public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
// get ther current lifetimescope from the requqest
var autofacLifetimeScope = OwinContextExtensions.GetAutofacLifetimeScope(context.OwinContext);
var userManager = autofacLifetimeScope.Resolve <ClientPortalUserManager>();
ClientPortalUser user = await userManager.FindByNameAsync(context.UserName);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
if (await userManager.IsLockedOutAsync(user.Id) || user.IsApproved == false)
{
context.SetError("invalid_grant", "The user is locked out.");
return;
}
if (!await userManager.CheckPasswordAsync(user, context.Password))
{
await userManager.AccessFailedAsync(user.Id);
if (await userManager.IsLockedOutAsync(user.Id))
{
context.SetError("invalid_grant", "The user is locked out.");
return;
}
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
await userManager.ResetAccessFailedCountAsync(user.Id);
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager, CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
}
