JordanRift.Grassroots.Web.Controllers.AccountController.ValidateLogon C# (CSharp) Method

        private ActionResult ValidateLogon(UserProfile userProfile, LogOnModel model, string url, ref int failedLogins, ref bool mustResetPassword)
        {
            if (userProfile == null)
            {
                TempData["UserFeedback"] = "We couldn't find you in our system yet. Fill out the form below to create your profile.";
                return RedirectToAction("Register", "Account", new { returnUrl = url });
            }

            if (!userProfile.IsActivated)
            {
                return RedirectToAction("AwaitingActivation", "Account", new { returnUrl = url });
            }

            User user = userProfile.Users.FirstOrDefault();

            if (user != null)
            {
                failedLogins = user.FailedLoginAttempts;
                mustResetPassword = user.ForcePasswordChange;
            }

            if (failedLogins > MembershipService.MaxInvalidPasswordAttempts
                && TempData["LastLogOnAttempt"] != null)
            {
                var now = DateTime.Now;
                var lastAttemptedOn = (DateTime) TempData["LastLogOnAttempt"];
                var secondsToSleep = CalculateSleepSeconds(failedLogins, MembershipService.MaxInvalidPasswordAttempts);
                var unlockOn = lastAttemptedOn.AddSeconds(secondsToSleep);

                if (unlockOn > now)
                {
                    var elapsed = Convert.ToInt32((now - lastAttemptedOn).TotalSeconds);
                    var remaining = secondsToSleep > elapsed ? secondsToSleep - elapsed : 0;
                    model.RemainingSeconds = remaining;
                    model.LastLoginAttempt = lastAttemptedOn;
                    TempData["UserFeedback"] = string.Format("You still have {0} seconds left before you can try logging in again.", remaining);
                    return RedirectToAction("LogOn");
                }
            }

            return null;
        }