public ActionResult Login(LoginEntryModel entryModel, string returnUrl) { if (ModelState.IsValid) { var user = _userManager.Find(entryModel.Username, entryModel.Password); if (user == null) { ModelState.AddModelError("", "Invalid username or password."); } else { FormsAuthentication.SignOut(); HttpCookie authCookie = FormsAuthentication.GetAuthCookie(entryModel.Username, entryModel.RememberMe); FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value); var authTicket = new FormsAuthenticationTicket(ticket.Version, ticket.Name, ticket.IssueDate, ticket.IsPersistent ? ticket.Expiration : ticket.IssueDate.AddMinutes(Session.Timeout), ticket.IsPersistent, string.Join(",", user.Roles.ToArray())); authCookie.Value = FormsAuthentication.Encrypt(authTicket); Response.Cookies.Add(authCookie); Session["AuthSync"] = authTicket.Expiration; return(Redirect(ResolveReturnUrl(returnUrl))); } } return(Login(returnUrl)); }
public IActionResult Login(LoginEntryModel entryModel, string returnUrl) { if (ModelState.IsValid) { var user = _userManager.Find(entryModel.Username, entryModel.Password); if (user == null) { ModelState.AddModelError("", "Invalid username or password."); } else { HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); var claims = new List <Claim> { new Claim(ClaimTypes.Name, user.UserName) }; claims.AddRange(user.Roles.Select(r => new Claim(ClaimsIdentity.DefaultRoleClaimType, r))); ClaimsIdentity identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); ClaimsPrincipal principal = new ClaimsPrincipal(identity); var timeout = GetAuthTimeout(entryModel.RememberMe); var authProperties = new AuthenticationProperties { IsPersistent = entryModel.RememberMe, ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(timeout) }; HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, authProperties); return(Redirect(ResolveReturnUrl(returnUrl))); } } return(Login(returnUrl)); }