Asp.NET MVC 5通過電子郵件和密碼驗證用戶

Question

我使用了一個帶有Bootstrap 3主題的Asp.NET MVC 5項目，我們購買了Bootstrap 3主題，並且在其登錄方法中他們只是根據他的用戶電子郵件，密碼未經驗證。以下登錄方法：

[HttpPost] 
    [AllowAnonymous] 
    [ValidateAntiForgeryToken] 
    public async Task<ActionResult> Login(AccountLoginModel viewModel) 
    { 
     // Ensure we have a valid viewModel to work with 
     if (!ModelState.IsValid) 
      return View(viewModel); 

     // Verify if a user exists with the provided identity information 
     var user = await _manager.FindByEmailAsync(viewModel.Email); 
     var hashPass = new PasswordHasher().HashPassword(viewModel.Password); // this is a line I added which gerenates a different hash everytime 
     // If a user was found 
     if (user != null) 
     { 
      // Then create an identity for it and sign it in 
      await SignInAsync(user, viewModel.RememberMe); 

      // If the user came from a specific page, redirect back to it 
      return RedirectToLocal(viewModel.ReturnUrl); 
     } 

     // No existing user was found that matched the given criteria 
     ModelState.AddModelError("", "Invalid username or password."); 

     // If we got this far, something failed, redisplay form 
     return View(viewModel); 
    } 

行我試圖插入密碼驗證是if (user != null)。我嘗試使用_manager.Find(email,password)但它不起作用。

如何使用電子郵件登錄用戶並驗證密碼？

Answer 1

這是因爲您在嘗試查找用戶之前先散列密碼。

做

var user = _manager.Find(viewModel.Email, viewModel.Password); 
// If a user was found 
if (user != null) 
{ 
    //...other code removed for brevity. 

這是標準的方式來做到這一點。

Answer 2

-------試試這個代碼------

var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false); 
     switch (result) 
     { 
     case SignInStatus.Success: 
      return View("SuccessView");    
     case SignInStatus.Failure: 
      return View("LoginView"); 
     }