public ActionResult Login(UserLoginValidation login, string ReturnUrl = "") { string message = ""; var account = db.Users.Where(attribute => attribute.Email == login.Email).FirstOrDefault(); if (account != null) { if (!account.IsEmailVerified) { ViewBag.Message = "Please verify your email first"; return(View()); } if (string.Compare(Crypto.Hash(login.Password), account.Password) == 0) { int timeout = login.RememberMe ? 525600 : 20; //1 year var ticket = new FormsAuthenticationTicket(account.UserID.ToString(), login.RememberMe, timeout); string encrypted = FormsAuthentication.Encrypt(ticket); globalUID = Int32.Parse(ticket.Name); var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted); cookie.Expires = DateTime.Now.AddMinutes(timeout); cookie.HttpOnly = true; Response.Cookies.Add(cookie); if (Url.IsLocalUrl(ReturnUrl)) { return(Redirect(ReturnUrl)); } else { return(RedirectToAction("Index", "Contacts")); } } else { message = "Invalid data provided"; } } else { message = "Invalid Credentials provided"; } ViewBag.Message = message; ViewBag.Session = globalUID; return(View()); }
public ActionResult Login(UserLoginValidation user, string returnUrl) { UserInfo info; if (ModelState.IsValid) { using (UsersData db = new UsersData()) { //check if the user name and password match if (db.VerifyUser(user.Password, user.Name, out info)) { Session.SetUserData(info); return(Redirect(string.IsNullOrEmpty(returnUrl) ? "~" : returnUrl)); } } } user.Error = "Invalid User Name Or Password"; return(View(user)); }