// Verify that user exists and password is right
private void ValidateLogInModel(User dbUser, LogInModel logInModel)
{
if (dbUser == null)
{
ModelState.AddModelError("Username", "This username doesn't exist");
}
else
{
try
{
if (!BCrypt.Net.BCrypt.Verify(logInModel.Password, dbUser.Password))
{
ModelState.AddModelError("Password", "Password is wrong!");
}
}
catch (SaltParseException)
{
ModelState.AddModelError("Password", "Password is wrong!");
}
}
}
public ActionResult SignUp(SignUpModel signUpModel)
{
if (ModelState.IsValid)
{
ValidateSignUpModel(signUpModel);
}
if (ModelState.IsValid)
{
User user = new User
{
Email = signUpModel.Email,
First_Name = signUpModel.FirstName,
Last_Name = signUpModel.LastName,
Username = signUpModel.Username,
Password = BCrypt.Net.BCrypt.HashString(signUpModel.Password),
CreationDate = DateTime.Now
};
user.Role.Add(GetContext().Role.FirstOrDefault(r => r.Name == "User"));
if (signUpModel.Username == ConfigurationManager.AppSettings["AdminName"])
{
user.Role.Add(GetContext().Role.FirstOrDefault(r => r.Name == "Admin"));
}
GetContext().User.Add(user);
GetContext().SaveChanges();
user = GetContext().User
.FirstOrDefault(u => u.Username == signUpModel.Username);
Authorize(user);
}
if (Request.IsAjaxRequest()) return PartialView("_SignUp");
if (ModelState.IsValid)
{
return RedirectToAction(HomeController.IndexAction, HomeController.ControllerName,
new { pageNumber = signUpModel.ReturnPageNumber });
}
SaveModelState(ModelState);
return RedirectToAction(SignUpAction, new { returnPageNumber = signUpModel.ReturnPageNumber });
}
private void Authorize(User dbUser)
{
// Create principal
UserPrincipal principal = new UserPrincipal(dbUser.Username, dbUser.Id,
dbUser.Role.Select(r => r.Name).ToArray());
// Save it to this request and session
string principalApplicationKey = Guid.NewGuid().ToString();
UserPrincipal.CurrentPrincipal = principal;
ControllerContext.HttpContext.Application[principalApplicationKey] = principal;
// Set Forms auth cookie
HttpCookie authCookie = GetAuthCookie(principal, principalApplicationKey);
Response.Cookies.Add(authCookie);
}
