public async Task<IHttpActionResult> LoginLocal(LoginCredentials model)
{
Logger.Info("Login page submitted");
if (model == null)
{
Logger.Error("no data submitted");
return RenderLoginPage(Messages.InvalidUsernameOrPassword);
}
if (!ModelState.IsValid)
{
Logger.Warn("validation error: username or password missing");
return RenderLoginPage(ModelState.GetError(), model.Username);
}
var authResult = await _userService.AuthenticateLocalAsync(model.Username, model.Password);
if (authResult == null)
{
Logger.WarnFormat("user service indicated incorrect username or password for username: {0}", model.Username);
return RenderLoginPage(Messages.InvalidUsernameOrPassword, model.Username);
}
if (authResult.IsError)
{
Logger.WarnFormat("user service returned an error message: {0}", authResult.ErrorMessage);
return RenderLoginPage(authResult.ErrorMessage, model.Username);
}
return SignInAndRedirect(
authResult,
Constants.AuthenticationMethods.Password,
Constants.BuiltInIdentityProvider);
}
public async Task<IHttpActionResult> LoginLocal(LoginCredentials model)
{
logger.Start("[AuthenticationController.LoginLocal] called");
if (model == null)
{
logger.Verbose("[AuthenticationController.LoginLocal] no model");
return RenderLoginPage(Messages.InvalidUsernameOrPassword);
}
if (!ModelState.IsValid)
{
logger.Verbose("[AuthenticationController.LoginLocal] model not valid");
return RenderLoginPage(ModelState.GetError(), model.Username);
}
var authResult = await userService.AuthenticateLocalAsync(model.Username, model.Password);
if (authResult == null)
{
logger.Verbose("[AuthenticationController.LoginLocal] authenticate returned null");
return RenderLoginPage(Messages.InvalidUsernameOrPassword, model.Username);
}
if (authResult.IsError)
{
logger.Verbose("[AuthenticationController.LoginLocal] authenticate returned an error message");
return RenderLoginPage(authResult.ErrorMessage, model.Username);
}
return SignInAndRedirect(
authResult,
Constants.AuthenticationMethods.Password,
Constants.BuiltInIdentityProvider);
}
public async Task <IHttpActionResult> LoginLocal(string signin, LoginCredentials model)
{
Logger.Info("Login page submitted");
if (this._options.AuthenticationOptions.EnableLocalLogin == false)
{
Logger.Warn("EnableLocalLogin disabled -- returning 405 MethodNotAllowed");
return(StatusCode(HttpStatusCode.MethodNotAllowed));
}
if (signin.IsMissing())
{
Logger.Error("No signin id passed");
return(RenderErrorPage());
}
var cookie = new SignInMessageCookie(Request.GetOwinContext(), this._options);
var signInMessage = cookie.Read(signin);
if (signInMessage == null)
{
Logger.Error("No cookie matching signin id found");
return(RenderErrorPage());
}
if (model == null)
{
Logger.Error("no data submitted");
return(await RenderLoginPage(signInMessage, Messages.InvalidUsernameOrPassword));
}
// the browser will only send 'true' if ther user has checked the checkbox
// it will pass nothing if the user does not check the checkbox
// this check here is to establish if the user deliberatly did not check the checkbox
// or if the checkbox was not presented as an option (and thus AllowRememberMe is not allowed)
// true means they did check it, false means they did not, null means they were not presented with the choice
if (_options.AuthenticationOptions.CookieOptions.AllowRememberMe)
{
if (model.RememberMe != true)
{
model.RememberMe = false;
}
}
else
{
model.RememberMe = null;
}
if (!ModelState.IsValid)
{
Logger.Warn("validation error: username or password missing");
return(await RenderLoginPage(signInMessage, ModelState.GetError(), model.Username, model.RememberMe == true));
}
var authResult = await _userService.AuthenticateLocalAsync(model.Username, model.Password, signInMessage);
if (authResult == null)
{
Logger.WarnFormat("user service indicated incorrect username or password for username: {0}", model.Username);
return(await RenderLoginPage(signInMessage, Messages.InvalidUsernameOrPassword, model.Username, model.RememberMe == true));
}
if (authResult.IsError)
{
Logger.WarnFormat("user service returned an error message: {0}", authResult.ErrorMessage);
return(await RenderLoginPage(signInMessage, authResult.ErrorMessage, model.Username, model.RememberMe == true));
}
return(SignInAndRedirect(signInMessage, authResult, model.RememberMe));
}
