public ActionResult Login(LoginViewModel model, string returnUrl) { if (ModelState.IsValid) { try { User user = AuthenticationService.GetUserDetails(model.UserName); if (string.IsNullOrEmpty(user.UserName)) { UserNotFoundException userNotFoundException = new UserNotFoundException(); throw userNotFoundException; } if (user.Password == model.Password) { Session["LoggedInUser"] = user; FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return Redirect(returnUrl); } else { return View("ShowUserDetail", model); } } else { PasswordMismatchException passwordException = new PasswordMismatchException(); passwordException.UserName = user.UserName; throw passwordException; } } catch (UserNotFoundException) { ModelState.AddModelError("UserName", Resources.Global.UserNotFound); } catch (PasswordMismatchException) { ModelState.AddModelError("Password", Resources.Global.InvalidPassword); } catch (Exception) { ViewBag.FatalError = Resources.Global.FatalError; } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } return View(); }
public ActionResult LogOn(LoginViewModel model, string returnUrl) { if (ModelState.IsValid) { if (Membership.ValidateUser(model.UserName, model.Password)) { FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return Redirect(returnUrl); } else { return RedirectToAction("Index", "Home"); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } // If we got this far, something failed, redisplay form return View(model); }