public async Task <IActionResult> Login([FromBody] LoginInputModel model) { if (ModelState.IsValid) { // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var result = await signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberLogin, lockoutOnFailure : true); if (result.Succeeded) { logger.LogInformation(1, "User logged in."); // because we are logging in through an api, we need to generate and send back a new XsrfToken return(Ok(new LoginResponseModel())); } else { logger.LogWarning(2, "User login failed."); var response = new LoginResponseModel { IsLockedOut = result.IsLockedOut, IsNotAllowed = result.IsNotAllowed, RequiresTwoFactor = result.RequiresTwoFactor, Result = ApiResult.AsError("Login Failed") }; return(BadRequest(response)); } } else { return(BadRequest(ApiModel.AsError("model validation failed (TODO add the errors)"))); } }
public async Task <IActionResult> Login([FromBody] LoginInputModel model) { // Hack to work around rc1 bug await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme); if (ModelState.IsValid) { var result = await this.signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberLogin, lockoutOnFailure : true); if (result.Succeeded) { this.logger.LogInformation(1, "User logged in."); return(Ok(new LoginResponseModel { Result = ApiResult.AsSuccess() })); } else { this.logger.LogWarning(2, "User login failed."); var response = new LoginResponseModel { IsLockedOut = result.IsLockedOut, IsNotAllowed = result.IsNotAllowed, RequiresTwoFactor = result.RequiresTwoFactor, Result = ApiResult.AsError("Login Failed") }; return(BadRequest(response)); } } else { return(BadRequest(ApiModel.AsError("model validation failed (TODO add the errors)"))); } }