Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout : false);
switch (result)
{
case SignInStatus.Success:
ApplicationUser user = UserManager.FindByEmail(model.Email);
//validate user status - if not active then give appropriate message and reject - NOTE "Awaiting organisation details" is fine to go through as it allows the logged in user to add details
EntityStatusEnum appUserStatus = AppUserHelpers.GetAppUserEntityStatus(user);
switch (appUserStatus)
{
case EntityStatusEnum.OnHold:
ModelState.AddModelError("", "This user is currently on hold. You will need to contact your account administrator to active your account.");
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
return(View(model));
case EntityStatusEnum.Inactive:
ModelState.AddModelError("", "This user is currently inactive. You will need to re-register or contact your account administrator.");
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
return(View(model));
case EntityStatusEnum.Rejected:
ModelState.AddModelError("", "This user is currently rejected. You will need to contact your account administrator to active your account.");
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
return(View(model));
case EntityStatusEnum.PasswordResetRequired:
return(RedirectToAction("ChangePassword", "Manage"));
}
return(RedirectToLocal(returnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return(View(model));
}
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout : false);
switch (result)
{
case SignInStatus.Success:
ApplicationUser user = UserManager.FindByEmail(model.Email);
//validate the user is not on-hold
if (!AppUserHelpers.IsAppUserActive(user))
{
EntityStatusEnum appUserStatus = AppUserHelpers.GetAppUserEntityStatus(user);
switch (appUserStatus)
{
case EntityStatusEnum.Inactive:
ModelState.AddModelError("", "This user is currently inactive. You will need to re-register or contact your account administrator");
break;
case EntityStatusEnum.OnHold:
ModelState.AddModelError("", "This user is currently on hold. You will need to contact your account administrator to active your account");
break;
}
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
return(View(model));
}
else
{
return(RedirectToAction("Index", "Home"));
}
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return(View(model));
}
}