public ActionResult LogOn(User user, string returnUrl)
{
if (ModelState.IsValid)
{
// VERY SIMPLE user validation!
var userInDb = Session.QueryOver<User>()
.Where(x => x.LoginName == user.LoginName)
.And(x => x.Password == user.Password)
.SingleOrDefault();
if (userInDb != null)
{
FormsAuthentication.SetAuthCookie(user.LoginName, true);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
return View(user);
}
public static Project CreateProject(string name, DateTime startDate, DateTime? endDate, User owner, IEnumerable<User> participants)
{
var project = new Project
{
Name = name,
StartDate = startDate,
EndDate = endDate,
Owner = owner,
};
foreach (var participant in participants)
{
project.Participants.Add(participant);
}
return project;
}
