private async Task <LoginResultModel> LoginInternal(AuthorizationRequest context, LoginInputModel model)
{
var resultmodel = new LoginResultModel();
resultmodel.ReturnUrl = model.ReturnUrl;
if (await _localUserService.ValidateCredentialsAsync(model.Username, model.Password))
{
var user = await _localUserService.GetUserByUserNameOrEmailAsync(model.Username);
await _events.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Subject, user.UserName, clientId : context?.Client.ClientId));
// only set explicit expiration here if user chooses "remember me".
// otherwise we rely upon expiration configured in cookie middleware.
AuthenticationProperties props = null;
if (AccountOptions.AllowRememberLogin && model.RememberLogin)
{
props = new AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration)
};
}
;
// issue authentication cookie with subject ID and username
var isuser = new IdentityServerUser(user.Subject)
{
DisplayName = user.UserName
};
await HttpContext.SignInAsync(isuser, props);
if (_interaction.IsValidReturnUrl(model.ReturnUrl) || Url.IsLocalUrl(model.ReturnUrl))
{
return(resultmodel.WithStatus(Status.Ok));
}
resultmodel.ReturnUrl = "/";
return(resultmodel.WithStatus(Status.Ok));
}
return(resultmodel.WithStatus(Status.Error).WithError("Invalid login attempt."));
}
