protected void LoginMe(object sender, EventArgs e)
{
resetFeedback();
string email = tb_email.Text.Trim();
string pwd = tb_password.Text.Trim();
if (!UserUtils.Exist(email))
{
showFeedback("Invalid email or password. Try again.");
return;
}
if (UserUtils.IsAccountDisabled(email))
{
showFeedback("Account is disabled.");
return;
}
if (!UserUtils.Authenticate(email, pwd))
{
UserUtils.AddFailedAuthAttempt(email);
showFeedback("Invalid email or password. Try again.");
return;
}
// success
Session["Email"] = email;
string guid = Guid.NewGuid().ToString();
Session["AuthToken"] = guid;
Response.Cookies.Add(new HttpCookie("AuthToken", guid));
Response.Redirect("~/Home.aspx");
}