public async Task <IActionResult> SignIn([Bind("Username", "Password")] AdminSignInModel signInModel)
{
if (!ModelState.IsValid)
{
return(View());
}
AdminUser user = _work.AdminUsers.GetAll().SingleOrDefault(m => m.Username == signInModel.Username);
bool isValid = true;
if (user == null)
{
isValid = false;
}
else if (!user.IsValidPassword(signInModel.Password))
{
isValid = false;
}
//invalid sign in
if (!isValid)
{
ModelState.AddModelError(string.Empty, "Invalid Username and/or Password.");
signInModel.IsValid = false;
return(View(signInModel));
}
//valid sign in
if (isValid)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.Username, ClaimValueTypes.String, "GatherHub")
};
var identity = new ClaimsIdentity(claims, "Password");
var principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync("admin",
principal,
new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(20),
AllowRefresh = false,
IsPersistent = false
});
return(RedirectToAction("Index", "Home"));
}
return(RedirectToAction(nameof(Denied)));
}