//[ValidateAntiForgeryToken] public async Task <ActionResult> Index(LoginModel model, string url) { BL.Login login = new BL.Login(); string ipAddress = Request.UserHostAddress; var user = await UserManager.FindAsync(model.UserName, model.EncryptPassword); var failTimes = login.GetLastHourLoginFailTimes(Request.UserHostAddress); if (user != null) { user.CompanyId = login.GetCompanyId(user.Id); if (failTimes >= 3 && CompareValidationCode(model.ValidationCode)) { ModelState.AddModelError("", ResourceHelper.GetValue("Message_Common_Login_WorngValidationCode")); } else { await UserHelper.SignInAsync(user, false); login.AddValidSuccessHistory(model.UserName, model.EncryptPassword, ipAddress); return(Redirect("~/" + url)); } } else { if (failTimes >= 3 && CompareValidationCode(model.ValidationCode)) { ModelState.AddModelError("", ResourceHelper.GetValue("Message_Common_Login_WorngValidationCode")); } ModelState.AddModelError("", ResourceHelper.GetValue("Message_Common_Login_WorngNameOrPassword")); } SetValidationCode(model, failTimes); login.AddValidFaileHistory(model.UserName, model.EncryptPassword, ipAddress); ViewBag.LoginFailTimes = failTimes + 1; SetValidationCodeToCookie(); return(View("Index", model)); }