This is an intranet application written in MVC 4 which requires user login. Where is the best place to remove the domain from the username entered by the user? (Username.Name.Split('\')[1];). This is incase the user enters the domain.
View:
@Html.ValidationSummary(true, "Login failed.")
@using (Html.BeginForm())
{
<div style="width: 400px">
<fieldset>
<legend>Account Information</legend>
<div class="editor-label">
@Html.LabelFor(m => m.Username)
</div>
<div class="editor-field">
@Html.TextBoxFor(m => m.Username)
@Html.ValidationMessageFor(m => m.Username)
</div>
...
Login Model:
[Required]
[Display(Name = "Username")]
public string Username { get; set; }
....
Controller:
[HttpPost]
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (Membership.ValidateUser(model.Username, model.Password))
{
//set authentication cookie
...
If you only want the username and not the domain why not validate as early as possible, e.g. don't all \ in username. As always have server validation to back this up in Login action like you suggest, e.g.
if(model.UserName.Contains('\')
model.UserName = model.Username.Name.Split('\')[1];
If it is always the same domain, put the domain name beside the text box to make it clear it is not being asked for.