我最近开始使用ASP .NET MVC框架。我使用ASP .NET Web Application
"模板"创建了MVC
。它为我自动生成了一些代码。现在,我一直在寻找,我无法找到Login | Authentication
逻辑的实现。这是我在AccountsController
//
// POST: /Account/Login
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
显然,这是自动生成的代码,我猜测SignInManager.PasswordSignInAsync
方法是实现逻辑的方法,但我无法找到该方法的实现。我检查看定义,它带我到方法的声明,看起来像这样
//
// Summary:
// Sign in the user in using the user name and password
//
// Parameters:
// userName:
//
// password:
//
// isPersistent:
//
// shouldLockout:
[AsyncStateMachine(typeof(SignInManager<,>.<PasswordSignInAsync>d__29))]
[DebuggerStepThrough]
public virtual Task<SignInStatus> PasswordSignInAsync(string userName, string password, bool isPersistent, bool shouldLockout);
我尝试检查Call Hierarchy
窗口但它没有显示该方法的Implementation
文件夹。
我只是想保留框架带来的所有安全功能和内容,因为我不需要改变它。我只是希望能够实现我想要的Authentication
逻辑。是否可以在保留模板的内置安全功能的同时完成,而不必自己实现Lock access on too many tries
之类的内容?