public async Task <ActionResult> Login(RegisterPageWraper model, string returnUrl) { if (!ModelState.IsValid) { return(RedirectToAction("Login", "Account")); } if (string.IsNullOrEmpty(returnUrl)) { returnUrl = "Home/Index"; } var findByEmail = UserManager.FindByEmail(model.LoginViewModel.Email); if (findByEmail == null) { ModelState.AddModelError("", "Invalid login attempt or user does not exist"); return(GetLoginStuff()); } var uid = findByEmail.Id; var uObj = UserServices.GetUserById(uid); if (uObj.Roles.Any(r => r.ToLower().Contains("admin") || r.ToLower().Contains("super admin"))) { ModelState.AddModelError("", "Invalid login attempt."); return(GetLoginStuff()); } if (!uObj.PhoneNumberConfirmed) { TempData.Add("userId", uObj.Id); TempData.Add("userNumber", uObj.Mobile); return(RedirectToAction("VerifyNumber", "Account")); } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, change to shouldLockout: true var result = await SignInManager.PasswordSignInAsync(model.LoginViewModel.Email, model.LoginViewModel.Password, true, shouldLockout : false); switch (result) { case SignInStatus.Success: { var isApproved = UserAdminService.IsUserApproved(model.LoginViewModel.Email); if (!isApproved) { var mesge = string.IsNullOrEmpty(uObj.Feedback) ? "User is not approved by admin." : uObj.Feedback; ModelState.AddModelError("", mesge); return(GetLoginStuff()); } SetUserSession(uObj); returnUrl = uObj.Type == "User" ? "/Job/ManageJobs" : "/Job/findJobs"; return(RedirectToLocal(returnUrl)); } case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.RequiresVerification: return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.LoginViewModel.RememberMe })); case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid login attempt."); return(GetLoginStuff()); } }
public async Task <HttpResponseMessage> LoginUser(LoginViewModel model) { try { HttpResponseMessage endResponse; var response = new ApiResponseModel { Data = model }; if (model == null || string.IsNullOrEmpty(model.Password) || string.IsNullOrEmpty(model.Email)) { response.Success = false; response.Message = "Mandatory data fields are missing/not mapped or not in right format"; endResponse = Request.CreateResponse(HttpStatusCode.BadRequest, response); return(endResponse); } var isApproved = UserAdminService.IsUserApproved(model.Email); if (!isApproved) { response.Message = "Account is not approved by Admin."; response.Success = false; #region Check credential of unapproved user var signInManager = HttpContext.Current.GetOwinContext().Get <ApplicationSignInManager>(); var result = await signInManager.PasswordSignInAsync(model.Email, model.Password, true, shouldLockout : false); switch (result) { case SignInStatus.Failure: { response.Message = "Invalid Username/Password."; break; } } #endregion } else { var signInManager = HttpContext.Current.GetOwinContext().Get <ApplicationSignInManager>(); var result = await signInManager.PasswordSignInAsync(model.Email, model.Password, true, shouldLockout : false); switch (result) { case SignInStatus.Success: { var usermanager = Request.GetOwinContext().GetUserManager <ApplicationUserManager>(); var uid = usermanager.FindByEmail(model.Email).Id; response.Message = "Logged-in successfully"; response.Success = true; response.JToken = "a%&@JK*@#CG|wJ"; response.UserId = uid; break; } default: /* Optional */ { response.Message = "Invalid Username/Password."; response.Success = false; response.JToken = null; break; } } } endResponse = Request.CreateResponse(HttpStatusCode.OK, response); return(endResponse); } catch (Exception excep) { var response = new ApiResponseModel { Data = model, Message = excep.InnerException.Message, Success = false }; var endResponse = Request.CreateResponse(HttpStatusCode.InternalServerError, response); return(endResponse); } }