public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
CustomerEntities db = new CustomerEntities();
var r = db.客戶資料.Where(o => o.帳號 == model.帳號 && o.密碼 == model.Password).FirstOrDefault();
//if (!ModelState.IsValid)
if (r == null)
{
return View(model);
}
// 這不會計算為帳戶鎖定的登入失敗
// 若要啟用密碼失敗來觸發帳戶鎖定,請變更為 shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.帳號, model.Password, model.RememberMe, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "登入嘗試失試。");
return View(model);
}
}
public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
{
//將使用者輸入的字串轉成Base64String
//string base64Password = Convert.ToBase64String(Encoding.UTF8.GetBytes(Password));
//todo到DB抓使用者資料
//假如抓不到系統使用者資料
//※為了Demo用這種寫法,實際請換成判斷DB的資料存不存在
CustomerEntities db = new CustomerEntities();
using (SHA256CryptoServiceProvider csp = new SHA256CryptoServiceProvider())
{
var p = Password;
Password = BitConverter.ToString(csp.ComputeHash(Encoding.Default.GetBytes(p))).Replace("-", "");
}
var r = db.客戶資料.Where(o => o.帳號 == Account && o.密碼 == Password).FirstOrDefault();
if (r == null)
{
yield return new ValidationResult("無此帳號或密碼", new string[] { "Account" });
}
}