public async Task <IActionResult> Login(string returnUrl, LoginSubmission submission)
{
if (submission == null)
{
logger.LogWarning("Login rejected; Reason: missing body; Origin: {0}", HttpContext.GetRemoteAddress());
return(BadRequest());
}
if (submission.Password.Length > PropertyLengthLimit)
{
logger.LogWarning("Login rejected; Reason: password violates property length limit; Origin: {0}", HttpContext.GetRemoteAddress());
return(BadRequest());
}
if (submission.Username.Length > PropertyLengthLimit)
{
logger.LogWarning("Login rejected; Reason: username violates property length limit; Origin: {0}", HttpContext.GetRemoteAddress());
return(BadRequest());
}
if (VetEmail(submission.Username) && VetPassword(submission.Password))
{
var account = await databaseService.GetAccountAsync(submission.Username);
var isValid = Password.EvaluatePassword(submission.Password, account.PasswordDigest);
if (isValid)
{
var claims = new[] {
new Claim(ClaimTypes.NameIdentifier, account.Id.ToString(), ClaimValueTypes.String),
new Claim(ClaimTypes.Name, account.DisplayName, ClaimValueTypes.String)
};
var claimsIdentity = new ClaimsIdentity(claims, "SecureLogin");
var authProperties = new AuthenticationProperties
{
ExpiresUtc = DateTimeOffset.UtcNow.AddYears(1),
IsPersistent = true
};
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
return(Redirect(returnUrl ?? "/"));
}
}
return(View(new LoginViewModel(returnUrl, true)));
}
public virtual ActionResult Index(LoginSubmission loginSubmission)
{
// Validate HTML form.
if (!ModelState.IsValid)
{
return(View(loginSubmission));
}
// Process login.
IAuthenticationManager authenticationManager = HttpContext.GetOwinContext().Authentication;
var idService = new IdentityService(authenticationManager);
var authenticationResult = idService.SignIn(loginSubmission.Username, loginSubmission.Password);
if (authenticationResult.IsSuccess)
{
return(RedirectToAction("Index", "View"));
}
// Process errors.
System.Web.HttpContext.Current.Session["StatusMessage"] = authenticationResult.ErrorMessage;
return(View(loginSubmission));
}
public IActionResult Login(LoginSubmission sub)
{
Console.WriteLine("\n\n** Loggin In");
if (ModelState.IsValid)
{
Console.WriteLine("-- Model is valid.");
User dbUser = _context.Users
.FirstOrDefault <User>(u => u.Email == sub.Email);
if (dbUser == null)
{
Console.WriteLine("XXX No User with that email.");
ModelState.AddModelError("Email", "Cannot Login.");
return(View("Index"));
}
PasswordHasher <LoginSubmission> hasher = new PasswordHasher <LoginSubmission>();
var result = hasher.VerifyHashedPassword(sub, dbUser.Password, sub.Password);
if (result == PasswordVerificationResult.Failed)
{
Console.WriteLine("XXX Password invalid.");
ModelState.AddModelError("Password", "Cannot Login");
return(View("Index"));
}
// check login info
//// return views from errors
HttpContext.Session.SetInt32("UserId", dbUser.UserId);
Console.WriteLine($"\n\n*** Login Successful! User Id: {HttpContext.Session.GetInt32("UserId")}");
return(RedirectToAction("Success"));
}
Console.WriteLine("Model is invalid.");
return(View("Index"));
}
