public async Task <ActionResult> ExternalLoginCallback(string returnUrl) { var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync(); if (loginInfo == null) { return(RedirectToAction("Login")); } // Sign in the user with this external login provider if the user already has a login var result = await SignInManager.ExternalSignInAsync(loginInfo, isPersistent : false); switch (result) { case SignInStatus.Success: LoginLog.CreateLoginLog(loginInfo.Email, true, UserManager); return(RedirectToLocal(returnUrl)); case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.RequiresVerification: return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = false })); case SignInStatus.Failure: default: // If the user does not have an account, then prompt the user to create an account ViewBag.ReturnUrl = returnUrl; ViewBag.LoginProvider = loginInfo.Login.LoginProvider; LoginLog.CreateLoginLog(loginInfo.Email, false, UserManager); return(View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { Email = loginInfo.Email })); } }
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return(View(model)); } // The following code protects for brute force attacks against the two factor codes. // If a user enters incorrect codes for a specified amount of time then the user account // will be locked out for a specified amount of time. // You can configure the account lockout settings in IdentityConfig var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser); switch (result) { case SignInStatus.Success: LoginLog.CreateLoginLog(model.Email, true, UserManager); return(RedirectToLocal(model.ReturnUrl)); case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid code."); LoginLog.CreateLoginLog(model.Email, false, UserManager); return(View(model)); } }
public async Task <ActionResult> ExternalLoginConfirmation(ExternalLoginConfirmationViewModel model, string returnUrl) { if (User.Identity.IsAuthenticated) { LoginLog.CreateLoginLog(model.Email, true, UserManager); return(RedirectToAction("Index", "Manage")); } if (ModelState.IsValid) { // Get the information about the user from the external login provider var info = await AuthenticationManager.GetExternalLoginInfoAsync(); if (info == null) { LoginLog.CreateLoginLog(model.Email, false, UserManager); return(View("ExternalLoginFailure")); } var user = new ApplicationUser { UserName = model.Email, Email = model.Email }; var result = await UserManager.CreateAsync(user); if (result.Succeeded) { result = await UserManager.AddLoginAsync(user.Id, info.Login); LoginLog.CreateLoginLog(info.Email, true, UserManager); if (result.Succeeded) { await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false); return(RedirectToLocal(returnUrl)); } } LoginLog.CreateLoginLog(model.Email, false, UserManager); } ViewBag.ReturnUrl = returnUrl; return(View(model)); }
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl) { if (!ModelState.IsValid) { return(View(model)); } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, change to shouldLockout: true var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout : true); switch (result) { case SignInStatus.Success: LoginLog.CreateLoginLog(model.Email, true, UserManager); return(RedirectToLocal(returnUrl)); case SignInStatus.LockedOut: LoginLog.CreateLoginLog(model.Email, false, UserManager); return(View("Lockout")); case SignInStatus.RequiresVerification: return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe })); case SignInStatus.Failure: ApplicationUser user = UserManager.FindByEmail(model.Email); if (user != null) { user.AccessFailedCount++; UserManager.Update(user); } LoginLog.CreateLoginLog(model.Email, false, UserManager); return(View(model)); default: ModelState.AddModelError("", "Invalid login attempt."); LoginLog.CreateLoginLog(model.Email, false, UserManager); return(View(model)); } }