public async Task<ActionResult> Login(LoginViewModel model) { Helper.ForceValidation(ModelState, model); if (!ModelState.IsValid) { Helper.HandleErrorDict(ModelState); return View(model); } string returnUrl = HttpUtility.UrlDecode(model.ReturnUrl); //TODO: make configurable //manage.UserManager.UserLockoutEnabledByDefault = true; //manage.UserManager.MaxFailedAccessAttemptsBeforeLockout = 5; //manage.UserManager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(15); // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, change to shouldLockout: true var user = await securityHelper.UserManager.FindByNameAsync(model.UserName); var result = await securityHelper.SignInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, shouldLockout: true); switch (result) { case SignInStatus.Success: await securityHelper.UserManager.ResetAccessFailedCountAsync(user.Id); return RedirectToLocal(returnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.RequiresVerification: return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }); case SignInStatus.Failure: default: ModelState.AddModelError(String.Empty, "Invalid login attempt."); if (user != null && user.LockoutEndDateUtc.HasValue && user.LockoutEndDateUtc.Value < DateTime.UtcNow) { user.LockoutEndDateUtc = null; user.AccessFailedCount = 1; securityHelper.UserManager.Update(user); } return View(model); } }
public ActionResult Login(string returnUrl) { var res = CheckDatabase(); if (res != null) { return res; } LoginViewModel model = new LoginViewModel(); model.ReturnUrl = HttpUtility.UrlEncode(returnUrl); return View(model); }