Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [HttpPost]
- public ActionResult Login(Models.Logins user)
- {
- if (ModelState.IsValid)
- {
- if (user.IsValid(user.Username, user.Password))
- {
- FormsAuthentication.SetAuthCookie(user.Username, user.RememberMe);
- return RedirectToAction("Index", "Home");
- }
- else
- {
- ModelState.AddModelError("", "Login gegevens kloppen niet!");
- }
- }
- return View(user);
- }
- using System;
- using System.Collections.Generic;
- using System.ComponentModel.DataAnnotations;
- using System.Data;
- using System.Data.Entity;
- using System.Data.SqlClient;
- using System.Linq;
- using System.Web;
- namespace RTApplicatie.Models
- {
- public class Logins
- {
- [Required]
- public int ID { get; set; }
- [Required]
- [Display(Name = "User name")]
- public string Username { get; set; }
- [Required]
- [DataType(DataType.Password)]
- [Display(Name = "Password")]
- public string Password { get; set; }
- [Display(Name = "Remember on this computer")]
- public bool RememberMe { get; set; }
- [Required]
- public bool Rights { get; set; }
- /// <summary>
- /// Checks if user with given password exists in the database
- /// </summary>
- /// <param name="_username">User name</param>
- /// <param name="_password">User password</param>
- /// <returns>True if user exist and password is correct</returns>
- public bool IsValid(string _username, string _password)
- {
- using (var cn = new SqlConnection(@"Data Source=(localdb)MSSQLLocalDB;"))
- {
- string _sql = @"SELECT [Username] FROM [dbo].[System_Users] " +
- @"WHERE [Username] = @u AND [Password] = @p";
- var cmd = new SqlCommand(_sql, cn);
- cmd.Parameters
- .Add(new SqlParameter("@u", SqlDbType.NVarChar))
- .Value = _username;
- cmd.Parameters
- .Add(new SqlParameter("@p", SqlDbType.NVarChar))
- .Value = Helpers.SHA1.Encode(_password);
- cn.Open();
- var reader = cmd.ExecuteReader();
- if (reader.HasRows)
- {
- reader.Dispose();
- cmd.Dispose();
- return true;
- }
- else
- {
- reader.Dispose();
- cmd.Dispose();
- return false;
- }
- }
- }
- }
- public class RekenContext : DbContext
- {
- public DbSet<Logins> RTApplicatie { get; set; }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement