public async Task <IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _userManager.Login(model.Email, model.Password);
if (result != null)
{
_logger.LogInformation(1, "User logged in.");
var ident = new ClaimsIdentity(
new[] {
// adding following 2 claim just for supporting default antiforgery provider
new Claim(ClaimTypes.NameIdentifier, result.Username),
new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity", "http://www.w3.org/2001/XMLSchema#string"),
new Claim(ClaimTypes.Name, result.Username),
},
DefaultAuthenticationTypes.ApplicationCookie);
var p = new ClaimsPrincipal(ident);
await HttpContext.Authentication.SignInAsync("MyCookieAuth", p);
return(RedirectToLocal(returnUrl));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(View(model));
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
