public ActionResult LogOn(LogOnModel model, string returnUrl)
{
CodeFirstMembershipProvider provider = new CodeFirstMembershipProvider();
if (ModelState.IsValid)
{
if (provider.ExtendedValidateUser(model.UserName.ToString(), model.Password.ToString()))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") &&
!returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return(Redirect(returnUrl));
}
else
{
return(RedirectToAction("Index", "Home"));
}
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}