0
我会保持简单。当用户使用双因素身份验证时,我有超时存储我的数据库。如果用户被记住,但日期已超过超时日期,我想验证用户。现在我已经使用发送/验证代码完成了类似的事情,但我想知道是否有方法来验证用户,而无需使用AuthenticationManager跳过任何环节。我如何验证用户?
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This counts login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: false
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: true);
switch (result)
{
case SignInStatus.Success:
return RedirectToAction("SuccessfulSignIn");
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
var user = await UserManager.FindByNameAsync(model.Email);
bool Active = ActiveCheck(user);
bool RememberMeTimeOut = RememberMeTimeOutCheck(user);
if (!Active)
{
string code = await UserManager.GeneratePasswordResetTokenAsync(user.Id);
ViewBag.Expired = "Password Expired";
return RedirectToAction("ResetPassword", "Account", new { userId = user.Id, code = code });
}
else if (Active && !RememberMeTimeOut)
{
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
}
else
{
//Quickly sign the user in
return RedirectToAction("SuccessfulSignIn");
}
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt");
return View(model);
}
}