public HttpResponseMessage Login(LoginModel model)
{
var dbUser = _db.Users.SingleOrDefault(u => u.UserName == model.UserName);
if (dbUser != null)
{
var passwordHash = _encryptionService.CreateHash(model.Password, dbUser.Salt);
if (passwordHash == dbUser.PasswordHash)
{
var response = new LoginResponseViewModel
{
IsAuthenticated = true,
Username = dbUser.UserName,
Role = dbUser.UserRole
};
return Success(response);
}
return Error("Invalid credentials");
}
return Error("Invalid credentials");
}
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe))
{
return RedirectToLocal(returnUrl);
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return View(model);
}