public ActionResult Login(string username, string password, string returnUrl)
{
if (string.IsNullOrEmpty(username))
{
username = "******";
}
//Default value that is set if nothing is entered
var user = _securityService.GetSecurityUserByLogin(username, password);
if (user != null)
{
IdentityService.AuthorizeUser(user);
if (!string.IsNullOrEmpty(returnUrl))
{
Response.Redirect(returnUrl);
}
return(RedirectToAction("Index", "Home"));
}
else
{
return(RedirectToAction("Login")); // should be forbidden or unauth
}
}
public RedirectResult Register(RegisterBindingModel model, string ReturnUrl)
{
var securityUser = new SecurityUser
{
Email = model.Email,
UserName = model.Username,
FirstName = model.FirstName,
LastName = model.LastName,
PasswordPlaintext = model.Password,
PasswordPlaintextConfirm = model.ConfirmPassword,
Admin = User.Identity.IsAuthenticated && User.IsInRole("Admin") && model.Admin
};
if (_securityService.CreateUser(securityUser, model.RegistrationCode) && !(User.Identity.IsAuthenticated && User.IsInRole("Admin")))
{
IdentityService.AuthorizeUser(securityUser);
}
return(!string.IsNullOrEmpty(ReturnUrl) ? Redirect(ReturnUrl) : Redirect("/Home/Index"));
}
