public async Task <AuthenticateResult> Authenticate(string email, string password)
{
email.CheckIfNull(nameof(email));
password.CheckIfNull(nameof(password));
var identity = await _identityRepository.GetByEmail(email);
if (identity == null || !identity.IsEnabled)
{
return(AuthenticateResult.Failed);
}
if (identity.LockoutEnd > DateTime.UtcNow)
{
return(AuthenticateResult.Lockout);
}
if (!_cryptoManager.CheckPassword(password, identity.Password))
{
var status = AuthenticateResult.Failed;
identity.AccessFailedCount++;
identity.LastAccessFailureAt = DateTime.UtcNow;
if (identity.AccessFailedCount > 5)
{
identity.LockoutEnd = DateTime.UtcNow.AddMinutes(5);
status = AuthenticateResult.Lockout;
await _mediator.Publish(AccountLocked.From(identity));
}
await _identityRepository.Update(identity);
return(status);
}
if (identity.AccessFailedCount > 0)
{
identity.AccessFailedCount = 0;
identity.LockoutEnd = null;
}
identity.LastAccessAt = DateTime.UtcNow;
await _identityRepository.Update(identity);
return(AuthenticateResult.Ok);
}