public async Task <IActionResult> LoginPost(
ModIdentityServerWebMvcPartAccountViewLoginModel model,
string action
)
{
var result = new ModIdentityServerWebMvcPartAccountCommonJobLoginResult();
var input = new ModIdentityServerWebMvcPartAccountJobLoginPostInput
{
Action = action,
Model = model,
ModelState = ModelState,
UrlHelper = Url
};
var(execute, onSuccess, onError) = MyModel.BuildActionLoginPost(input);
try
{
result.Data = await execute().CoreBaseExtTaskWithCurrentCulture(false);
onSuccess(result);
}
catch (Exception ex)
{
onError(ex, result);
}
return(input.Status switch
{
ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Index =>
Redirect("~/"),
ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Redirect =>
View(
"Redirect",
new ModIdentityServerWebMvcViewRedirectModel
{
RedirectUrl = result.Data.ReturnUrl
}),
ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Return =>
Redirect(result.Data.ReturnUrl),
_ =>
View("~/Views/Account/Login.cshtml", result.Data),
});
private async Task <ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses> ProcessLoginPost(
ModIdentityServerWebMvcPartAccountViewLoginModel model,
string action,
IEventService events,
ModelStateDictionary modelState,
SignInManager <DataEntityObjectUser> signInManager,
IUrlHelper urlHelper,
UserManager <DataEntityObjectUser> userManager,
IIdentityServerInteractionService interaction,
IClientStore clientStore
)
{
// check if we are in the context of an authorization request
var context = await interaction.GetAuthorizationContextAsync(model.ReturnUrl)
.CoreBaseExtTaskWithCurrentCulture(false);
// the user clicked the "cancel" button
if (action != ModIdentityServerWebMvcSettings.ACTION_Login)
{
if (context != null)
{
// if the user cancels, send a result back into IdentityServer as if they
// denied the consent (even if this client does not require consent).
// this will send back an access denied OIDC error response to the client.
await interaction.GrantConsentAsync(context, ConsentResponse.Denied)
.CoreBaseExtTaskWithCurrentCulture(false);
var isPckeRequired = await clientStore.ModIdentityServerWebExtClientIsPkceRequired(context.ClientId)
.CoreBaseExtTaskWithCurrentCulture(false);
// we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
if (isPckeRequired)
{
// if the client is PKCE then we assume it's native, so this change in how to
// return the response is for better UX for the end user.
return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Redirect);
}
return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Return);
}
else
{
// since we don't have a valid context, then we just go back to the home page
return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Index);
}
}
else if (modelState.IsValid)
{
var result = await signInManager.PasswordSignInAsync(
model.Username,
model.Password,
model.RememberLogin,
lockoutOnFailure : true
).CoreBaseExtTaskWithCurrentCulture(false);
if (result.Succeeded)
{
var user = await userManager.FindByNameAsync(model.Username)
.CoreBaseExtTaskWithCurrentCulture(false);
await events.RaiseAsync(
new UserLoginSuccessEvent(
user.UserName,
user.Id.ToString(),
user.UserName,
clientId : context?.ClientId
)
).CoreBaseExtTaskWithCurrentCulture(false);
if (context != null)
{
var isPckeRequired = await clientStore.ModIdentityServerWebExtClientIsPkceRequired(context.ClientId)
.CoreBaseExtTaskWithCurrentCulture(false);
if (isPckeRequired)
{
// if the client is PKCE then we assume it's native, so this change in how to
// return the response is for better UX for the end user.
return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Redirect);
}
// we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Return);
}
// request for a local page
if (urlHelper.IsLocalUrl(model.ReturnUrl))
{
return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Return);
}
else if (string.IsNullOrEmpty(model.ReturnUrl))
{
return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Index);
}
else
{
// user might have clicked on a malicious link - should be logged
throw new ModIdentityServerBaseExceptionInvalidReturnUrl();
}
}
await events.RaiseAsync(
new UserLoginFailureEvent(
model.Username,
"invalid credentials",
clientId : context?.ClientId
)
).CoreBaseExtTaskWithCurrentCulture(false);
throw new ModIdentityServerBaseExceptionLogin();
}
return(ModIdentityServerWebMvcPartAccountJobLoginPostEnumStatuses.Default);
}
