putting back what the UmbLoginController should be ... where in the hell has this been overwritten from??!

src/Umbraco.Web/Controllers/UmbLoginController.cs

@@ -1,8 +1,10 @@
 using System.Linq;
 using System.Web.Mvc;
+using System.Web.Security;
 using umbraco.cms.businesslogic.member;
 using Umbraco.Web.Models;
 using Umbraco.Web.Mvc;
+using Umbraco.Core;
 
 namespace Umbraco.Web.Controllers
 {
@@ -11,18 +13,28 @@ namespace Umbraco.Web.Controllers
         [HttpPost]
         public ActionResult HandleLogin([Bind(Prefix="loginModel")]LoginModel model)
         {
-            // TODO: Use new Member API
-            if (ModelState.IsValid)
+            if (ModelState.IsValid == false)
             {
-                var m = Member.GetMemberFromLoginNameAndPassword(model.Username, model.Password);
-                if (m != null)
-                {
-                    Member.AddMemberToCache(m);
-                    return Redirect("/");
-                }
+                return CurrentUmbracoPage();    
             }
 
-            return CurrentUmbracoPage();
+            if (Members.Login(model.Username, model.Password) == false)
+            {
+                //don't add a field level error, just model level
+                ModelState.AddModelError("loginModel", "Invalid username or password");
+                return CurrentUmbracoPage();
+            }
+
+            //if there is a specified path to redirect to then use it
+            if (model.RedirectUrl.IsNullOrWhiteSpace() == false)
+            {
+                return Redirect(model.RedirectUrl);
+            }
+
+            //redirect to current page by default
+            TempData.Add("LoginSuccess", true);
+            //return RedirectToCurrentUmbracoPage();
+            return RedirectToCurrentUmbracoUrl();
         }
     }
 }