/AnotherStartup/App_Code/Account/Login.cs

using System;

using System.Web.WebPages;

using WebMatrix.WebData;



/// <summary>

/// Summary description for Login

/// </summary>

/// 

namespace Account

{

    public static class Login

    {

        public class Model

        {

            public string Username { get; set; }

            public string Password { get; set; }

            public bool RememberMe { get; set; }

        }



        public class Errors

        {

            public ErrorMessage Username { get; set; }

            public ErrorMessage Password { get; set; }



            public Errors()

            {

                Username = ErrorMessage.Nil;

                Password = ErrorMessage.Nil;

            }

        }



        public static void Init(WebPageBase web)

        {

            // Initialize model properties      

            Model model = web.Page.Model = new Model();



            //  Initialize validation properties

            Errors errors = web.Page.Errors = new Errors();



            // If this is a POST request, validate and process data

            if (web.IsPost)

            {

                model.Username = web.Request.Form["username"];

                model.Password = web.Request.Form["password"];

                model.RememberMe = web.Request.Form["rememberMe"].AsBool();



                // Validate the user's username

                if (model.Username.IsEmpty())

                {

                    errors.Username = web.Error("You must specify a username.");                    

                }



                // Validate the user's password

                if (model.Password.IsEmpty())

                {

                    errors.Password = web.Error("You must specify a password.");                    

                }



                // Confirm there are no validation errors

                if (web.Page.IsValid)

                {

                    if (WebSecurity.UserExists(model.Username) && WebSecurity.GetPasswordFailuresSinceLastSuccess(model.Username) > 4 && WebSecurity.GetLastPasswordFailureDate(model.Username).AddSeconds(60) > DateTime.UtcNow)

                    {

                        web.Response.Redirect("~/account/AccountLockedOut");

                        return;

                    }



                    // Attempt to login to the Security object using provided creds

                    if (WebSecurity.Login(model.Username, model.Password, model.RememberMe))

                    {

                        var returnUrl = web.Request.QueryString["ReturnUrl"];

                        if (returnUrl.IsEmpty())

                        {

                            web.Response.Redirect("~/");

                        }

                        else

                        {

                            web.Context.RedirectLocal(returnUrl);

                        }

                    }



                    // If we arrived here, the login failed; convey that to the user

                    web.Page.IsValid = false;

                }

            }

        }

    }

}