public async Task <ActionResult> ExternalLoginCallback(string returnUrl)
{
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
return(RedirectToAction("Login"));
}
// Sign in the user with this external login provider if the user already has a login
var result = await SignInManager.ExternalSignInAsync(loginInfo, isPersistent : false);
switch (result)
{
case SignInStatus.Success:
LoginLog.CreateLoginLog(loginInfo.Email, true, UserManager);
return(RedirectToLocal(returnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = false }));
case SignInStatus.Failure:
default:
// If the user does not have an account, then prompt the user to create an account
ViewBag.ReturnUrl = returnUrl;
ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
LoginLog.CreateLoginLog(loginInfo.Email, false, UserManager);
return(View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel {
Email = loginInfo.Email
}));
}
}
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// The following code protects for brute force attacks against the two factor codes.
// If a user enters incorrect codes for a specified amount of time then the user account
// will be locked out for a specified amount of time.
// You can configure the account lockout settings in IdentityConfig
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
LoginLog.CreateLoginLog(model.Email, true, UserManager);
return(RedirectToLocal(model.ReturnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid code.");
LoginLog.CreateLoginLog(model.Email, false, UserManager);
return(View(model));
}
}
public async Task <ActionResult> ExternalLoginConfirmation(ExternalLoginConfirmationViewModel model, string returnUrl)
{
if (User.Identity.IsAuthenticated)
{
LoginLog.CreateLoginLog(model.Email, true, UserManager);
return(RedirectToAction("Index", "Manage"));
}
if (ModelState.IsValid)
{
// Get the information about the user from the external login provider
var info = await AuthenticationManager.GetExternalLoginInfoAsync();
if (info == null)
{
LoginLog.CreateLoginLog(model.Email, false, UserManager);
return(View("ExternalLoginFailure"));
}
var user = new ApplicationUser {
UserName = model.Email, Email = model.Email
};
var result = await UserManager.CreateAsync(user);
if (result.Succeeded)
{
result = await UserManager.AddLoginAsync(user.Id, info.Login);
LoginLog.CreateLoginLog(info.Email, true, UserManager);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
return(RedirectToLocal(returnUrl));
}
}
LoginLog.CreateLoginLog(model.Email, false, UserManager);
}
ViewBag.ReturnUrl = returnUrl;
return(View(model));
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout : true);
switch (result)
{
case SignInStatus.Success:
LoginLog.CreateLoginLog(model.Email, true, UserManager);
return(RedirectToLocal(returnUrl));
case SignInStatus.LockedOut:
LoginLog.CreateLoginLog(model.Email, false, UserManager);
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }));
case SignInStatus.Failure:
ApplicationUser user = UserManager.FindByEmail(model.Email);
if (user != null)
{
user.AccessFailedCount++;
UserManager.Update(user);
}
LoginLog.CreateLoginLog(model.Email, false, UserManager);
return(View(model));
default:
ModelState.AddModelError("", "Invalid login attempt.");
LoginLog.CreateLoginLog(model.Email, false, UserManager);
return(View(model));
}
}
