public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid) {
// Attempt to register the user
var user = Service.CheckAuthentication(model.UserName, model.Password, CfHelper.GetRealIp(Request));
if (user == null) {
ModelState.AddModelError("", "Username or password doesn't match");
//TempData.SetErrorMessage("Username or password doesn't match");
} else {
TempData.SetSuccessMessage(string.Format(ViewRes.User.LoginStrings.Welcome, user.Name));
FormsAuthentication.SetAuthCookie(model.UserName, model.KeepLoggedIn);
var redirectUrl = FormsAuthentication.GetRedirectUrl(model.UserName, true);
if (redirectUrl != null)
return Redirect(redirectUrl);
else
return RedirectToAction("Index", "Home");
}
}
return View(model);
}
public ActionResult Login(LoginModel model)
{
if (ModelState.IsValid) {
var host = WebHelper.GetRealHost(Request);
var result = Data.CheckAuthentication(model.UserName, model.Password, host, true);
if (!result.IsOk) {
ModelState.AddModelError("", ViewRes.User.LoginStrings.WrongPassword);
if (result.Error == LoginError.AccountPoisoned)
MvcApplication.BannedIPs.Add(host);
} else {
var user = result.User;
TempData.SetSuccessMessage(string.Format(ViewRes.User.LoginStrings.Welcome, user.Name));
FormsAuthentication.SetAuthCookie(user.Name, model.KeepLoggedIn);
var redirectUrl = FormsAuthentication.GetRedirectUrl(model.UserName, true);
string targetUrl;
// TODO: should not allow redirection to URLs outside the site
if (!string.IsNullOrEmpty(model.ReturnUrl)) {
targetUrl = model.ReturnUrl;
} else if (!string.IsNullOrEmpty(redirectUrl))
targetUrl = redirectUrl;
else
targetUrl = Url.Action("Index", "Home");
if (model.ReturnToMainSite)
targetUrl = VocaUriBuilder.AbsoluteFromUnknown(targetUrl, preserveAbsolute: true, ssl: false);
return Redirect(targetUrl);
}
}
if (model.ReturnToMainSite) {
SaveErrorsToTempData();
return Redirect(VocaUriBuilder.Absolute(Url.Action("Login", new { model.ReturnUrl, model.SecureLogin }), false));
}
return View(model);
}
