Beispiel #1
0
 public ActionResult Login(string returnUrl)
 {
     ViewBag.ReturnUrl = returnUrl;
     LoginViewModel model = new LoginViewModel();
     model.Salt = Guid.NewGuid().ToString().Substring(0,6);
     Session["LoginSalt"] = model.Salt;
     return View(model);
 }
Beispiel #2
0
 public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
 {
     if (!ModelState.IsValid)
     {
         return View(model);
     }
     logger.Info("Login");
     model.Email = KMBit.Util.KMAes.DecryptStringAES(model.EncryptedEmail);
     model.Password= KMBit.Util.KMAes.DecryptStringAES(model.EncryptedPassword).Substring(6);
     string salt = Session["LoginSalt"].ToString();
     logger.Info("User:"******"Password:"******"salt:" + salt);            
     string postedSalt= KMBit.Util.KMAes.DecryptStringAES(model.EncryptedPassword).Substring(0,6);
     logger.Info("postedsalt:" + postedSalt);
     if (salt.Trim().ToLower()!=postedSalt.Trim().ToLower())
     {
         ModelState.AddModelError("", "用户或者密码错误");
         return View(model);
     }
     Session["LoginSalt"] = null;
     // This doesn't count login failures towards account lockout
     // To enable password failures to trigger account lockout, change to shouldLockout: true
     var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
     switch (result)
     {
         case SignInStatus.Success:  
             return RedirectToLocal(model.Email,returnUrl);
         case SignInStatus.LockedOut:
             return View("Lockout");
         case SignInStatus.RequiresVerification:
             return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
         case SignInStatus.Failure:
         default:
             logger.Warn("Password or Email is not correct");
             ModelState.AddModelError("", "用户或者密码错误");
             return View(model);
     }
 }