Login without Identity provider

Relatude ships with a custom Identity provider, but you are free to handle logins manually if you want.

Relatude user login

Users in Relatude is represented by instances of the SystemUser class, or any class that derives from it. Users have a username and password, and to login a user, the username and password must be validated to check that they match.

To handle a lot of the the heavy lifting for you, including 2FA, you can use the TryLoginSession method on the Engine object.

If the login is successful, you sign in the user using the .Net method HttpContext.SignInAsync. The SignInAsync method has a ClaimsPrinciple parameter. 

public class AccountController : Controller {
        WAFControllerContext _ctx;
        public AccountController(WAFNativeContext ctx) {
            _ctx = ctx;
        }
        public async Task<IActionResult> Login(LoginModel? login) {
            if (login == null || login.UserName == null) return View();
            var clientAddress = HttpContext.Connection.RemoteIpAddress?.ToString();

            if (_ctx.Engine.TryLogInSession(_ctx.Session, login.UserName, login.Password, clientAddress, 
                null, null, out var failureReson, out var meta, out var code, out var deviceKey)) {

                var claims = new List<Claim>();
                claims.Add(new Claim(ClaimTypes.Name, _ctx.Session.UserName));
                var identity = new ClaimsIdentity(claims, _ctx.Config.AuthenticationSchemaName);
                var claimsPrinciple = new ClaimsPrincipal(identity);
                await HttpContext.SignInAsync(_ctx.Config.AuthenticationSchemaName, claimsPrinciple);

            }

            return View(null, failureReson.ToString());
        }
    }