public ActionResult Login(LoginViewModel vm)
{
if (ModelState.IsValid)
{
if (UserPassword.ValidateUser(vm.UserName, vm.Password, Db))
{
Authentication auth = new Authentication();
OsbideUser user = Db.Users.Where(u => u.Email.CompareTo(vm.UserName) == 0).FirstOrDefault();
if (user != null)
{
auth.LogIn(user);
//did the user come from somewhere?
if (string.IsNullOrEmpty(vm.ReturnUrl) == false)
{
Response.Redirect(vm.ReturnUrl);
}
return(RedirectToAction("Index", "Profile"));
}
}
}
//if we got this far, must've had a bad user name or password
ModelState.AddModelError("", "Invalid email or password.");
return(View());
}