public async Task <IActionResult> LogIn([FromBody] LogInRequestModel model)
{
if (ModelState.IsValid)
{
LogInActionResult result = await _accountService.LogInActionAsync(model.Email, model.Password, model.RememberMe);
if (result == LogInActionResult.TwoFactorRequired)
{
return(BadRequest(new LogInResponseModel
{
ExpectedError = true,
TwoFactorRequired = true
}));
}
if (result == LogInActionResult.Success)
{
_antiforgery.AddAntiforgeryCookies(HttpContext);
return(Ok());
}
// Don't reveal whether email or password was invalid
return(BadRequest(new LogInResponseModel
{
ExpectedError = true,
ErrorMessage = Strings.ErrorMessage_LogIn_Failed
}));
}
return(BadRequest(new LogInResponseModel
{
ExpectedError = true,
ModelState = new SerializableError(ModelState)
}));
}
/// <summary>
///
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
try
{
await _antiforgery.ValidateRequestAsync(context.HttpContext);
}
catch (AntiforgeryValidationException)
{
_antiforgery.AddAntiforgeryCookies(context.HttpContext);
context.Result = new BadRequestObjectResult(new ErrorResponseModel {
ExpectedError = true,
ErrorMessage = MvcStrings.ErrorMessage_InvalidAntiForgeryToken,
AntiForgeryError = true
});
}
}
