public override async Task AuthenticateLocalAsync(LocalAuthenticationContext ctx)
{
var username = ctx.UserName;
var password = ctx.Password;
var message = ctx.SignInMessage;
ctx.AuthenticateResult = null;
if (userManager.SupportsUserPassword)
{
var user = await FindUserAsync(username);
if (user != null)
{
if (!await userManager.IsEmailConfirmedAsync(user.Id))
{
return;
}
if (userManager.SupportsUserLockout &&
await userManager.IsLockedOutAsync(user.Id))
{
return;
}
if (await userManager.CheckPasswordAsync(user, password))
{
if (userManager.SupportsUserLockout)
{
await userManager.ResetAccessFailedCountAsync(user.Id);
}
var result = await PostAuthenticateLocalAsync(user, message);
if (result == null)
{
var claims = await GetClaimsForAuthenticateResult(user);
result = new AuthenticateResult(user.Id.ToString(), await GetDisplayNameForAccountAsync(user.Id), claims);
}
ctx.AuthenticateResult = result;
}
else if (userManager.SupportsUserLockout)
{
await userManager.AccessFailedAsync(user.Id);
}
}
}
}
public async System.Threading.Tasks.Task <ActionResult> LogOn(string username, string password, bool?staySignedIn, string returnUrl)
{
var userStore = new Microsoft.AspNet.Identity.EntityFramework.UserStore <Microsoft.AspNet.Identity.EntityFramework.IdentityUser>();
var manager = new Microsoft.AspNet.Identity.UserManager <Microsoft.AspNet.Identity.EntityFramework.IdentityUser>(userStore);
var user = await manager.FindByNameAsync(username);
bool result = await manager.CheckPasswordAsync(user, password);
if (result)
{
if (user.EmailConfirmed)
{
//I have some options: log them in, or I can send them an email to "Confirm" their account details.'
//I don't have email set up this week, so we'll come back to that.
//This authentication manager will create a cookie for the current user, and that cookie will be exchanged on each request until the user logs out
var authenticationManager = HttpContext.GetOwinContext().Authentication;
var userIdentity = await manager.CreateIdentityAsync(user, Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationCookie);
authenticationManager.SignIn(new Microsoft.Owin.Security.AuthenticationProperties()
{
}, userIdentity);
}
else
{
ViewBag.Error = new string[] { "Your email address has not been confirmed." };
return(View());
}
}
else
{
ViewBag.Error = new string[] { "Unable to Log In, check your username and password" };
return(View());
}
if (string.IsNullOrEmpty(returnUrl))
{
return(RedirectToAction("Index", "Home"));
}
else
{
return(Redirect(returnUrl));
}
}
