public ActionResult Index(Login login, Captcha captcha) { //Validate on "hack". if (login == null) { if (Request.IsAjaxRequest()) { return Content("Incorrect user name or password."); } } //Check captcha result. if (captcha == null || Session["Captcha"] == null || Session["Captcha"].ToString() != captcha.CaptchaResult) { ModelState.AddModelError("Captcha", "Wrong value of sum, please try again."); //display error and generate a new captcha return View(); } //Check user details. if (LoginHelpers.IsExist(login)) { //try to get user data from the DB. var user = LoginHelpers.GetUser(login); //If this user is exist, then marked the user as authenticated. if (user != null && user.Client != null) { string userName = String.Format("{0} {1}", user.Client.FirstName, user.Client.LastName); FormsAuthentication.SetAuthCookie(userName, true); Session.Add("user", user); if (string.IsNullOrEmpty(user.Client.Keyword)) { return View("SetKeyword", user.Client); } if (user.Group.GroupName.Equals("Admin")) { Session.Add("Role", "Admin"); return RedirectToAction("Index", "Admin"); } return RedirectToAction("Index", "Account"); } } else { ViewBag.Message = "Login name or password is incorrect!"; ModelState.AddModelError("login", "Login name or password is incorrect!"); } if (Request.IsAjaxRequest()) { return Content("Incorrect user name or password. Please try again."); } return View(); }
public ActionResult Index(Login login, Captcha captcha) { //Validate on "hack". if (login == null) { ViewBag.Message = "Incorrect login name or password. Access denied."; if (Request.IsAjaxRequest()) { return Content("Incorrect user name or password."); } } //Check user details. if (LoginHelpers.IsExist(login)) { //try to get user data from the DB. var user = LoginHelpers.GetUser(login); //If this user is exist, then marked the user as authenticated. if (user != null && user.Client != null && user.Group != null && user.Group.GroupName.Equals("Admin")) { string userName = String.Format("{0} {1}", user.Client.FirstName, user.Client.LastName); FormsAuthentication.SetAuthCookie(userName, false); Session.Add("Role", "Admin"); return RedirectToAction("Index", "AdminAccount"); } } else ViewBag.Message = "Incorrect login name or password. Access denied."; if (Request.IsAjaxRequest()) { return Content("Incorrect user name or password. Please try again."); } return View(); }