public GetEmployeeAccessModel GetEmployeeAccess()
{
DALAccess _dalAccess = new DALAccess();
GetEmployeeAccessModel _employeeAccess = new GetEmployeeAccessModel();
_employeeAccess = _dalAccess.GetEmployeeAccess(idno);
_employeeAccess.Roles = GetEmployeeRole();
return _employeeAccess;
}
public ActionResult Login(LoginModel model)
{
try
{
if (ModelState.IsValid)
{
BLLAccess _bllAccess = new BLLAccess();
GetEmployeeAccessModel _employeeAccess = new GetEmployeeAccessModel();
_bllAccess.idno = model.IDNO;
_employeeAccess = _bllAccess.GetEmployeeAccess();
if (_employeeAccess.IsLocked)
{
ModelState.AddModelError("", "Your account is locked. Please contact your System Administrator.");
return View();
}
if (!_bllAccess.VerifyUser(model.Password, _employeeAccess.PasswordHash, _employeeAccess.PasswordSalt))
{
ModelState.AddModelError("", "User and/or password is incorrect.");
return View();
}
string _userData = Newtonsoft.Json.JsonConvert.SerializeObject(_employeeAccess);
System.Web.Security.FormsAuthenticationTicket authTicket = new System.Web.Security.FormsAuthenticationTicket(
1,
_employeeAccess.IDNO,
System.DateTime.Now,
System.DateTime.Now.AddMinutes(15),
false,
_userData);
string encTicket = System.Web.Security.FormsAuthentication.Encrypt(authTicket);
System.Web.HttpCookie faCookie = new System.Web.HttpCookie(System.Web.Security.FormsAuthentication.FormsCookieName,
encTicket);
Response.Cookies.Add(faCookie);
_bllAccess.UpdateLoginCountAndDate(model.IDNO);
return RedirectToAction("Index", "DTR");
}
else
{
return View();
}
}
catch
{
ModelState.AddModelError("", "User and/or password is incorrect.");
return View();
}
}