public ActionResult DoLogin(LoginModel model)
{
if (!string.IsNullOrWhiteSpace(model.Username) && !string.IsNullOrWhiteSpace(model.Password))
{
var username = model.Username.Trim().StripHtml();
var password = model.Password.Trim().StripHtml();
var user = UserRepository.Get(username);
var verifiedPassword = HashUtility.CheckPassword(password, user.Password);
if (user != null && verifiedPassword)
{
SessionHandler.User = user;
SessionHandler.IsAuthenticated = true;
SessionHandler.FailedLogin = false;
}
else
{
SessionHandler.IsAuthenticated = false;
SessionHandler.FailedLogin = true;
}
}
return(Redirect(Request.UrlReferrer.ToString()));
}
