public override Task <SignInResult> CheckPasswordSignInAsync(NuApplicationUser user, string password, bool lockoutOnFailure) { return(Task.Run <SignInResult>(async() => { try { if (user == null || String.IsNullOrEmpty(user.UserName)) { Logger.LogError("NuApplicationUser is null or UserName is empty."); return SignInResult.Failed; } if (String.IsNullOrEmpty(password)) { Logger.LogError("Password parameter is empty."); return SignInResult.Failed; } var u = ctx.UserAuthentications.SingleOrDefault(f => f.Username == user.UserName); if (u != null) { if (String.IsNullOrEmpty(u.Password)) { Logger.LogError("User password in database is empty."); return SignInResult.Failed; } if (password == DataEncryption.Decrypt(u.Password)) { const string Issuer = "https://numedics.com"; var claims = new List <Claim> { new Claim(ClaimTypes.Name, u.Username, ClaimValueTypes.String, Issuer), new Claim(ClaimTypes.Sid, u.UserId.ToString(), ClaimValueTypes.Sid, Issuer) }; var userIdentity = new ClaimsIdentity("Login"); userIdentity.AddClaims(claims); var principle = new ClaimsPrincipal(userIdentity); await Context.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principle, new AuthenticationProperties { AllowRefresh = false, IsPersistent = false, ExpiresUtc = DateTime.UtcNow.AddHours(1) }); return SignInResult.Success; } else { if (lockoutOnFailure) { Logger.LogInformation($"Sign in failed for Username: {user.UserName}. Automatic lockout is enabled."); return await this.LockedOut(user); } else { Logger.LogInformation($"Sign in failed for Username: {user.UserName}."); return SignInResult.Failed; } } } else { Logger.LogInformation($"Sign in failed for Username: {user.UserName}. Username not found"); return SignInResult.Failed; } } catch (InvalidOperationException e) { Logger.LogError(e, $"Duplicate username in database: {user.UserName}."); return SignInResult.Failed; } catch (Exception e) { Logger.LogError(e, $"Error validating password for Usename: {user.UserName}."); return SignInResult.Failed; } })); }
public override Task <SignInResult> PasswordSignInAsync(string userName, string password, bool isPersistent, bool lockoutOnFailure) { return(Task.Run <SignInResult>(async() => { try { if (String.IsNullOrEmpty(userName)) { Logger.LogError("NuApplicationUser is null or UserName is empty."); return SignInResult.Failed; } if (String.IsNullOrEmpty(password)) { Logger.LogError("Password parameter is empty."); return SignInResult.Failed; } var u = ctx.UserAuthentications.SingleOrDefault(f => f.Username == userName); if (u != null) { if (String.IsNullOrEmpty(u.Password)) { Logger.LogError("User password in database is empty."); return SignInResult.Failed; } if (password == DataEncryption.Decrypt(u.Password)) { await this.CreateSignInContextAsync(u.Username, u.UserId.ToString(), isPersistent); Logger.LogInformation($"Password signin successful for Username: {userName}"); return SignInResult.Success; } else { if (lockoutOnFailure) { Logger.LogInformation($"Sign in failed for Username: {userName}. Automatic lockout is enabled."); return await this.LockedOut(new NuApplicationUser(u.Username)); } else { Logger.LogInformation($"Sign in failed for Username: {userName}."); return SignInResult.Failed; } } } else { Logger.LogInformation($"Sign in failed for Username: {userName}. Username not found"); return SignInResult.Failed; } } catch (InvalidOperationException e) { Logger.LogError(e, $"Duplicate username in database: {userName}."); return SignInResult.Failed; } catch (Exception e) { Logger.LogError(e, $"Error validating password for Usename: {userName}."); return SignInResult.Failed; } })); }