public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
try
{
var account = await ServiceLocator.Current.Get <IAccountManager>().GetByEmail(context.UserName);
if (account == null || !account.IsActive || !PasswordHelpers.VerifyPassword(account.Password, context.Password))
{
context.Response.Headers.Add("BadRequestHeader", new[] { "Incorrect username or password." });
return;
}
if (account.IsBlocked)
{
context.Response.Headers.Add("BadRequestHeader", new[] { "User blocked" });
return;
}
var identity = new ClaimsIdentity(DefaultAuthenticationTypes.ApplicationCookie);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, account.Id.ToString(CultureInfo.InvariantCulture)));
var properties = new AuthenticationProperties(GenerateClaims(account));
context.Validated(new AuthenticationTicket(identity, properties));
context.Request.Context.Authentication.SignIn(properties, identity);
}
catch (Exception ex)
{
context.SetError(ex.Message);
}
}
