public async Task <IActionResult> Login(LoginViewModel model, string returnUrl = null) { if (returnUrl == null) { returnUrl = "Home/Index"; } ViewData["ReturnUrl"] = returnUrl; if (ModelState.IsValid) { var user = await _userManager.FindByNameAsync(model.UserName); if (user != null) { if (!await _userManager.IsEmailConfirmedAsync(user)) { ModelState.AddModelError(string.Empty, "You must have a confirmed email to log in."); return(View(model)); } } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var result = await _signInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, lockoutOnFailure : true); if (result.Succeeded) { UserActivity activity = new UserActivity { Browser = Request.Headers["User-Agent"].ToString(), IpAddress = Request.HttpContext.Connection.RemoteIpAddress.ToString(), TimeStamp = DateTime.Now }; await _userStore.AddUserActivities(user, activity); if (await _userManager.IsInRoleAsync(user, "Admin")) { _logger.LogInformation(1, "Admin User logged in."); return(RedirectToAction("Index", "Dashboard")); } _logger.LogInformation(1, "User logged in."); return(RedirectToAction("Index", "Home")); //return RedirectToLocal(returnUrl); } if (result.RequiresTwoFactor) { return(RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl, RememberMe = model.RememberMe })); } if (result.IsLockedOut) { _logger.LogWarning(2, "User account locked out."); return(View("Lockout")); } else { ModelState.AddModelError(string.Empty, "Invalid login attempt."); return(View(model)); } } return(View(model)); }