public ActionResult Login(string username, string password)
{
bool validLogin = StoredProcs.Authors_ValidateLogin(username, password).Execute().Value;
if (validLogin)
{
var author = AuthorModel.GetAuthorBySlug(username);
var principal = new AuthorPrincipal(author);
var userData = JsonConvert.SerializeObject(principal.ToSerializableModel());
var expiresDate = DateTime.Now.AddMinutes(30);
var authTicket = new FormsAuthenticationTicket(1, author.Slug, DateTime.Now, expiresDate, false, userData);
string encTicket = FormsAuthentication.Encrypt(authTicket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)
{
HttpOnly = true,
Expires = expiresDate,
Path = FormsAuthentication.FormsCookiePath
};
this.Response.Cookies.Add(cookie);
var cookieIsAdmin = new HttpCookie("IS_ADMIN", "1")
{
HttpOnly = false,
Expires = expiresDate,
Path = FormsAuthentication.FormsCookiePath
};
this.Response.Cookies.Add(cookieIsAdmin);
return(new RedirectResult(FormsAuthentication.GetRedirectUrl(author.Slug, false)));
}
return(View());
}
