public ActionResult LoginUser(string name, string password) { // TODO: DDoS vulnerability. Throttling needs to be added here. if (string.IsNullOrWhiteSpace(name) || string.IsNullOrWhiteSpace(password)) { return(this.Json(new { result = "error", message = StringResource.login_ErrorUserCredentials })); } UserIdentityManager.ResetUser(this.Request, this.Response); var user = this.repository.Login(name, password); if (user == null) { return(this.Json(new { result = "error", message = StringResource.login_ErrorUserCredentials })); } if (!user.IsActivated) { return(this.Json(new { result = "error", message = StringResource.login_ErrorUserNotActivated })); } UserIdentityManager.AddUserSession(this.Response, user); return(this.Json(new { result = "success" })); }
public ActionResult Logoff() { UserIdentityManager.ResetUser(this.Request, this.Response); return(this.RedirectToAction("Index")); }