public async Task <IActionResult> Login(LoginViewModel model, string returnUrl = null) { string captchaResponse = Request.Form["g-Recaptcha-Response"]; ReCaptchaValidationResult captchaResult = IsValid(captchaResponse); if (!captchaResult.Success) { ModelState.AddModelError(string.Empty, "Captcha not passed!"); return(View(model)); } ViewData["ReturnUrl"] = returnUrl; if (ModelState.IsValid) { var user = await _userManager.FindByEmailAsync(model.Email); if (user != null && user.Status == UserStatus.NoStatus) { ModelState.AddModelError(string.Empty, "Please verify your account through the email sent to this address."); var code = await _userManager.GenerateEmailConfirmationTokenAsync(user); var callbackUrl = Url.EmailConfirmationLink(user.Id, code, Request.Scheme); await _emailSender.SendEmailConfirmationAsync(model.Email, callbackUrl); return(View(model)); } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure : false); if (result.Succeeded) { _logger.LogInformation("User logged in."); return(RedirectToLocal(returnUrl)); } if (result.RequiresTwoFactor) { return(RedirectToAction(nameof(LoginWith2fa), new { returnUrl, model.RememberMe })); } if (result.IsLockedOut) { _logger.LogWarning("User account locked out."); return(RedirectToAction(nameof(Lockout))); } else { ModelState.AddModelError(string.Empty, "Invalid login attempt."); return(View(model)); } } // If we got this far, something failed, redisplay form return(View(model)); }
public async Task <IActionResult> Register(RegisterViewModel model, string returnUrl = null) { string captchaResponse = Request.Form["g-Recaptcha-Response"]; ReCaptchaValidationResult captchaResult = IsValid(captchaResponse); if (!captchaResult.Success) { ModelState.AddModelError(string.Empty, "Captcha not passed!"); return(View(model)); } ViewData["ReturnUrl"] = returnUrl; if (ModelState.IsValid) { var user = new ApplicationUser { UserName = model.Email, Email = model.Email }; var result = await _userManager.CreateAsync(user, model.Password); if (result.Succeeded) { _logger.LogInformation("User created a new account with password."); var code = await _userManager.GenerateEmailConfirmationTokenAsync(user); var callbackUrl = Url.EmailConfirmationLink(user.Id, code, Request.Scheme); await _emailSender.SendEmailConfirmationAsync(model.Email, callbackUrl); //prevent login, force confirmation //await _signInManager.SignInAsync(user, isPersistent: false); _logger.LogInformation("User created a new account with password."); return(RedirectToLocal(returnUrl)); } AddErrors(result); } // If we got this far, something failed, redisplay form return(View(model)); }