public ActionResult Logon(AccountViewModel accountModel)
{
if (!ModelState.IsValid)
{
ShowError("Please provide your username and password!");
MergeModelState();
return RedirectToAction("Logon");
}
var userItem = _userRepository.GetOne(u => u.Email == accountModel.Username);
if (!AuthorizeUser(accountModel, userItem))
{
ShowError("Invalid username or password");
MergeModelState();
return RedirectToAction("Logon");
}
return RedirectToAction("Index", "Home");
}
private static bool AuthorizeUser(AccountViewModel accountModel, User user)
{
if (user != null && PasswordHash.ValidatePassword(accountModel.Password, user.Password, user.Salt))
{
FormsAuthentication.SetAuthCookie(accountModel.Username, accountModel.Remember);
return true;
}
return false;
}
