in Source/WebApp-IdentityProvider-MFA/Areas/Identity/Pages/Account/Login.cshtml.cs [77:108]
public async Task<IActionResult> OnPostAsync(string returnUrl = null)
{
ReturnUrl = returnUrl ?? Url.Content("~/Identity/Account/Manage");
if (ModelState.IsValid)
{
// TODO :This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
return LocalRedirect(ReturnUrl);
}
if (result.RequiresTwoFactor)
{
return RedirectToPage("./Login2FaChoice", new { ReturnUrl, Input.RememberMe });
}
if (result.IsLockedOut)
{
_logger.LogWarning("User account locked out.");
return RedirectToPage("./Lockout");
}
else
{
ModelState.AddModelError(string.Empty, "Identifiants invalides.");
return Page();
}
}
// If we got this far, something failed, redisplay form
return Page();
}