public ActionResult Login(Account account)
{
if(ModelState.IsValid)
if(IsVaildUser(account)){
FormsAuthentication.SetAuthCookie(account.Username, false);
/* error checking for login credentials */
if(string.IsNullOrEmpty(Request["ReturnUrl"]))
return RedirectToAction("Index", "Home");
else
return Redirect(Request["ReturnUrl"]);
}else
ModelState.AddModelError("message", "Invalid username or password");
return View(account);
}
/* checking for valid input */
private bool IsVaildUser(Account account)
{
if(db.Database.Connection.State!= ConnectionState.Open)
db.Database.Connection.Open();
var user= db.Accounts.FirstOrDefault(u=> u.Username.Equals(account.Username));
if(user!= null)
if(user.Password== account.Password)
return true;
return false;
}