private void CreateAuthCookie(string login) { var userRoles = new SecurityContext().GetUserRoler(login); var authTicket = new FormsAuthenticationTicket( 1, login, DateTime.Now, DateTime.Now.AddMinutes(20), true, userRoles); string encryptedTicket = FormsAuthentication.Encrypt(authTicket); var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); Response.Cookies.Set(authCookie); }
public ActionResult Login(LoginModel model, string returnUrl) { if (ModelState.IsValid) { var validUser = new SecurityContext().ValidateUser(model.UserName, model.Password); if (validUser) { CreateAuthCookie(model.UserName); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return Redirect(returnUrl); } return RedirectToAction("Index", "Home"); } } return View(model); }