Example #1
0
        public virtual async Task <IActionResult> Login(string returnUrl = null)
        {
            if (AccountService.IsSignedIn(User))
            {
                return(this.RedirectToSiteRoot(CurrentSite));
            }

            returnUrl = IdentityServerIntegration.EnsureFolderSegmentIfNeeded(CurrentSite, returnUrl);
            //identityserver integration point
            var idProvider = await IdentityServerIntegration.GetAuthorizationContextAsync(returnUrl);

            if (!string.IsNullOrEmpty(idProvider))
            {
                // if IdP is passed, then bypass showing the login screen
                return(ExternalLogin(idProvider, returnUrl));
            }

            ViewData["Title"]     = StringLocalizer["Log In"];
            ViewData["ReturnUrl"] = returnUrl;

            var model = new LoginViewModel();

            var recaptchaKeys = await RecaptchaKeysProvider.GetKeys().ConfigureAwait(false);

            if ((CurrentSite.CaptchaOnLogin) && (!string.IsNullOrEmpty(recaptchaKeys.PublicKey)))
            {
                model.RecaptchaSiteKey    = recaptchaKeys.PublicKey;
                model.UseInvisibleCaptcha = recaptchaKeys.Invisible;
            }
            model.UseEmailForLogin = CurrentSite.UseEmailForLogin;
            model.LoginInfoTop     = CurrentSite.LoginInfoTop;
            model.LoginInfoBottom  = CurrentSite.LoginInfoBottom;
            var externalSchemes = await AccountService.GetExternalAuthenticationSchemes();

            model.ExternalAuthenticationList = externalSchemes.ToList();
            // don't disable db auth if there are no social auth providers configured
            model.DisableDbAuth = CurrentSite.DisableDbAuth && CurrentSite.HasAnySocialAuthEnabled();

            return(View(model));
        }
Example #2
0
        public virtual async Task <IActionResult> Login(LoginViewModel model, string returnUrl = null)
        {
            ViewData["Title"]     = StringLocalizer["Log In"];
            ViewData["ReturnUrl"] = returnUrl;

            Analytics.HandleLoginSubmit("Onsite").Forget();

            var recaptchaKeys = await RecaptchaKeysProvider.GetKeys().ConfigureAwait(false);

            if ((CurrentSite.CaptchaOnLogin) && (!string.IsNullOrEmpty(recaptchaKeys.PublicKey)))
            {
                model.RecaptchaSiteKey    = recaptchaKeys.PublicKey;
                model.UseInvisibleCaptcha = recaptchaKeys.Invisible;
            }
            model.UseEmailForLogin           = CurrentSite.UseEmailForLogin;
            model.LoginInfoTop               = CurrentSite.LoginInfoTop;
            model.LoginInfoBottom            = CurrentSite.LoginInfoBottom;
            model.ExternalAuthenticationList = await AccountService.GetExternalAuthenticationSchemes();

            // don't disable db auth if there are no social auth providers configured
            model.DisableDbAuth = CurrentSite.DisableDbAuth && CurrentSite.HasAnySocialAuthEnabled();

            if (!ModelState.IsValid)
            {
                var errors       = ModelState.Keys.Where(k => ModelState[k].Errors.Count > 0).Select(k => new { propertyName = k, errorMessage = ModelState[k].Errors[0].ErrorMessage });
                var trackedError = errors.FirstOrDefault().errorMessage;
                Analytics.HandleLoginFail("Onsite", trackedError).Forget();

                return(View(model));
            }

            if ((CurrentSite.CaptchaOnLogin) && (!string.IsNullOrEmpty(recaptchaKeys.PrivateKey)))
            {
                var captchaResponse = await RecaptchaServerSideValidator.ValidateRecaptcha(Request, CurrentSite.RecaptchaPrivateKey);

                if (!captchaResponse.Success)
                {
                    Analytics.HandleLoginFail("Onsite", "reCAPTCHA Error").Forget();
                    ModelState.AddModelError("recaptchaerror", StringLocalizer["reCAPTCHA Error occured. Please try again"]);
                    return(View(model));
                }
            }

            var result = await AccountService.TryLogin(model);

            if (result.SignInResult.Succeeded)
            {
                return(await HandleLoginSuccess(result, returnUrl));
            }

            foreach (var reason in result.RejectReasons)
            {
                //these reasons are not meant to be shown in the ui
                // but we can log them so admin will see failed attempts in the log along with reasons
                Log.LogWarning(reason);
            }

            if (result.SignInResult.IsNotAllowed)
            {
                return(await HandleLoginNotAllowed(result, returnUrl));
            }

            if (result.SignInResult.RequiresTwoFactor)
            {
                return(await HandleRequiresTwoFactor(result, returnUrl, model.RememberMe));
            }

            if (result.SignInResult.IsLockedOut)
            {
                return(await HandleLockout(result));
            }
            else
            {
                Analytics.HandleLoginFail("Onsite", StringLocalizer["Invalid login attempt."]).Forget();

                Log.LogInformation($"login did not succeed for {model.Email}");
                ModelState.AddModelError(string.Empty, StringLocalizer["Invalid login attempt."]);
                return(View(model));
            }
        }