public ActionResult Login(Customer customerToLogin, string returnUrl)
{
_logger.InfoFormat("Login : email [{0}].", customerToLogin.Email);
//TODO also check if admin email isn't reserved
var foundCustomer = _customerAccountService.LoginCustomer(customerToLogin);
if (foundCustomer != null)
{
log4net.GlobalContext.Properties["user"] = foundCustomer.Email;
log4net.GlobalContext.Properties["role"] = "User";
_logger.InfoFormat("Login : email [{0}] was successful.", foundCustomer.Email);
FormsAuthentication.SetAuthCookie("c" + foundCustomer.Email, false);
Session["AccountId"] = foundCustomer.Id;
Session["AccountEmail"] = foundCustomer.Email;
Session["IsAdminAccount"] = false;
if (returnUrl == null || returnUrl == string.Empty)
{
return(RedirectToAction("Index", "Store"));
}
return(Redirect(returnUrl));
}
_logger.InfoFormat("Login : email [{0}] was unsuccessful.", customerToLogin.Email);
ModelState.AddModelError("", "Wrong email or password");
return(View(foundCustomer));
}