public async Task<ActionResult> Login(LoginViewModel model) {
Helper.ForceValidation(ModelState, model);
if (!ModelState.IsValid) {
Helper.HandleErrorDict(ModelState);
return View(model);
}
string returnUrl = HttpUtility.UrlDecode(model.ReturnUrl);
//TODO: make configurable
//manage.UserManager.UserLockoutEnabledByDefault = true;
//manage.UserManager.MaxFailedAccessAttemptsBeforeLockout = 5;
//manage.UserManager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(15);
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var user = await securityHelper.UserManager.FindByNameAsync(model.UserName);
var result = await securityHelper.SignInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, shouldLockout: true);
switch (result) {
case SignInStatus.Success:
await securityHelper.UserManager.ResetAccessFailedCountAsync(user.Id);
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError(String.Empty, "Invalid login attempt.");
if (user != null && user.LockoutEndDateUtc.HasValue && user.LockoutEndDateUtc.Value < DateTime.UtcNow) {
user.LockoutEndDateUtc = null;
user.AccessFailedCount = 1;
securityHelper.UserManager.Update(user);
}
return View(model);
}
}
public ActionResult Login(string returnUrl) {
var res = CheckDatabase();
if (res != null) {
return res;
}
LoginViewModel model = new LoginViewModel();
model.ReturnUrl = HttpUtility.UrlEncode(returnUrl);
return View(model);
}
