Beispiel #1
0
        public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            if(ModelState.IsValid)
            {
                Tuple<KoalaBlogIdentityObject, SignInStatus, string> result = await Services.SecurityClient.SignInAsync(model.UserName, model.Password, model.RememberMe);

                var identityObj = result.Item1;
                var signInStatus = result.Item2;
                var accessToken = result.Item3;

                switch (signInStatus)
                {
                    case SignInStatus.Succeeded:
                        KoalaBlogSecurityManager.SetAuthCookie(accessToken);
                        KoalaBlogIdentity identity = new KoalaBlogIdentity(identityObj);
                        KoalaBlogPrincipal principal = new KoalaBlogPrincipal(identity);
                        System.Threading.Thread.CurrentPrincipal = principal;
                        return RedirectToLocal(returnUrl);

                    case SignInStatus.NotYetEmailConfirmed:
                        ConfirmEmailViewModel cevModel = new ConfirmEmailViewModel() { UserID = identityObj.UserID, Email = identityObj.Email, IsEmailConfirmed = false };
                        return View("ConfirmEmail", cevModel);

                    case SignInStatus.LockedOut:
                        return View("LockedOut");

                    case SignInStatus.Failure:
                        AddErrors("账号密码错误");
                        break;
                }
            }
            return View(model);
        }
        public void OnAuthentication(AuthenticationContext filterContext)
        {
            if(filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }

            //1. If there are define allow Anonymous attribute, do nothing.
            if (IsDefinedAllowAnonymous(filterContext))
            {
                return;
            }

            //2. If there are no credentials, set the error result.
            if(string.IsNullOrEmpty(KoalaBlogSecurityManager.GetAuthCookie()))
            {
                filterContext.Result = new AuthenticationFailureResult();
            }
            else
            {
                //3. Check the credentials.
                KoalaBlogIdentityObject identityObj = ClientContext.Clients.CreateSecurityClient().GetIdentityObj();

                //4. If the credentials are bad, set the error result.
                if(identityObj == null)
                {
                    filterContext.Result = new AuthenticationFailureResult();
                }
                else
                {
                    KoalaBlogIdentity identity = new KoalaBlogIdentity(identityObj);
                    KoalaBlogPrincipal principal = new KoalaBlogPrincipal(identity);
                    filterContext.Principal = principal;
                }
            }
        }
Beispiel #3
0
        /// <summary>
        /// 验证Bearer Token
        /// </summary>
        /// <param name="userAccountId">用户ID</param>
        /// <param name="accessToken">令牌</param>
        /// <returns></returns>
        public async Task<IPrincipal> AuthenticateBearerTokenAsync(string accessToken)
        {
            //1. 根据条件获取Token对象。
            Token bearerToken = await Fetch(x => x.AccessToken == accessToken && !x.IsRevoked && x.ExpirationDate > DateTime.Now).SingleOrDefaultAsync();

            if(bearerToken != null)
            {
                //2. 如果Token对象不为空,则为Token验证成功,建立Principal。
                KoalaBlogIdentityObject identityObj = new KoalaBlogIdentityObject();

                UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(_dbContext);

                //3. 获取UserAccountXPerson对象。
                UserAccountXPerson uaxp = await uaxpHandler.LoadByUserAccountIDIncludeUserAccountAndPersonAsync(bearerToken.UserAccountID);

                if(uaxp != null)
                {
                    if (uaxp.UserAccount != null)
                    {
                        identityObj.UserID = uaxp.UserAccount.ID;
                        identityObj.UserName = uaxp.UserAccount.UserName;
                        identityObj.Email = uaxp.UserAccount.Email;
                        identityObj.Status = uaxp.UserAccount.Status;
                    }
                    if (uaxp.Person != null)
                    {
                        identityObj.PersonID = uaxp.Person.ID;
                        identityObj.PersonNickName = uaxp.Person.NickName;
                        identityObj.Introduction = uaxp.Person.Introduction;
                    }
                }
                else
                {
                    UserAccountHandler uaHandler = new UserAccountHandler(_dbContext);

                    //4. 如果UserAccountXPerson对象为空,意味着可能是用户注册还没完成,则根据用户名获取UserAccount对象,赋值IdentityObject通用Property。
                    UserAccount userAccount = await uaHandler.GetByIdAsync(bearerToken.UserAccountID);

                    if (userAccount != null)
                    {
                        identityObj.UserID = userAccount.ID;
                        identityObj.UserName = userAccount.UserName;
                        identityObj.Email = userAccount.Email;
                        identityObj.Status = userAccount.Status;
                    }
                }

                KoalaBlogIdentity identity = new KoalaBlogIdentity(identityObj);
                KoalaBlogPrincipal principal = new KoalaBlogPrincipal(identity);

                return principal;
            }

            return null;
        }