auth ticket will be created for this user and will be redircted to the index.
if (uBL.Login(username, password))
{
//checks if user is blocked.
if (uBL.IsUserBlocked(username) && uBL.NumOfAttemps(username) >= 3)
{
throw new CustomException("This Account is Blocked!");
}
else
{
if (uBL.NumOfAttemps(username) < 3)
{
uBL.ResetAttemps(username);
FormsAuthentication.SetAuthCookie(username, true);
Logger.Log(username, Request.Path, "Successfully logged in");
return(RedirectToAction("index", "Tracks")); //method and controller names
}
return(View());
}
}
else
{
//Manual validation.
if (username == "")
{
TempData["errormessage"] = "Please Enter Username";
return(View());
}
else if (password == "")
{
TempData["errormessage"] = "Please Enter Password";
return(View());
}
//if user available in DB
User UserAvailableInDB = uBL.GetUser(username);
if (UserAvailableInDB != null) //user available in db
{
uBL.IncreaseAttemps(username);
if (uBL.NumOfAttemps(username) >= 3)
{
uBL.BlockUser(username);
Logger.Log(username, Request.Path, "This Account is Blocked!");
throw new CustomException("This Account is Blocked!");
}
throw new CustomException("Login failed");
//TempData["errormessage"] = "login failed";
//return View();
}
throw new CustomException("Invalid credentials");
}
}
catch (CustomException ex)
{
TempData["errormessage"] = ex.Message;
return(View());
}
catch (Exception ex)
{
TempData["errormessage"] = ex.Message;
return(View());
}
}