//[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (model.UserName.Contains("@") && WebSecurity.Login(model.UserName, model.Password))
{
model.ProfileUser = model.UserName;
return(DoLogin(model));
}
if (authBL.CheckLogin(Convert.ToInt32(model.ELT_account_number), model.UserName, model.Password))
{
var profile_user = string.Format(COMMON.AppConstants.PROFILE_USER, model.UserName, model.ELT_account_number);
if (!authBL.CheckProfileExist(Convert.ToInt32(model.ELT_account_number), profile_user))
{
WebSecurity.CreateUserAndAccount(profile_user, "1234");
authBL.UpdateProfileEltAccount(Convert.ToInt32(model.ELT_account_number), profile_user);
}
model.ProfileUser = profile_user;
WebSecurity.Login(profile_user, "1234");
return(DoLogin(model));
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return(View(model));
}