public ActionResult Login(LoginSubmitModel submitModel) { // Create ViewModel for Login var vm = CreateLoginViewModel( ); // check logical errors of submitmodel IReadOnlyCollection <ValidationResult> errors; if (!submitModel.IsValid(out errors)) { CopyErrorsToViewModel(vm, errors); return(View("~/Areas/Account/Views/Account/Login.cshtml", vm)); } // here: no logical errors! SampleUser currentUser; if (false) // use myUserRepository.UserNameExists() here { // User not found! vm.ErrorMessages.Add("Username and/or password not found!"); return(View("~/Areas/Account/Views/Account/Login.cshtml", vm)); } // User found currentUser = _sampleUser; // Check users password! if (false) // use submitModel.Password != currentUser.Password here! { // Invalid password vm.ErrorMessages.Add("Username and/or password not found!"); return(View("~/Areas/Account/Views/Account/Login.cshtml", vm)); } // Password is correct. Yay! // Retrive current authcode var currentTimebasedPassword = _googleTwoWayAuthenticator.GetCurrentTimeBasedPassword(currentUser.Secret); if (currentTimebasedPassword != submitModel.AuthCode) { vm.ErrorMessages.Add("Invalid AuthCode. Login failed!"); return(View("~/Areas/Account/Views/Account/Login.cshtml", vm)); } // Login succeeded! // FormsAuthentication.SetAuthCookie( currentUser.Username, false ); vm.SuccessMessages.Add("Yaaay! Login succeeded!"); // or use redirect here! //AddTempSuccess( "Yaaay! Login succeeded!" ); //return Redirect(RouteCache.Get(Url, RouteNames.Home); // To increase performance use the correct path instead of reflection features! return(View("~/Areas/Account/Views/Account/Login.cshtml", vm)); }
public async Task <IActionResult> Login(LoginSubmitModel submitModel) { var user = _userService.GetByUserNameAndPassword(submitModel.UserName, submitModel.Password); if (user == null) { var model = new LoginViewModel { LoginUrl = Url.RouteUrl("adminLogin"), UserName = submitModel.UserName, HasError = true, ErrorMessage = "Username or password is not correct" }; return(View(model)); } else { await _signInManager.SignInAsync(user, false); return(RedirectToRoute("adminDashboard")); } }