public ActionResult Login(LoginViewModel model, string returnUrl)
{
if (ModelState.IsValid)
{
var user = Context.Users.Where(
u => u.Username.ToUpper() == model.Username.ToUpper()
&& u.Password == model.Password)
.FirstOrDefault();
if (user != null)
{
var roles = user.Roles.Select(m => m.RoleName).ToArray();
CustomPrincipalSerializeModel serializeModel = new CustomPrincipalSerializeModel();
serializeModel.UserId = user.UserId;
serializeModel.UserName = user.Username;
serializeModel.roles = roles;
string userData = JsonConvert.SerializeObject(serializeModel);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1,
user.Username,
DateTime.Now,
DateTime.Now.AddMinutes(15),
false,
userData);
string encTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
Response.Cookies.Add(faCookie);
if (roles.Contains("Admin"))
{
return RedirectToAction("Index", "Admin");
}
else
{
if (returnUrl == null)
return RedirectToAction("Index", "Books");
try
{
return Redirect(returnUrl);
}
catch
{
return RedirectToAction("Index", "Books");
}
}
}
ModelState.AddModelError("", "Incorrect username and/or password");
}
return View(model);
}