public async Task <IActionResult> OnGetAsync(string paramUsername, string paramPassword) { if (string.IsNullOrEmpty(paramUsername) || string.IsNullOrEmpty(paramPassword)) { return(LocalRedirect("/")); } string returnUrl = Url.Content("~/"); try { // Clear the existing external cookie await HttpContext .SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); } catch { } string passwordHash = HelperHash.HashString(paramPassword); using var context = new AggregatorContext(); var adminUser = await context !.AdminUsers !.FirstOrDefaultAsync(l => l.Login == paramUsername && l.Password == passwordHash); if (adminUser != null) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, paramUsername), new Claim(ClaimTypes.Role, "Administrator"), }; var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { IsPersistent = true, RedirectUri = this.Request.Host.Value }; try { await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); } catch (Exception ex) { string error = ex.Message; throw; } return(LocalRedirect(returnUrl)); } return(LocalRedirect("/")); }