/// <summary>
/// Adds information to the response environment that will cause the appropriate authentication
/// middleware to grant a claims-based identity to the recipient of the response.
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <returns></returns>
public AuthenticationResult SignIn(string username, string password)
{
// authenticates against your Domain AD
//ContextType authenticationType = ContextType.Domain;
bool isAuthenticated = false;
ActiveDirectoryUser userPrincipal = null;
string[] tokens = username.Split('\\');
if (tokens.Length == 2)
{
var repo = new ActiveDirectoryReadOnlyRepository(tokens[0], username, password);
try
{
//isAuthenticated = repo.ValidateCredentials(tokens[1], password, ContextOptions.Negotiate);
isAuthenticated = ValidateCredentials(tokens[1], password);
if (isAuthenticated)
{
//userPrincipal = UserPrincipal.FindByIdentity(principalContext, username);
userPrincipal = repo.GetUser(tokens[1]);
}
}
catch (Exception)
{
isAuthenticated = false;
userPrincipal = null;
}
}
else
{
isAuthenticated = false;
userPrincipal = null;
}
if (!isAuthenticated || userPrincipal == null)
{
return(new AuthenticationResult("Username or Password is not correct"));
}
if (userPrincipal.IsAccountLockedOut())
{
// here can be a security related discussion weather it is worth
// revealing this information
return(new AuthenticationResult("Your account is locked."));
}
if (userPrincipal.Enabled.HasValue && userPrincipal.Enabled.Value == false)
{
// here can be a security related discussion weather it is worth
// revealing this information
return(new AuthenticationResult("Your account is disabled"));
}
ClaimsIdentity identity = CreateIdentity(userPrincipal);
authenticationManager.SignOut("ApplicationCookie");
authenticationManager.SignIn(new AuthenticationProperties()
{
IsPersistent = true
}, identity);
return(new AuthenticationResult());
}
