using Microsoft.eShopWeb.ViewModels; using Microsoft.AspNetCore.Mvc; using System.Threading.Tasks; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Identity; using Microsoft.Extensions.Options; using Infrastructure.Identity; namespace Microsoft.eShopWeb.Controllers { [Route("[controller]/[action]")] public class AccountController : Controller { private readonly UserManager _userManager; private readonly SignInManager _signInManager; private readonly string _externalCookieScheme; public AccountController( UserManager userManager, SignInManager signInManager, IOptions identityCookieOptions ) { _userManager = userManager; _signInManager = signInManager; _externalCookieScheme = identityCookieOptions.Value.ExternalCookieAuthenticationScheme; } // GET: /Account/SignIn [HttpGet] [AllowAnonymous] public async Task SignIn(string returnUrl = null) { await HttpContext.Authentication.SignOutAsync(_externalCookieScheme); ViewData["ReturnUrl"] = returnUrl; return View(); } // POST: /Account/SignIn [HttpPost] [AllowAnonymous] [ValidateAntiForgeryToken] public async Task SignIn(LoginViewModel model, string returnUrl = null) { if (!ModelState.IsValid) { return View(model); } ViewData["ReturnUrl"] = returnUrl; var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false); if (result.Succeeded) { return RedirectToLocal(returnUrl); } ModelState.AddModelError(string.Empty, "Invalid login attempt."); return View(model); } [HttpPost] [ValidateAntiForgeryToken] public async Task SignOut() { HttpContext.Session.Clear(); await _signInManager.SignOutAsync(); return RedirectToAction(nameof(CatalogController.Index), "Catalog"); } private IActionResult RedirectToLocal(string returnUrl) { if (Url.IsLocalUrl(returnUrl)) { return Redirect(returnUrl); } else { return RedirectToAction(nameof(CatalogController.Index), "Catalog"); } } } }