public ActionResult LogOn(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
var user = db.Users.Where(u => u.Username.Equals(model.UserName,StringComparison.CurrentCultureIgnoreCase)&&u.Password==model.Password).FirstOrDefault();
if (user != null)
{
UserIdentity serializeModel = new UserIdentity(model.UserName,model.Password);
JavaScriptSerializer serializer = new JavaScriptSerializer();
string userData = serializer.Serialize(serializeModel);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1,
model.UserName,
DateTime.Now,
DateTime.Now.AddMinutes(15),
false,
userData);
string encTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
Response.Cookies.Add(faCookie);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
public UserPrincipal(string username)
{
_Identity = new UserIdentity(username);
}
public UserPrincipal(string username, string password)
{
_Identity = new UserIdentity(username, password);
}
