public async Task <IActionResult> Login(string returnUrl, LoginSubmission submission) { if (submission == null) { logger.LogWarning("Login rejected; Reason: missing body; Origin: {0}", HttpContext.GetRemoteAddress()); return(BadRequest()); } if (submission.Password.Length > PropertyLengthLimit) { logger.LogWarning("Login rejected; Reason: password violates property length limit; Origin: {0}", HttpContext.GetRemoteAddress()); return(BadRequest()); } if (submission.Username.Length > PropertyLengthLimit) { logger.LogWarning("Login rejected; Reason: username violates property length limit; Origin: {0}", HttpContext.GetRemoteAddress()); return(BadRequest()); } if (VetEmail(submission.Username) && VetPassword(submission.Password)) { var account = await databaseService.GetAccountAsync(submission.Username); var isValid = Password.EvaluatePassword(submission.Password, account.PasswordDigest); if (isValid) { var claims = new[] { new Claim(ClaimTypes.NameIdentifier, account.Id.ToString(), ClaimValueTypes.String), new Claim(ClaimTypes.Name, account.DisplayName, ClaimValueTypes.String) }; var claimsIdentity = new ClaimsIdentity(claims, "SecureLogin"); var authProperties = new AuthenticationProperties { ExpiresUtc = DateTimeOffset.UtcNow.AddYears(1), IsPersistent = true }; await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); return(Redirect(returnUrl ?? "/")); } } return(View(new LoginViewModel(returnUrl, true))); }
public virtual ActionResult Index(LoginSubmission loginSubmission) { // Validate HTML form. if (!ModelState.IsValid) { return(View(loginSubmission)); } // Process login. IAuthenticationManager authenticationManager = HttpContext.GetOwinContext().Authentication; var idService = new IdentityService(authenticationManager); var authenticationResult = idService.SignIn(loginSubmission.Username, loginSubmission.Password); if (authenticationResult.IsSuccess) { return(RedirectToAction("Index", "View")); } // Process errors. System.Web.HttpContext.Current.Session["StatusMessage"] = authenticationResult.ErrorMessage; return(View(loginSubmission)); }
public IActionResult Login(LoginSubmission sub) { Console.WriteLine("\n\n** Loggin In"); if (ModelState.IsValid) { Console.WriteLine("-- Model is valid."); User dbUser = _context.Users .FirstOrDefault <User>(u => u.Email == sub.Email); if (dbUser == null) { Console.WriteLine("XXX No User with that email."); ModelState.AddModelError("Email", "Cannot Login."); return(View("Index")); } PasswordHasher <LoginSubmission> hasher = new PasswordHasher <LoginSubmission>(); var result = hasher.VerifyHashedPassword(sub, dbUser.Password, sub.Password); if (result == PasswordVerificationResult.Failed) { Console.WriteLine("XXX Password invalid."); ModelState.AddModelError("Password", "Cannot Login"); return(View("Index")); } // check login info //// return views from errors HttpContext.Session.SetInt32("UserId", dbUser.UserId); Console.WriteLine($"\n\n*** Login Successful! User Id: {HttpContext.Session.GetInt32("UserId")}"); return(RedirectToAction("Success")); } Console.WriteLine("Model is invalid."); return(View("Index")); }