public async Task <IActionResult> Login(LoginViewModel model, string returnUrl = null, bool forceLoginBySession = false)
{
if (HttpContext.User.Identity.IsAuthenticated)
{
return(RedirectToUrl(returnUrl));
}
ViewData["ReturnUrl"] = returnUrl;
if (!ModelState.IsValid)
{
return(View(model));
}
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
//var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false);
var result = SignInStatus.Failed;
var loginResult = _accountApiClient.Login(new LoginQuery()
{
Email = model.Email, Password = model.Password, DeviceType = 1
});
if (loginResult.Success)
{
result = SignInStatus.Success;
var loginUser = loginResult.ResponseResult.LoginUser;
var applicationUser = new ApplicationUser(loginUser.Id, loginUser.UserName, loginUser.Email);
applicationUser.AddClaim(new Claim(ApplicationUser.JwtClaimName, loginResult.ResponseResult.Token));
await _signInManager.SignInAsync(applicationUser,
new AuthenticationProperties()
{
AllowRefresh = true,
IsPersistent = true
});
}
if (result.Succeeded)
{
_logger.LogInformation(1, "User logged in.");
return(RedirectToUrl(returnUrl));
}
if (result.RequiresTwoFactor)
{
return(RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }));
}
if (result.IsLockedOut)
{
_logger.LogWarning(2, "User account locked out.");
return(View("Lockout"));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(View(model));
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}