public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
public void Login_UserCanLogin()
{
string returnUrl = "/Home/Index";
string userName = "******";
string password = "******";
WebSecurity.Setup(s => s.Login(userName, password, false)).Returns(true);
var model = new LoginViewModel
{
UserName = userName,
Password = password
};
var result = Controller.Login(model, returnUrl) as RedirectResult;
Assert.NotNull(result);
Assert.Equal(returnUrl, result.Url);
}
public void Login_InvalidCredentialsRedisplaysLoginScreen()
{
string returnUrl = "/Home/Index";
string userName = "******";
string password = "******";
WebSecurity.Setup(s => s.Login(userName, password, false)).Returns(false);
var model = new LoginViewModel
{
UserName = userName,
Password = password
};
var result = Controller.Login(model, returnUrl) as ViewResult;
Assert.NotNull(result);
}
public ActionResult Login(LoginViewModel model, string returnUrl)
{
if (ModelState.IsValid && _webSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe))
{
return RedirectToLocal(returnUrl);
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return View(model);
}