public async Task <IActionResult> Login([FromBody] LoginInputModel model)
{
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberLogin, lockoutOnFailure : true);
if (result.Succeeded)
{
logger.LogInformation(1, "User logged in.");
// because we are logging in through an api, we need to generate and send back a new XsrfToken
return(Ok(new LoginResponseModel()));
}
else
{
logger.LogWarning(2, "User login failed.");
var response = new LoginResponseModel
{
IsLockedOut = result.IsLockedOut,
IsNotAllowed = result.IsNotAllowed,
RequiresTwoFactor = result.RequiresTwoFactor,
Result = ApiResult.AsError("Login Failed")
};
return(BadRequest(response));
}
}
else
{
return(BadRequest(ApiModel.AsError("model validation failed (TODO add the errors)")));
}
}
public async Task <IActionResult> Login([FromBody] LoginInputModel model)
{
// Hack to work around rc1 bug
await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);
if (ModelState.IsValid)
{
var result = await this.signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberLogin, lockoutOnFailure : true);
if (result.Succeeded)
{
this.logger.LogInformation(1, "User logged in.");
return(Ok(new LoginResponseModel {
Result = ApiResult.AsSuccess()
}));
}
else
{
this.logger.LogWarning(2, "User login failed.");
var response = new LoginResponseModel
{
IsLockedOut = result.IsLockedOut,
IsNotAllowed = result.IsNotAllowed,
RequiresTwoFactor = result.RequiresTwoFactor,
Result = ApiResult.AsError("Login Failed")
};
return(BadRequest(response));
}
}
else
{
return(BadRequest(ApiModel.AsError("model validation failed (TODO add the errors)")));
}
}
