public ActionResult Login(LoginViewModel model, string returnUrl)
{
if (ModelState.IsValid)
{
var user = db.UserSys
.Where(u => u.Email == model.Email).SingleOrDefault();
// check user password
if (user != null && PasswordSecurity.IsPasswordMatch(user.Password, user.Salt, model.Password))
{
UserRole userRole = db.UserRole.SingleOrDefault(r => r.Id == user.UserRoleId);
this.Session.Add("UserId", user.Id);
if (userRole.IsAdmin)
{
this.Session.Add("IsUserAdmin", 1);
}
else
{
this.Session["IsUserAdmin"] = null;
}
FormsAuthentication.SetAuthCookie(model.Email, false);
return(RedirectToAction("List", "Customer"));
}
else
{
ModelState.AddModelError("", "The e-mail and/or password entered is invalid. Please Try again.");
}
}
return(View(model));
}
