public async Task <IActionResult> VerifyCode(VerifyCodeView model) { if (!ModelState.IsValid) { return(View(model)); } // The following code protects for brute force attacks against the two factor codes. // If a user enters incorrect codes for a specified amount of time then the user account // will be locked out for a specified amount of time. var result = await _signInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser); if (result.Succeeded) { return(RedirectToLocal(model.ReturnUrl)); } if (result.IsLockedOut) { _logger.LogWarning(7, "User account locked out."); return(View("Lockout")); } else { ModelState.AddModelError(string.Empty, "Invalid code."); return(View(model)); } }
public async Task <ActionResult> VerifyCode(VerifyCodeView model) { if (!ModelState.IsValid) { return(View(model)); } // The following code protects for brute force attacks against the two factor codes. // If a user enters incorrect codes for a specified amount of time then the user account // will be locked out for a specified amount of time. // You can configure the account lockout settings in IdentityConfig var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser); switch (result) { case SignInStatus.Success: return(RedirectToLocal(model.ReturnUrl)); case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid code."); return(View(model)); } }