/// <summary>
/// 注销
/// </summary>
/// <param name="userName">用户名</param>
/// <returns></returns>
public async Task<SignOutStatus> SignOutAsync(string userName, string token)
{
UserAccount user = await GetByUserNameAsync(userName);
if(user != null)
{
user.IsOnline = false;
//1. Set user account offline
MarkAsModified(user);
#region Revoked user account token.
TokenHandler tokenHandler = new TokenHandler(_dbContext);
Token accessToken = await tokenHandler.Entities.SingleOrDefaultAsync(x => x.AccessToken == token && x.UserAccountID == user.ID);
accessToken.IsRevoked = true;
tokenHandler.MarkAsModified(accessToken);
#endregion
return await SaveChangesAsync() > 0 ? SignOutStatus.Succeeded : SignOutStatus.Failure;
}
return SignOutStatus.Failure;
}
/// <summary>
/// 登录
/// </summary>
/// <param name="userName">用户名</param>
/// <param name="hashPassword">密码</param>
/// <returns></returns>
public async Task<Tuple<KoalaBlogIdentityObject, SignInStatus, string>> SignInAsync(string userName, string password, bool isPersistent)
{
KoalaBlogIdentityObject identityObject = new KoalaBlogIdentityObject();
var userAccount = await GetByUserNameAsync(userName);
if (userAccount != null)
{
//1. 设置Common Property。
identityObject.UserID = userAccount.ID;
identityObject.UserName = userAccount.UserName;
identityObject.Email = userAccount.Email;
identityObject.Status = userAccount.Status;
bool isEmailConfirmed = userAccount.EmailConfirmed;
if (!isEmailConfirmed)
{
return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.NotYetEmailConfirmed, string.Empty);
}
else
{
//2. 如果用户已经邮件验证完成则获取Person对象。
UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(_dbContext);
UserAccountXPerson uaxp = await uaxpHandler.LoadByUserAccountIDAsync(userAccount.ID);
if (uaxp != null && uaxp.Person != null)
{
identityObject.PersonID = uaxp.Person.ID;
identityObject.PersonNickName = uaxp.Person.NickName;
identityObject.Introduction = uaxp.Person.Introduction;
}
bool isLockedOut = userAccount.Status == UserAccount.STATUS_SUSPENDED;
if (isLockedOut)
{
return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.LockedOut, string.Empty);
}
string pwd = KoalaBlogSecurityManager.CreatePasswordHash(password, userAccount.PasswordSalt);
bool isValid = pwd == userAccount.Password;
if (isValid)
{
userAccount.LastLogon = DateTime.Now;
userAccount.IsOnline = true;
await ModifyAsync(userAccount);
//3. 如果登录成功则生成一个Bearer Token。
TokenHandler tokenHandler = new TokenHandler(_dbContext);
DateTime? expirationDate = isPersistent ? DateTime.MaxValue : (DateTime?)null;
Token bearerToken = await tokenHandler.GenerateBearerTokenAsync(userAccount.ID, expirationDate);
return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.Succeeded, bearerToken.AccessToken);
}
else
{
return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.WrongPassword, string.Empty);
}
}
}
return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.Failure, string.Empty);
}
/// <summary>
/// 验证Bearer Token
/// </summary>
/// <param name="userAccountId">用户ID</param>
/// <param name="accessToken">令牌</param>
/// <returns></returns>
public async Task<IPrincipal> AuthenticateBearerTokenAsync(string accessToken)
{
using(KoalaBlogDbContext dbContext = new KoalaBlogDbContext())
{
TokenHandler tokenHandler = new TokenHandler(dbContext);
return await tokenHandler.AuthenticateBearerTokenAsync(accessToken);
}
}
