public bool Login(string login, string password)
{
User user = null;
// Check if the provided user is found in the database. If not tell the user that the user account provided
// does not exist in the database.
try
{
user = _userRepository.GetUser(login);
}
catch (Exception ex)
{
throw new ApplicationException("The requested user could not be found.", ex);
}
// Fianlly check if the passwords match
if (user == null) return false;
if (user.Password == password)
{
//Add the current Identity and Principal to the current thread.
var identity = new UserIndentity(login);
IPrincipal principal = new UserProvider(identity);
Thread.CurrentPrincipal = principal;
return true;
}
else
{
return false;
}
}
public UserProvider(UserIndentity userIdentity)
{
UserIdentity = userIdentity;
}