public async Task <IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
string captchaResponse = Request.Form["g-Recaptcha-Response"];
ReCaptchaValidationResult captchaResult = IsValid(captchaResponse);
if (!captchaResult.Success)
{
ModelState.AddModelError(string.Empty, "Captcha not passed!");
return(View(model));
}
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user != null && user.Status == UserStatus.NoStatus)
{
ModelState.AddModelError(string.Empty, "Please verify your account through the email sent to this address.");
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var callbackUrl = Url.EmailConfirmationLink(user.Id, code, Request.Scheme);
await _emailSender.SendEmailConfirmationAsync(model.Email, callbackUrl);
return(View(model));
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure : false);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
return(RedirectToLocal(returnUrl));
}
if (result.RequiresTwoFactor)
{
return(RedirectToAction(nameof(LoginWith2fa), new { returnUrl, model.RememberMe }));
}
if (result.IsLockedOut)
{
_logger.LogWarning("User account locked out.");
return(RedirectToAction(nameof(Lockout)));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(View(model));
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public async Task <IActionResult> Register(RegisterViewModel model, string returnUrl = null)
{
string captchaResponse = Request.Form["g-Recaptcha-Response"];
ReCaptchaValidationResult captchaResult = IsValid(captchaResponse);
if (!captchaResult.Success)
{
ModelState.AddModelError(string.Empty, "Captcha not passed!");
return(View(model));
}
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
var user = new ApplicationUser {
UserName = model.Email, Email = model.Email
};
var result = await _userManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
_logger.LogInformation("User created a new account with password.");
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var callbackUrl = Url.EmailConfirmationLink(user.Id, code, Request.Scheme);
await _emailSender.SendEmailConfirmationAsync(model.Email, callbackUrl);
//prevent login, force confirmation
//await _signInManager.SignInAsync(user, isPersistent: false);
_logger.LogInformation("User created a new account with password.");
return(RedirectToLocal(returnUrl));
}
AddErrors(result);
}
// If we got this far, something failed, redisplay form
return(View(model));
}
