public async Task <IActionResult> Authorize(AuthorizeViewModel model) { if (!_allowPasswordSignIn) { return(Unauthorized()); } var app = (await _apiService.AppInfoAsync(model.AppId)).App; if (!ModelState.IsValid) { model.Recover(app.AppName, app.IconPath, _allowRegistering, _allowPasswordSignIn); return(View(model)); } var mail = await _dbContext .UserEmails .Include(t => t.Owner) .SingleOrDefaultAsync(t => t.EmailAddress == model.Email.ToLower()); if (mail == null) { ModelState.AddModelError(string.Empty, "Unknown user email."); model.Recover(app.AppName, app.IconPath, _allowRegistering, _allowPasswordSignIn); return(View(model)); } var user = mail.Owner; var result = await _signInManager.PasswordSignInAsync(user, model.Password, isPersistent : true, lockoutOnFailure : true); await _authLogger.LogAuthRecord(user.Id, HttpContext, result.Succeeded || result.RequiresTwoFactor, app.AppId); if (result.Succeeded) { return(await _authManager.FinishAuth(user, model, app.ForceConfirmation, app.TrustedApp)); } if (result.RequiresTwoFactor) { return(Redirect(new AiurUrl($"/oauth/{nameof(SecondAuth)}", new FinishAuthInfo { AppId = model.AppId, RedirectUri = model.RedirectUri, State = model.State }).ToString())); } ModelState.AddModelError(string.Empty, result.IsLockedOut ? "The account is locked for too many attempts." : "The password does not match our records."); model.Recover(app.AppName, app.IconPath, _allowRegistering, _allowPasswordSignIn); return(View(model)); }
public async Task <IActionResult> Authorize(AuthorizeViewModel model) { App app; try { app = (await _apiService.AppInfoAsync(model.AppId)).App; } catch (AiurUnexceptedResponse) { return(NotFound()); } if (!ModelState.IsValid) { return(View(model)); } var mail = await _dbContext .UserEmails .Include(t => t.Owner) .SingleOrDefaultAsync(t => t.EmailAddress == model.Email.ToLower()); if (mail == null) { ModelState.AddModelError(string.Empty, "Unknown user email."); model.Recover(app.AppName, app.AppIconAddress); return(View(model)); } var user = mail.Owner; var result = await _signInManager.PasswordSignInAsync(user, model.Password, isPersistent : true, lockoutOnFailure : true); if (result.Succeeded) { return(await FinishAuth(model, app.ForceConfirmation)); } else if (result.RequiresTwoFactor) { throw new NotImplementedException(); } else if (result.IsLockedOut) { ModelState.AddModelError(string.Empty, "The account is locked for too many attempts."); } else { ModelState.AddModelError(string.Empty, "The password does not match our records."); } model.Recover(app.AppName, app.AppIconAddress); return(View(model)); }
public async Task <IActionResult> Authorize(AuthorizeViewModel model) { var capp = await APIService.AppInfoAsync(model.AppId); if (ModelState.IsValid) { var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, isPersistent : model.RememberMe, lockoutOnFailure : true); if (result.Succeeded) { return(await FinishAuth(model, capp.ForceConfirmation)); } else if (result.RequiresTwoFactor) { throw new NotImplementedException(); } else if (result.IsLockedOut) { throw new NotImplementedException(); } else { ModelState.AddModelError(string.Empty, "Invalid login attempt."); } } model.Recover(capp.AppName, capp.AppImageUrl); return(View(model)); }