public ActionResult Login(LoginModel model)
        {
            using (DocCommanderEntities db = new DocCommanderEntities())
            {
                //Get configured values and get the users this template is for an intranet application.
                //Note AdminLoginOnlyallowed is commented out as
                //bool AdminLoginOnlyAllowed = bool.Parse(System.Configuration.ConfigurationManager.AppSettings["AdminLoginOnlyAllowed"]);
                int     maxBadLogins = int.Parse(System.Configuration.ConfigurationManager.AppSettings["MaxBadLogins"]);
                Account acc          = AccountRepos.Get(model.UserName);

                //Trap errors
                if (acc == null)
                {
                    ModelState.AddModelError("", "Your username or password is not correct.");
                }

                if (!(bool)acc.IsEnabled)
                {
                    ModelState.AddModelError("", "Your account is not enabled. Please contact your site administrator.");
                }

                //if(AdminLoginOnlyAllowed && !User.IsInRole("Admin"))
                //ModelState.AddModelError("", "This website is being maintained. Normal service will resume shortly.");

                //check details submitted
                if (ModelState.IsValid)
                {
                    if (WebSecurity.IsConfirmed(model.UserName))
                    {
                        if (WebSecurity.Login(acc.UserName, model.Password, persistCookie: model.RememberMe))
                        {
                            //use the Enable function to reset the numBad Logins to 0;
                            AccountRepos.Enable(acc.UserName);
                            return(RedirectToAction("Dashboard", "Account"));
                        }
                        else
                        {
                            ModelState.AddModelError("", "Your username or password is not correct");
                            AccountRepos.AddBadLogin(model.UserName);
                            RedirectToAction("SendNotifyFailedLoginEmail", "Email", new { username = model.UserName });
                            if (maxBadLogins > 0 && AccountRepos.GetNumBadLogins(acc.AccountId) > maxBadLogins)
                            {
                                AccountRepos.Disable(acc.UserName);
                            }
                        }
                    }
                    else
                    {
                        ModelState.AddModelError("", "Your account is not activated. Please Check Your email and activate your account.");
                    }
                }
            }
            return(View(model));
        }
 public ActionResult ChangePassword(ChangePasswordModel model)
 {
     if (ModelState.IsValid)
     {
         bool security = WebSecurity.ResetPassword(model.Token, model.NewPassword);
         if (security)
         {
             AccountRepos.Enable(model.UserName);
         }
         return(RedirectToAction("ChangePasswordSuccess"));
     }
     return(View(model));
 }
        public ActionResult ConfirmAccount()
        {
            //get values from request, verify and activate account.
            string username = Request.QueryString["u"];
            string token    = Request.QueryString["t"];
            bool   success  = WebSecurity.ConfirmAccount(username, token);

            if (success)
            {
                AccountRepos.Enable(username);
                return(RedirectToAction("ConfirmationSuccess"));
            }
            ViewBag.ErrorMessage("We could not confirm your account. The confirmation token is nonly valid for 24Hours. please click here to request another confirmation email.");
            return(View("Error"));
        }