private SignInResult SignIn(string uid, string password)
{
using (Ldap ldap = new Ldap(settings.Options.LdapHost, settings.Options.LdapPort))
{
ldap.Bind(settings.Options.LdapManagerDN, settings.Options.LdapManagerPwd);
var entry = ldap.SearchOne(settings.Options.LdapPeopleOU, LdapScope.ONE, string.Format("uid={0}", uid));
if (entry == null)
{
ModelState.AddModelError(string.Empty, "工号不存在");
return SignInResult.Failed;
}
try
{
ldap.Bind(entry.DN, password);
}
catch
{
ModelState.AddModelError(string.Empty, "密码不正确");
return SignInResult.Failed;
}
var name = entry.getAttribute("cn") == null ? string.Empty : entry.getAttribute("cn").StringValue;
var mail = entry.getAttribute("mail") == null ? string.Empty : entry.getAttribute("cn").StringValue;
var identity = new ClaimsIdentity(IdentityOptions.ApplicationCookieAuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, name));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, uid));
identity.AddClaim(new Claim(ClaimTypes.Email, mail));
Context.Authentication.SignIn(string.Empty, new ClaimsPrincipal(identity));
return SignInResult.Success;
}
}
private Ldap CreateLdap()
{
Ldap ldap = new Ldap(settings.Options.LdapHost, settings.Options.LdapPort);
ldap.Bind(settings.Options.LdapManagerDN, settings.Options.LdapManagerPwd);
return ldap;
}