public ActionResult Login(LoginModel model) { // clears the errors from the model model.ClearToaster(); // checks if the user passed in their login data if (!String.IsNullOrEmpty(model.UsernameOrEmail) && !String.IsNullOrEmpty(model.Password)) { using (var e = new EntityContext()) // db context { //check username and password from database CachedUser cachedUser = null; var isEmail = CredentialsHelper.IsEmailValid(model.UsernameOrEmail); if (isEmail) // is an email { cachedUser = Authorize.CredentialsByEmail(model.UsernameOrEmail, model.Password, e); } else // is username { cachedUser = Authorize.CredentialsByUsername(model.UsernameOrEmail, model.Password, e); } if (cachedUser != null) { //if username and password is correct, create session and return Success SessionHelper.SetSessionUser(cachedUser); FormsAuthentication.SetAuthCookie(cachedUser.Username, true); // goes to home screen or previous screen FormsAuthentication.RedirectFromLoginPage(cachedUser.Username, true); } // check if we can give any more detail to errors var errors = Authorize.GetAuthorizeErrors(); if (!errors.Any()) // if no errors, throw unknown error { model.AddError(LoginErrors.UnknownError); } // if the user does not have the right username and password, don't give any more info else if (errors.Contains(Authorize.AuthorizeErrorsEnum.PasswordNotVerified) || errors.Contains(Authorize.AuthorizeErrorsEnum.NoLoginData)) { model.AddError(LoginErrors.InvalidUsernameOrPassword); } else // checks to see if we can find another issue { if (errors.Contains(Authorize.AuthorizeErrorsEnum.EmailNotConfirmed)) { model.AddError(LoginErrors.EmailNotConfirmed); } if (errors.Contains(Authorize.AuthorizeErrorsEnum.LoginSuspended)) { model.AddError(LoginErrors.Suspended); } } } } else { // throws a EmptyUsernameOrPassword error model.AddError(GlobalErrors.EmptyFields); } // if we got here there was an error return(View(model)); }