Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [HttpPost]
- [ValidateAntiForgeryToken]
- public async Task<IActionResult> Login(LoginViewModel loginViewModel)
- {
- if (!ModelState.IsValid)
- return View(loginViewModel);
- var user = await _userManager.FindByNameAsync(loginViewModel.UserName);
- if (user == null)
- {
- ModelState.AddModelError(string.Empty, "The username does not exist.");
- return View(loginViewModel);
- }
- var role = await _userManager.IsInRoleAsync(user, Roles.Admin);
- if (!role)
- {
- ModelState.AddModelError(string.Empty, "You have no permission.");
- return View(loginViewModel);
- }
- var result = await _signInManager.PasswordSignInAsync(loginViewModel.UserName,
- loginViewModel.Password, true , lockoutOnFailure: false);
- if (result.Succeeded)
- {
- var claims = new[] {
- new Claim(ClaimTypes.Role, Roles.Admin)
- };
- var principal = new ClaimsPrincipal(
- new ClaimsIdentity(claims, CookieAuthenticationOptionsConstants.AuthenticationScheme));
- await HttpContext.Authentication.SignInAsync(CookieAuthenticationOptionsConstants.AuthenticationScheme,
- principal,
- new AuthenticationProperties { IsPersistent = true });
- return Redirect(loginViewModel.RedirectUrl);
- }
- if (result.IsLockedOut)
- {
- return this.RedirectToHome();
- }
- else
- {
- ModelState.AddModelError(string.Empty, "The username/password couple is invalid.");
- return View(loginViewModel);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement