I'll keep it simple. I have a timeout which I store my database when a user uses two factor authentication. If a user is remembered, but the date has surpassed the timeout date, I would like to authenticate the user. Now I've done similar things before with send/verify code but I would like to know if there is a way to authenticate a user without having to jump through any hoops using the AuthenticationManager.
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This counts login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: false
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: true);
switch (result)
{
case SignInStatus.Success:
return RedirectToAction("SuccessfulSignIn");
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
var user = await UserManager.FindByNameAsync(model.Email);
bool Active = ActiveCheck(user);
bool RememberMeTimeOut = RememberMeTimeOutCheck(user);
if (!Active)
{
string code = await UserManager.GeneratePasswordResetTokenAsync(user.Id);
ViewBag.Expired = "Password Expired";
return RedirectToAction("ResetPassword", "Account", new { userId = user.Id, code = code });
}
else if (Active && !RememberMeTimeOut)
{
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
}
else
{
//Quickly sign the user in
return RedirectToAction("SuccessfulSignIn");
}
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt");
return View(model);
}
}
If someone else is looking at this I've come to the conclusion that you cannot simply 'skip' the sign in process. To get around this I have created a code(Two factor authentication), not sent it to the user. Then verified the code. This seems to be the quickest(and in my opinion, dirty) ways of authenticating a user.
public async Task<ActionResult> TwoFSignIn(string Email) {
var user = await UserManager.FindByNameAsync(Email);
string code = await UserManager.GenerateTwoFactorTokenAsync(user.Id, "Email Code");
await SignInManager.TwoFactorSignInAsync("Email Code", code, isPersistent: false, rememberBrowser: false);
return RedirectToAction("SuccessfulSignIn");
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.