public virtual ActionResult LogOn(LogOnViewModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (_logOnService.LogOn(model.UserName, model.Password, model.RememberMe))
{
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") &&
!returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) return Redirect(returnUrl);
return RedirectToAction("Index", "Home");
}
var user = _userService.GetUserByUserName(model.UserName);
if (user == null) ModelState.AddModelError("", "The user name or password provided is incorrect.");
else
{
if (!user.IsApproved) ModelState.AddModelError("", "Your account has not been approved yet.");
else if (user.IsLockedOut) ModelState.AddModelError("", "Your account is currently locked.");
else ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
// If we got this far, something failed, redisplay form
return RedirectToAction("LogOn");
}
public virtual ActionResult LogOn()
{
var viewModel = new LogOnViewModel {EnablePasswordReset = _userService.Settings.EnablePasswordReset};
return View(viewModel);
}