public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
{
try
{
var user = await _userManager.FindByNameAsync(context.UserName);
//判断用户是否存在
if (user != null)
{
var result = await _signInManager.PasswordSignInAsync(context.UserName, context.Password, false, lockoutOnFailure : false);
//判断验证是否成功
if (result.Succeeded)
{
bool islocked = await _userManager.GetLockoutEnabledAsync(user);
//验证用户是否锁定
if (islocked)
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "用户已锁定,请联系管理员解锁");
return;
}
else
{
//重新计算失败次数
await _userManager.ResetAccessFailedCountAsync(user);
//认证成功,返回token
context.Result = new GrantValidationResult(user.Id.ToString(), user.UserName, IdentityConfig.GetUserClaim(user));
}
}
else
{
//记录失败次数
await _userManager.AccessFailedAsync(user);
int accessFailedCount = await _userManager.GetAccessFailedCountAsync(user);
//输入5次错误密码锁定账户
if (accessFailedCount == 5)
{
await _userManager.AccessFailedAsync(user);
await _userManager.SetLockoutEnabledAsync(user, true);
}
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "用户密码错误");
return;
}
}
else
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "此用户名不存在");
return;
}
}
catch (Exception)
{
//验证失败
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "invalid custom credential");
throw;
}
}
public async Task ValidateAsync(ExtensionGrantValidationContext context)
{
var phone = context.Request.Raw.Get("phone"); //手机号
var code = context.Request.Raw.Get("code"); //验证码
var smsCode = await RedisHelper.GetAsync(phone); //获取手机的短信验证码
if (string.IsNullOrEmpty(smsCode))
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "验证码过期或者未发送验证码");
return;
}
//判断验证码与传过来的验证码是否争取
if (smsCode != code)
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "验证码错误");
return;
}
//判断此手机号是否存在
var user = await _userManager.Users.Where(c => c.PhoneNumber == phone).FirstOrDefaultAsync();
if (user != null)
{
context.Result = new GrantValidationResult(user.Id.ToString(), GrantType, IdentityConfig.GetUserClaim(user));
await RedisHelper.DelAsync(phone);//登录成功删除验证码
}
//不存在则创建用户,并返回token
else
{
var newUser = new ApplicationUser
{
UserName = phone,
PhoneNumber = phone,
};
var result = await _userManager.CreateAsync(newUser, phone);
if (result.Succeeded)
{
context.Result = new GrantValidationResult(user.Id.ToString(), GrantType, IdentityConfig.GetUserClaim(newUser));
await RedisHelper.DelAsync(phone);//登录成功删除验证码
}
else
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "创建默认用户失败");
}
}
}