public IActionResult LoginPost(LoginViewModel viewModel)
{
viewModel.ParseAndValidateParameters(Request, m => m.EmailAddress);
viewModel.ParseAndValidateParameters(Request, m => m.Password);
if (viewModel.HasAnyErrors())
{
return(View("Login", viewModel));
}
User user = userRepository.FindByEmail(viewModel.EmailAddress, UserStatuses.New, UserStatuses.Active);
if (user == null)
{
viewModel.AddErrorFor(m => m.Password, "Incorrect email address or password. Please double-check and try again");
return(View("Login", viewModel));
}
if (LoginHelper.UserIsLockedOutBecauseOfTooManyRecentFailedLoginAttempts(user))
{
viewModel.AddErrorFor(
m => m.Password,
"You have entered the email address or password wrong too many times. "
+ $"Please try again in {LoginHelper.GetMinutesUntilAccountIsUnlocked(user)} minutes");
return(View("Login", viewModel));
}
if (!userRepository.CheckPassword(user, viewModel.Password))
{
viewModel.AddErrorFor(m => m.Password, "Incorrect email address or password. Please double-check and try again");
return(View("Login", viewModel));
}
ControllerHelper.ThrowIfUserAccountRetiredOrEmailNotVerified(user);
string userRole = user.IsAdministrator() ? LoginRoles.GpgAdmin : LoginRoles.GpgEmployer;
LoginHelper.Login(HttpContext, user.UserId, userRole);
if (ReturnUrlIsAllowed(viewModel.ReturnUrl))
{
// Above condition prevents invalid return urls
//disable:DoNotUseRedirectWithReturnUrls
return(Redirect(viewModel.ReturnUrl));
}
else if (user.IsAdministrator())
{
return(RedirectToAction("AdminHomePage", "AdminHomepage"));
}
else
{
return(RedirectToAction("ManageOrganisationsGet", "ManageOrganisations"));
}
}