public async Task <IActionResult> Signup(RegistrationViewModel model)
{
if (ModelState.IsValid)
{
QuizNSwap.Data.Models.User user = new QuizNSwap.Data.Models.User
{
UserName = model.UserName,
Email = model.Email
};
IdentityResult result
= await userManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
await signInManager.SignInAsync(user, isPersistent : false);
return(RedirectToAction("Index", "Home", new { area = "Dashboard" }));
}
else
{
foreach (IdentityError error in result.Errors)
{
ModelState.AddModelError("", error.Description);
}
}
}
return(View("Index"));
}
public async Task <IActionResult> Login(LoginViewModel details)
{
if (ModelState.IsValid)
{
QuizNSwap.Data.Models.User user = await userManager.FindByEmailAsync(details.Email);
if (user != null)
{
//This method cancels any existing session that the user has
await signInManager.SignOutAsync();
Microsoft.AspNetCore.Identity.SignInResult result =
/*The arguments for the PasswordSignInAsync method are the user
* object, the password that the user has provided, a bool argument that controls whether the authentication
* cookie is persistent(which I disabled) and whether the account should be locked out if the password is
* correct(which I also disabled).*/
await signInManager.PasswordSignInAsync(
user, details.Password, false, false);
if (result.Succeeded)
{
//redirect the user to the returnUrl location if it is true
return(RedirectToAction("Index", "Home", new { area = "Dashboard" }));
}
}
//add a validation error and redisplay the Login view to the user so they can try again
ModelState.AddModelError(nameof(LoginViewModel.Email),
"Invalid user or password");
/*
* As part of the authentication process, Identity adds a cookie to the response, which the browser then
* includes in any subsequent request and which is used to identify the user’s session and the account that is
* associated with it. We don’t have to create or manage the cookie directly, as it is handled automatically by
* the Identity middleware.
*/
}
return(View("Index"));
}