public HttpResponseMessage Login(LoginModel model) { var dbUser = _db.Users.SingleOrDefault(u => u.UserName == model.UserName); if (dbUser != null) { var passwordHash = _encryptionService.CreateHash(model.Password, dbUser.Salt); if (passwordHash == dbUser.PasswordHash) { var response = new LoginResponseViewModel { IsAuthenticated = true, Username = dbUser.UserName, Role = dbUser.UserRole }; return Success(response); } return Error("Invalid credentials"); } return Error("Invalid credentials"); }
public ActionResult Login(LoginModel model, string returnUrl) { if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe)) { return RedirectToLocal(returnUrl); } // If we got this far, something failed, redisplay form ModelState.AddModelError("", "The user name or password provided is incorrect."); return View(model); }