public async Task <IActionResult> Login(UserAccountViewModel acc) { if (!ModelState.IsValid) { return(View(acc)); } var(loginSuccess, savedToken) = await AuthorizeWithUsernameAndPasswordAsync(acc.Email, acc.Password); if (!loginSuccess) { ModelState.AddModelError("InvalidLogin", "Username or password is invalid. Please check again."); return(View(acc)); } if (acc.RememberLogin) { var savingTime = GetCookieOptions(DateTime.Now); ResponseCookies.Append(Consts.LoginToken, savedToken, savingTime); ResponseCookies.Append(Consts.Username, acc.Email, savingTime); } Session.SetObject(Consts.LoginSession, new LoginedUser(acc.Email)); return(RedirectToAction(nameof(HomeController.Index), ControllerName.Of <HomeController>())); }
public async Task <IActionResult> Login() { var savedtoken = RequestCookies[Consts.LoginToken]; var username = RequestCookies[Consts.Username]; if (!string.IsNullOrWhiteSpace(savedtoken) && !string.IsNullOrWhiteSpace(username)) { var(loginSuccess, token) = await AuthorizeWithTokenAsync(username, savedtoken); if (loginSuccess) { // Rewrite Cookie ResponseCookies.Delete(Consts.LoginToken); ResponseCookies.Delete(Consts.Username); var savingTime = GetCookieOptions(DateTime.Now); ResponseCookies.Append(Consts.LoginToken, token, savingTime); ResponseCookies.Append(Consts.Username, username, savingTime); // Current login state Session.SetObject(Consts.LoginSession, new LoginedUser(username)); return(RedirectToAction(nameof(HomeController.Index), ControllerName.Of <HomeController>())); } } return(View()); }
public IActionResult Logout() { Session.Remove(Consts.LoginSession); foreach (var cookie in RequestCookies.Keys) { ResponseCookies.Delete(cookie); } return(RedirectToAction(nameof(AccountController.Login), ControllerName.Of <AccountController>())); }
public void OnAuthorization(AuthorizationFilterContext context) { //var requestCookies = context.HttpContext.Request.Cookies; //if (!requestCookies.ContainsKey(Consts.LoginToken) || !requestCookies.ContainsKey(Consts.Username)) //{ // context.HttpContext.Session.Remove(Consts.LoginSession); //} var sessionUser = context.HttpContext.Session.GetObject <LoginedUser>(Consts.LoginSession); if (sessionUser == null) { context.Result = new RedirectToActionResult(nameof(AccountController.Login), ControllerName.Of <AccountController>(), null); } }