public ActionResult Index(LoginForm form)
{
ActionResult view = View(new LoginForm());
Validator<LoginForm> validator = new Validator<LoginForm>(form);
form.ErrorMessage = "Username or password is invalid.";
if (validator.IsValid())
{
form.ErrorMessage = ValidateUser(form, (Request.UrlReferrer != null ? Request.UrlReferrer.AbsolutePath : string.Empty));
view = View("index", form);
}
return view;
}
/// <summary>
/// Validates the user.
/// </summary>
/// <param name="form">The form.</param>
/// <param name="referer">The referer.</param>
/// <returns></returns>
private string ValidateUser(LoginForm form, string referer)
{
string errorMessage;
if (!string.IsNullOrEmpty(form.Username) && !string.IsNullOrEmpty(form.Password))
{
errorMessage = RedirectSuccessfulLoginOrRetrievesErrorMessage(form, referer);
}
else
{
errorMessage = "Both a username and a password are required to login.";
}
return errorMessage;
}
/// <summary>
/// Redirects the successful login or retrieves error message.
/// </summary>
/// <param name="form">The form.</param>
/// <param name="referer">The referer.</param>
/// <returns></returns>
private string RedirectSuccessfulLoginOrRetrievesErrorMessage(LoginForm form, string referer)
{
string errorMessage = string.Empty;
if (_userAuthentication.IsValid(form.Username, form.EncryptedPassword))
{
string path = GetUrlForAuthenticatedUser(form.Username, referer);
_userSession.Login(_userAuthentication.User, form.RememberMe, path);
}
else
{
errorMessage = "Invalid username or password.";
}
return errorMessage;
}
