public async Task<ActionResult> Login(LoginViewModel model, string returnUrl) { if (!ModelState.IsValid) { return View(model); } //customer logs in with email and password. But authentication is by AmazonID as username //this looks up amazonid and passes it as username for authentication. Returns //Invalid Login if email is not in db. string username; try { username = (from c in appcontext.Users where c.Email.Equals(model.Email) select c.UserName).Single().ToString(); } catch { ModelState.AddModelError("", "Invalid login attempt."); return View(model); } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, change to shouldLockout: true var result = await SignInManager.PasswordSignInAsync(username, model.Password, model.RememberMe, shouldLockout: false); // Authenticate user first, then check if confirmed email. Log back out if not confirmed. // Require the user to have a confirmed email before they can log on. var user = await UserManager.FindByNameAsync(username); if (user != null) { if (!await UserManager.IsEmailConfirmedAsync(user.Id)) { ViewBag.Message = "You must have a confirmed email to log on. We just re-sent the confirmation link to " + "the email you signed-up with."; string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id); var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme); var response = SendEmailConfirmation(user.Email, callbackUrl, false); AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie); return View("Login"); } } switch (result) { case SignInStatus.Success: return RedirectToLocal(returnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.RequiresVerification: return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }); case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid login attempt."); return View(model); } }
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl) { if (!ModelState.IsValid) { return View(model); } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, change to shouldLockout: true var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false); switch (result) { case SignInStatus.Success: return RedirectToLocal(returnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.RequiresVerification: return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }); case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid login attempt."); return View(model); } }