public ActionResult Create(UserModel model)
        {
            if (ModelState.IsValid)
            {
                bool badName, badEmail;
                var user = MembershipService.CreateAccount(model.Name, model.Nickname, model.Password, model.Email, model.Description, out badName, out badEmail);
                if (user != null)
                {
                    if (Token != null)
                    {
                        return RedirectToAction("Detail", "Account", new { name = user.Name });
                    }
                    var auth = MembershipService.CreateAuthorization(user.ID, Token.AuthorizationExpires, Request.UserHostAddress);
                    Token = new Token(auth.AuthCode, user.ID, user.Name, user.Nickname, user.IsSystemAdministrator);
                    return RedirectToStartPage();
                }
                if (badName)
                    ModelState.AddModelError("Name", SR.Account_AccountAlreadyExists);
                if (badEmail)
                    ModelState.AddModelError("Email", SR.Account_EmailAlreadyExists);
            }

            return View(model);
        }
        public ActionResult Login(LoginModel model, string returnUrl)
        {
            var user = MembershipService.Login(model.ID, model.Password);
            if (user != null)
            {
                var auth = MembershipService.CreateAuthorization(user.ID, Token.AuthorizationExpires, Request.UserHostAddress);
                Token = new Token(auth.AuthCode, user.ID, user.Name, user.Nickname, user.IsSystemAdministrator);

                return RedirectToStartPage(returnUrl);
            }

            ModelState.AddModelError("", SR.Account_LoginFailed);
            ViewBag.ReturnUrl = returnUrl;
            return View(model);
        }
        protected override void OnAuthorization(AuthorizationContext filterContext)
        {
            try
            {
                var cookie = Request.Cookies[AuthKey];
                if (cookie != null)
                {
                    var bytes = Convert.FromBase64String(cookie.Value);
                    var guid = new Guid(bytes);
                    var token = GetCachedToken(guid.ToString())
                        ?? MembershipService.GetToken(guid);

                    if (token != null
                        && !token.Expired
                        && (token.RenewIfNeed() || token.LastIp != Request.UserHostAddress))
                    {
                        token.LastIp = Request.UserHostAddress;
                        MembershipService.UpdateAuthorization(token.AuthCode, token.Expires, token.LastIp);
                    }
                    // else // DO NOT set token = null here

                    Token = token;
                }
            }
            catch
            {
                Token = null;
            }

            base.OnAuthorization(filterContext);
        }
        public ActionResult Change(ChangePasswordModel model, string name)
        {
            if (string.IsNullOrEmpty(name))
                name = Token.Username;

            var isAdmin = Token.IsSystemAdministrator
                && !string.Equals(name, Token.Username, StringComparison.OrdinalIgnoreCase);
            if (ModelState.IsValid)
            {
                var user = MembershipService.Login(isAdmin ? Token.Username : name, model.OldPassword);
                if (user != null)
                {
                    MembershipService.SetPassword(name, model.NewPassword);
                    if (!isAdmin)
                    {
                        var auth = MembershipService.CreateAuthorization(user.ID, Token.AuthorizationExpires, Request.UserHostAddress);
                        Token = new Token(auth.AuthCode, user.ID, user.Name, user.Nickname, user.IsSystemAdministrator);
                    }

                    return RedirectToAction("Detail", "Account", new { name });
                }
                ModelState.AddModelError("OldPassword", SR.Account_OldPasswordError);
            }
            return View(model);
        }
 private void CacheToken(Token token)
 {
     if (token != null)
         HttpRuntime.Cache.Insert(token.AuthCode.ToString(), token, null, token.Expires, Cache.NoSlidingExpiration);
 }