Beispiel #1
0
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            // get ther current lifetimescope from the requqest
            var autofacLifetimeScope = OwinContextExtensions.GetAutofacLifetimeScope(context.OwinContext);
            var userManager          = autofacLifetimeScope.Resolve <ClientPortalUserManager>();
            ClientPortalUser user    = await userManager.FindByNameAsync(context.UserName);

            if (user == null)
            {
                context.SetError("invalid_grant", "The user name or password is incorrect.");
                return;
            }

            if (await userManager.IsLockedOutAsync(user.Id) || user.IsApproved == false)
            {
                context.SetError("invalid_grant", "The user is locked out.");
                return;
            }

            if (!await userManager.CheckPasswordAsync(user, context.Password))
            {
                await userManager.AccessFailedAsync(user.Id);

                if (await userManager.IsLockedOutAsync(user.Id))
                {
                    context.SetError("invalid_grant", "The user is locked out.");
                    return;
                }
                context.SetError("invalid_grant", "The user name or password is incorrect.");
                return;
            }

            await userManager.ResetAccessFailedCountAsync(user.Id);

            ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, OAuthDefaults.AuthenticationType);

            ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager, CookieAuthenticationDefaults.AuthenticationType);

            AuthenticationProperties properties = CreateProperties(user.UserName);
            AuthenticationTicket     ticket     = new AuthenticationTicket(oAuthIdentity, properties);

            context.Validated(ticket);
        }