public async Task<ActionResult> Login(InstrumentAppCredentials credentials, string returnUrl)
{
// Validate the input
if (!ModelState.IsValid) { return View(); }
// Validate the credentials
var isAuthenticated = await m.Login(credentials);
if (!isAuthenticated)
{
// Configure the validation summary with an error message
ModelState.AddModelError("", "Invalid credentials");
// Display the form again
return View(credentials);
}
// Credentials have been validated; return to the requested resource
if (string.IsNullOrEmpty(returnUrl))
{
return RedirectToAction("index", "home");
}
else
{
return Redirect(returnUrl);
}
}
// Attention - Login by requesting an access token from the Identity Server
public async Task<bool> Login(InstrumentAppCredentials credentials)
{
using (var request = new HttpClient())
{
// Package the data
// We do NOT save the data in a persistent store
// The data items are just passed through this app
var data = new Dictionary<string, string>
{
{"grant_type","password" },
{"username",credentials.Username.Trim() },
{"password",credentials.Password.Trim() }
};
var requestBody = new FormUrlEncodedContent(data);
// Send the request
// The request body data type will cause the correct
// application/x-www-form-urlencoded
// Content-Type header to be configured on the request
var response = await request.PostAsync("http://localhost:32474/token", requestBody);
if (response.IsSuccessStatusCode)
{
// Read the desired data from the response
var token = await response.Content.ReadAsAsync<AccessToken>();
// Configure in-memory session state storage
// The data items are not stored in a persistent store
// However, we need to keep these values in memory
// during the lifetime of the user's interactive session
HttpContext.Current.Session["token"] = token.access_token;
HttpContext.Current.Session["username"] = token.userName;
return true;
}
else
{
return false;
}
}
}
// GET: Home/Login
public ActionResult Login()
{
var form = new InstrumentAppCredentials();
return View(form);
}
