public ActionResult Login(AuthModel model, string returnUrl)
{
if (User.Identity.IsAuthenticated)
{
return(RedirectToLocal(returnUrl));
}
if (ModelState.IsValid)
{
Guid session;
var success = model.ForceMode
? _membershipEngine.TryForceLogin(model.Email, model.Password, Request.GetClientIP(), out session)
: _membershipEngine.TryLogin(model.Email, model.Password, Request.GetClientIP(), out session);
if (success == LoginResult.Success)
{
_authSavingService.SignIn(model.Email, session);
return(RedirectToLocal(returnUrl));
}
if (success == LoginResult.LoggedInWithAnotherSessionId)
{
model.ForceMode = true;
return(View(model));
}
if (success == LoginResult.InvalidLoginPassword)
{
model.ForceMode = false;
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError(STD_VALIDATION_MSG_KEY, UserMessages.LOGIN_PASSWORD_NOT_FOUND);
return(View(model));
}