// Licensed to the .NET Foundation under one or more agreements. // The .NET Foundation licenses this file to you under the MIT license. #nullable disable using Application.Abstractions.Data; using Domain.Entities.Director; using Infrastructure.Persistence.Identity; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Identity.UI.Services; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc.RazorPages; using Microsoft.Extensions.Logging; using System; using System.Collections.Generic; using System.ComponentModel.DataAnnotations; using System.Linq; using System.Threading.Tasks; namespace Admin.Areas.Identity.Pages.Account { public class LoginModel : PageModel { private readonly SignInManager _signInManager; private readonly ILogger _logger; private readonly IAppDbContext _db; public LoginModel(SignInManager signInManager, ILogger logger, IAppDbContext db) { _signInManager = signInManager; _logger = logger; _db = db; } /// /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used /// directly from your code. This API may change or be removed in future releases. /// [BindProperty] public InputModel Input { get; set; } /// /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used /// directly from your code. This API may change or be removed in future releases. /// public IList ExternalLogins { get; set; } /// /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used /// directly from your code. This API may change or be removed in future releases. /// public string ReturnUrl { get; set; } /// /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used /// directly from your code. This API may change or be removed in future releases. /// [TempData] public string ErrorMessage { get; set; } /// /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used /// directly from your code. This API may change or be removed in future releases. /// public class InputModel { /// /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used /// directly from your code. This API may change or be removed in future releases. /// [Required] [EmailAddress] public string Email { get; set; } /// /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used /// directly from your code. This API may change or be removed in future releases. /// [Required] [DataType(DataType.Password)] public string Password { get; set; } /// /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used /// directly from your code. This API may change or be removed in future releases. /// [Display(Name = "로그인 상태 유지")] public bool RememberMe { get; set; } } public async Task OnGetAsync(string returnUrl = null) { if (!string.IsNullOrEmpty(ErrorMessage)) { ModelState.AddModelError(string.Empty, ErrorMessage); } returnUrl ??= Url.Content("~/"); // Clear the existing external cookie to ensure a clean login process await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme); ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList(); ReturnUrl = returnUrl; } public async Task OnPostAsync(string returnUrl = null) { returnUrl ??= Url.Content("~/"); ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList(); if (ModelState.IsValid) { var ipAddress = HttpContext.Connection.RemoteIpAddress?.ToString(); var userAgent = HttpContext.Request.Headers.UserAgent.ToString(); if (userAgent?.Length > 512) { userAgent = userAgent[..512]; } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false); if (result.Succeeded) { await _db.AdminLoginLog.AddAsync(AdminLoginLog.Create(true, Input.Email, ipAddress: ipAddress, userAgent: userAgent)); await _db.SaveChangesAsync(); _logger.LogInformation("User logged in."); return LocalRedirect(returnUrl); } if (result.RequiresTwoFactor) { await _db.AdminLoginLog.AddAsync(AdminLoginLog.Create(true, Input.Email, reason: "2FA 필요", ipAddress: ipAddress, userAgent: userAgent)); await _db.SaveChangesAsync(); return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe }); } if (result.IsLockedOut) { await _db.AdminLoginLog.AddAsync(AdminLoginLog.Create(false, Input.Email, reason: "계정 잠김", ipAddress: ipAddress, userAgent: userAgent)); await _db.SaveChangesAsync(); _logger.LogWarning("User account locked out."); return RedirectToPage("./Lockout"); } else { await _db.AdminLoginLog.AddAsync(AdminLoginLog.Create(false, Input.Email, reason: "로그인 실패", ipAddress: ipAddress, userAgent: userAgent)); await _db.SaveChangesAsync(); ModelState.AddModelError(string.Empty, "Invalid login attempt."); return Page(); } } // If we got this far, something failed, redisplay form return Page(); } } }