public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
UserLoginLog log = new UserLoginLog();
log.AttempTime = DateTime.Now;
log.IP = Request.ServerVariables["REMOTE_ADDR"];
log.UserName = model.UserName;
var user = UserManager.FindByName(model.UserName);
if (user != null && user.IsEnabled == false)
{
ModelState.AddModelError("", "此帳號已經被取消啟用,請聯絡管理人員來啟用帳號");
SaveUserLoginLog(log, Core.Common.Security.EnumLoginStatus.NotEnabled);
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
SaveUserLoginLog(log, Core.Common.Security.EnumLoginStatus.Success);
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "帳號密碼錯誤");
SaveUserLoginLog(log, Core.Common.Security.EnumLoginStatus.WrongPassword);
return View(model);
}
}
private void SaveUserLoginLog(UserLoginLog log, Core.Common.Security.EnumLoginStatus status)
{
log.Status = status;
log.StatusDisplayString = log.Status.DisplayName();
DB.Repository<UserLoginLog>().Create(log);
DB.Save();
}