public async Task <IActionResult> PasswordAuth(PasswordAuthAddressModel model) { var app = (await _apiService.AppInfoAsync(model.AppId)).App; if (app == null) { return(NotFound()); } var mail = await _dbContext .UserEmails .Include(t => t.Owner) .SingleOrDefaultAsync(t => t.EmailAddress == model.Email); if (mail == null) { ModelState.AddModelError(string.Empty, "Unknown user email."); return(ResultGenerator.GetInvalidModelStateErrorResponse(ModelState)); } var user = mail.Owner; var result = await _signInManager.PasswordSignInAsync(user, model.Password, isPersistent : false, lockoutOnFailure : true); if (result.Succeeded) { OAuthPack pack = null; if (await user.HasAuthorizedApp(_dbContext, model.AppId)) { pack = await user.GeneratePack(_dbContext, model.AppId); } else { await user.GrantTargetApp(_dbContext, model.AppId); pack = await user.GeneratePack(_dbContext, model.AppId); } return(Json(new AiurValue <int>(pack.Code) { Code = ErrorType.Success, Message = "Auth success." })); } else if (result.RequiresTwoFactor) { throw new NotImplementedException(); } else if (result.IsLockedOut) { throw new NotImplementedException(); } else { return(this.Protocal(ErrorType.Unauthorized, "Wrong password!")); } }
public async Task <IActionResult> PasswordAuth(PasswordAuthAddressModel model) { var appId = _tokenManager.ValidateAccessToken(model.AccessToken); var mail = await _dbContext .UserEmails .Include(t => t.Owner) .SingleOrDefaultAsync(t => t.EmailAddress == model.Email); if (mail == null) { return(this.Protocol(ErrorType.NotFound, $"The account with email {model.Email} was not found!")); } var user = mail.Owner; var result = await _signInManager.PasswordSignInAsync(user, model.Password, isPersistent : false, lockoutOnFailure : true); if (result.Succeeded) { if (!await user.HasAuthorizedApp(_dbContext, appId)) { await user.GrantTargetApp(_dbContext, appId); } var pack = await user.GeneratePack(_dbContext, appId); return(Json(new AiurValue <int>(pack.Code) { Code = ErrorType.Success, Message = "Auth success." })); } else if (result.RequiresTwoFactor) { throw new NotImplementedException(); } else if (result.IsLockedOut) { return(this.Protocol(ErrorType.Unauthorized, $"The account with email {model.Email} was locked! Please try again several minutes later!")); } else { return(this.Protocol(ErrorType.Unauthorized, "Wrong password!")); } }