//[Route("login")] public async Task<ActionResult> Login(LoginFormModel formModel, string returnUrl) { var form = Service.GetForm(SiteContext.Current, formModel.Id); if (form != null) { var formErrors = GetFormErrors(ModelState); if (formErrors == null) { form.PostedSuccessfully = true; var loginResult = await SecurityService.PasswordSingInAsync( formModel.Email, formModel.Password, false); switch (loginResult) { case SignInStatus.Success: var identity = SecurityService.CreateClaimsIdentity(formModel.Email); AuthenticationManager.SignIn(identity); return RedirectToLocal(returnUrl); case SignInStatus.LockedOut: return View("lockedout"); case SignInStatus.RequiresVerification: return RedirectToAction("SendCode", "Account"); case SignInStatus.Failure: default: form.Errors = new SubmitFormErrors("form", "Login attempt fails."); form.PostedSuccessfully = false; return View("customers/login"); } } else { form.Errors = formErrors; form.PostedSuccessfully = false; return View("customers/login"); } } Context.ErrorMessage = "Liquid error: Form context was not found."; return View("error"); }
//[RequireHttps] public async Task<ActionResult> Login(LoginFormModel formModel, string returnUrl) { var form = Service.GetForm(SiteContext.Current, formModel.Id); if (form != null) { var formErrors = GetFormErrors(ModelState); if (formErrors == null) { form.PostedSuccessfully = true; if (!String.IsNullOrEmpty(formModel.ImpersonatedUserId)) { var csrUser = await SecurityService.GetUserByNameAsync(formModel.Email); if (csrUser == null) { Context.ErrorMessage = "CSR user was not found."; return View("error"); } //if (!csrUser.Permissions.Contains("customer:loginOnBehalf", StringComparer.OrdinalIgnoreCase)) //{ // return View("error"); //} //var csrCustomer = await CustomerService.GetCustomerAsync(formModel.Email, Context.StoreId); //if (csrCustomer == null) //{ // return View("error"); //} var user = await SecurityService.GetUserByIdAsync(formModel.ImpersonatedUserId); if (user == null) { Context.ErrorMessage = "User was not found."; return View("error"); } var customer = await CustomerService.GetCustomerAsync(user.Email, Context.StoreId); if (customer == null) { Context.ErrorMessage = "User has no account."; return View("error"); } var customerIdentity = SecurityService.CreateClaimsIdentity(user.Email); AuthenticationManager.SignIn(SecurityService.CreateClaimsIdentity(user.Email)); return RedirectToLocal(returnUrl); } else { var loginResult = await SecurityService.PasswordSingInAsync( formModel.Email, formModel.Password, false); switch (loginResult) { case SignInStatus.Success: var identity = SecurityService.CreateClaimsIdentity(formModel.Email); AuthenticationManager.SignIn(identity); return RedirectToLocal(returnUrl); case SignInStatus.LockedOut: return View("lockedout"); case SignInStatus.RequiresVerification: return RedirectToAction("SendCode", "Account"); case SignInStatus.Failure: default: form.Errors = new SubmitFormErrors("form", "Login attempt fails."); form.PostedSuccessfully = false; return View("customers/login"); } } } else { form.Errors = formErrors; form.PostedSuccessfully = false; return View("customers/login"); } } Context.ErrorMessage = "Liquid error: Form context was not found."; return View("error"); }