private void CreateAuthCookie(string login)
{
var userRoles = new SecurityContext().GetUserRoler(login);
var authTicket = new FormsAuthenticationTicket(
1,
login,
DateTime.Now,
DateTime.Now.AddMinutes(20),
true,
userRoles);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
Response.Cookies.Set(authCookie);
}
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
var validUser = new SecurityContext().ValidateUser(model.UserName, model.Password);
if (validUser)
{
CreateAuthCookie(model.UserName);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
return RedirectToAction("Index", "Home");
}
}
return View(model);
}
