public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = "")
{
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
// Require the user to have a confirmed email before they can log on.
var userConfirmed = await _userManager.FindByNameAsync(model.Email);
if (userConfirmed != null)
{
if (!await _userManager.IsEmailConfirmedAsync(userConfirmed))
{
ViewData["Message"] = "You must have a confirmed email to log on.";
return View("Error");
}
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false);
if (result.Succeeded)
{
var user = await _userManager.FindByNameAsync(model.Email);
var claims = await _userManager.GetClaimsAsync(user);
if (claims.Count > 0)
{
var claimValue = claims.FirstOrDefault(c => c.Type.Equals(Security.ClaimTypes.UserType)).Value;
if (claimValue.Equals("TenantAdmin"))
{
return base.RedirectToAction(nameof(Areas.Admin.Controllers.TenantController.Index), "Tenant", new { area = "Admin" });
}
else if (claimValue.Equals("SiteAdmin"))
{
return RedirectToAction(nameof(SiteController.Index), "Site", new { area = "Admin" });
}
}
}
if (result.RequiresTwoFactor)
{
return RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
}
if (result.IsLockedOut)
{
return View("Lockout");
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return View(model);
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
public void LoginRedirectLocalUrlTests()
{
var controller = AccountController();
var loginViewModel = new LoginViewModel { Email = "", Password = "", RememberMe = false };
const string testLocalUrl = "/foo/bar";
var result = controller.Login(loginViewModel, testLocalUrl).Result;
Assert.IsType<RedirectResult>(result);
var redirectToLocalUrl = (RedirectResult)result;
Assert.Equal(testLocalUrl, redirectToLocalUrl.Url);
}
public async void LoginPostRedirectsToLocalWithCorrectParameters()
{
var loginViewModel = new LoginViewModel { Email = "", Password = "", RememberMe = false };
const string testLocalUrl = "/foo/bar";
var controller = AccountController();
var result = await controller.Login(loginViewModel, testLocalUrl);
Assert.IsType<RedirectResult>(result);
var redirectToLocalUrl = (RedirectResult)result;
Assert.Equal(testLocalUrl, redirectToLocalUrl.Url);
}
public void LoginRedirectRemoteUrlTests()
{
var controller = AccountController();
var loginViewModel = new LoginViewModel {Email = "", Password = "", RememberMe = false};
const string testRemoteUrl = "http://foo.com/t";
var result = controller.Login(loginViewModel, testRemoteUrl).Result;
Assert.IsType<RedirectToActionResult>(result);
var redirectToAction = (RedirectToActionResult)result;
Assert.Equal("Home", redirectToAction.ControllerName);
Assert.Equal(nameof(HomeController.Index), redirectToAction.ActionName);
}
public void LoginTestInvalidModel()
{
var controller = AccountController();
controller.ModelState.AddModelError("foo", "bar");
const string testUrl = "return url";
var loginViewModel = new LoginViewModel();
var result = controller.Login(loginViewModel, testUrl).Result;
Assert.IsType<ViewResult>(result);
var resultViewModel = ((ViewResult) result).ViewData.Model;
Assert.IsType<LoginViewModel>(resultViewModel);
Assert.Equal(resultViewModel, loginViewModel);
}
public async Task LoginPostReturnsSameViewAndViewModelWhenModelStatIsInvalid()
{
const string testUrl = "return url";
var loginViewModel = new LoginViewModel();
var sut = AccountController();
sut.ModelState.AddModelError("foo", "bar");
var result = await sut.Login(loginViewModel, testUrl);
Assert.IsType<ViewResult>(result);
var resultViewModel = ((ViewResult) result).ViewData.Model;
Assert.IsType<LoginViewModel>(resultViewModel);
Assert.Equal(resultViewModel, loginViewModel);
}
public void LoginFailureTests()
{
var controller = AccountController(SignInResult.Failed);
var loginViewModel = new LoginViewModel { Email = "", Password = "", RememberMe = false };
const string testLocalUrl = "/foo/bar";
var result = controller.Login(loginViewModel, testLocalUrl).Result;
Assert.IsType<ViewResult>(result);
var resultViewModel = ((ViewResult)result).ViewData.Model;
Assert.IsType<LoginViewModel>(resultViewModel);
Assert.Equal(resultViewModel, loginViewModel);
Assert.True(controller.ModelState[string.Empty].Errors
.Select(x => x.ErrorMessage)
.Contains("Invalid login attempt."));
}
public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
// Require admin users to have a confirmed email before they can log on.
var user = await _mediator.SendAsync(new ApplicationUserQuery { UserName = model.Email });
if (user != null)
{
var isAdminUser = user.IsUserType(UserType.OrgAdmin) || user.IsUserType(UserType.SiteAdmin);
if (isAdminUser && !await _userManager.IsEmailConfirmedAsync(user))
{
//TODO: Showing the error page here makes for a bad experience for the user.
// It would be better if we redirected to a specific page prompting the user to check their email for a confirmation email and providing an option to resend the confirmation email.
ViewData["Message"] = "You must have a confirmed email to log on.";
return View("Error");
}
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false);
if (result.Succeeded)
{
return RedirectToLocal(returnUrl, user);
}
if (result.RequiresTwoFactor)
{
return RedirectToAction(nameof(AdminController.SendCode), "Admin", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
}
if (result.IsLockedOut)
{
return View("Lockout");
}
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return View(model);
}
// If we got this far, something failed, redisplay form
return View(model);
}
public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false);
if (result.Succeeded)
{
return RedirectToLocal(returnUrl);
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return View(model);
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
