public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
var user = UserRepository.GetByUserName(model.UserName);
if (user != null)
{
if (ValidateUser(user, model))
{
//Proceed
FormsAuthentication.SetAuthCookie(user.UserName, false);
return RedirectToAction("Index", "Home");
}
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return View(model);
}
private bool ValidateUser(User user, LoginModel model)
{
return PasswordHash.ValidatePassword(model.Password, user.Password);
}
