public async Task <IActionResult> DeleteKey(HomeViewModel deleteViewModel)
        {
            // Google Recaptcha Verification
            var googleRecaptcha = await _recaptchaService.ReceiveVerificationAsync(deleteViewModel.Token);

            // If verification failed, sign out user.
            if (!googleRecaptcha.Success)
            {
                await signInManager.SignOutAsync();

                return(RedirectToAction("login", "account"));
            }

            await keyStorageService.DeletePublicKeyAsync(User.Identity.Name);

            return(RedirectToAction("Index"));
        }
Example #2
0
        public async Task <IActionResult> Login(LoginViewModel model, string returnUrl)
        {
            // Google Recaptcha Verification
            var googleRecaptcha = await _recaptchaService.ReceiveVerificationAsync(model.Token);

            if (!googleRecaptcha.Success)
            {
                ModelState.AddModelError(string.Empty, "Invalid Login Attempt");
                return(View());
            }

            if (!ModelState.IsValid)
            {
                return(View(model));
            }

            var result = await signInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, false);

            if (result.Succeeded)
            {
                // the following if-else block prevents Open-Redirect Attacks.
                if (!string.IsNullOrEmpty(returnUrl))
                {
                    return(LocalRedirect(returnUrl));
                }
                else
                {
                    return(RedirectToAction("Index", "home"));
                }
            }
            else if (result.IsNotAllowed)
            {
                ModelState.AddModelError(string.Empty, _notAllowedLoginMessage);
                return(View(model));
            }

            ModelState.AddModelError(string.Empty, _invalidLoginMessage);
            return(View(model));
        }