public ActionResult Login(LoginModel lm)
{
IBusinessAuthentication iba = GenericFactory <Business, IBusinessAuthentication> .GetInstance();
IBusinessBanking ibank = GenericFactory <Business, IBusinessBanking> .GetInstance();
IBusinessLoan iloan = GenericFactory <Business, IBusinessLoan> .GetInstance();
if (ModelState.IsValid)
{
// check if valid user
bool ret = iba.CheckIfValidUser(lm.Username, lm.Password);
if (ret == true)
{
string roles = iba.GetRolesForUser(lm.Username);
// send the pipedelimited roles as an authentication cookie back to the browser
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, lm.Username, DateTime.Now, DateTime.Now.AddMinutes(15), false, roles);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
Response.Cookies.Add(ck);
// ----obtaing checking account number and saving account number for user
long checkingAccountNum = ibank.GetCheckingAccountNumForUser(lm.Username);
long savingAccountNumber = ibank.GetSavingAccountNumForUser(lm.Username);
UserInfo ui = new UserInfo();
ui.CheckingAcccountNumber = checkingAccountNum;
ui.SavingAccountNumber = savingAccountNumber;
ui.Username = lm.Username;
//HttpCookie ckuser = new HttpCookie("UserInfo");
//ckuser["USERDATA"] = ui.LosSerialize();
//Response.Cookies.Add(ckuser);
CookieFacade.USERINFO = ui;
CacheAbstraction cabs = new CacheAbstraction();
cabs.Remove("TRHISTORY" + ":" + checkingAccountNum);
//----------------------------------------------------
string redirectURL = FormsAuthentication.GetRedirectUrl(lm.Username, false);
if (redirectURL == "/default.aspx")
{
redirectURL = "~/home/index";
}
//Response.Redirect(redirectURL);
// causes antiforgery token exception
return(Redirect(redirectURL));
}
ViewBag.Message = "Invalid login..";
}
return(View(lm));
}