public async Task <ActionResult> Login(AppUserLoginVm appUserLoginVm) { // Initialize the view. var result = View(); // If AppUserLoginVm is null return the form. if (appUserLoginVm == null) { return(result); } // If model is valid, continue with the authentication if (ModelState.IsValid) { // Validate username and password. var stggResult = await Managers.UserAccountManager.LoginAsync(appUserLoginVm); var appUserVm = stggResult.Value; switch (appUserVm.SignInStatus) { case SignInStatus.Success: // Set the current application user. StggSecurityContext.SetCurrentUser(appUserVm, appUserLoginVm.RememberMe); // User passed the login challenge, redirect to the homepage. return(RedirectToAction("Index", "Home")); case SignInStatus.RequiresVerification: // User passed the login challenge but needs to verify email. return(RedirectToAction("EmailConfirmTokenSent")); case SignInStatus.LockedOut: // User is currently locked out. return(RedirectToAction("LockedOut")); default: // Invalid username or password ModelState.AddModelSummaryError("Username or password is invalid."); break; } } result = View(appUserLoginVm); return(result); }
/// <summary> /// Authenticate a user. /// </summary> /// <param name="appUserLoginVm">Login view model.</param> public async Task <StggResult <SignInStatus, AppUserVm> > LoginAsync(AppUserLoginVm appUserLoginVm) { var stggResult = new StggResult <SignInStatus, AppUserVm>(); var appUserVm = new AppUserVm(); var user = await AppUserManager.FindByNameAsync(appUserLoginVm.UserName); if (user != null) { var isLockedOut = await AppUserManager.IsLockedOutAsync(user.Id); if (AppUserManager.SupportsUserLockout && isLockedOut) { // User is locked. appUserVm.SignInStatus = SignInStatus.LockedOut; } else { // Authenticate user. if (AppUserManager.CheckPassword(user, appUserLoginVm.Password)) { // Now we need to check and reset the Access Failed Counter for this user. var getAccessFailedExceeded = AppUserManager.GetAccessFailedCount(user.Id) > 0; if (AppUserManager.SupportsUserLockout && getAccessFailedExceeded) { // Reset the failed count. var resetAccessFailResult = await AppUserManager.ResetAccessFailedCountAsync(user.Id); if (resetAccessFailResult.Succeeded == false) { appUserVm.SignInStatus = SignInStatus.Failed; stggResult.AddError("Failed to login."); } } var emailIsConfirmed = AppUserManager.IsEmailConfirmed(user.Id); if (!emailIsConfirmed) { appUserVm.SignInStatus = SignInStatus.RequiresVerification; stggResult.AddError("Email requires verification."); } var userRoleIds = user.Roles.Select(e => e.RoleId); var roleNames = FindRolesByIds(userRoleIds); appUserVm = new AppUserVm(user, roleNames, true); } else { var lockedoutEnabledForUser = await AppUserManager.GetLockoutEnabledAsync(user.Id); // Password was not valid. if (AppUserManager.SupportsUserLockout && lockedoutEnabledForUser) { // Increment access failed count. var accessFailedResult = await AppUserManager.AccessFailedAsync(user.Id); if (accessFailedResult.Succeeded == false) { appUserVm.SignInStatus = SignInStatus.LockedOut; stggResult.AddError("User is locked out."); } else { appUserVm.SignInStatus = SignInStatus.Failed; } } else { appUserVm.SignInStatus = SignInStatus.Failed; } } } } else { // We could not find this user from the database. appUserVm.SignInStatus = SignInStatus.Failed; } stggResult.SetValue(appUserVm); stggResult.SetStatus(appUserVm.SignInStatus); return(stggResult); }