public ActionResult LogOn(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { if (userRepository.UserExists(model.UserName) && userRepository.CheckPassword(model.UserName, model.Password)) { //set cookie FormsAuthentication.SetAuthCookie(model.UserName, false); user user = userRepository.GetByUsername(model.UserName); if (!user.is_active) { return RedirectToAction("Error", "Home", new { msg = "Account not activated..." }); } if (user.is_admin) { Session.Add("role", "Admin"); } else { Session.Add("role", "User"); } return RedirectToAction("Index", "Home"); } } ViewBag.msg = "Wrong credentials. Please try again."; return View(model); }
public ActionResult LogOn(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { if (Membership.ValidateUser(model.UserName, model.Password)) { FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return Redirect(returnUrl); } else { return RedirectToAction("Index", "Home"); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } // If we got this far, something failed, redisplay form return View(model); }