public string GetLoginToken(GetLoginToken loginToken)
{
if (loginToken == null)
{
throw new ValidException("对象不能为空");
}
if (loginToken.SiteId == null)
{
throw new ValidException("SiteId不能为空");
}
if (loginToken.AdminUrl == null)
{
throw new ValidException("AdminUrl不能为空");
}
if (loginToken.UserId <= 0)
{
throw new ValidException("userId不正确");
}
var key = loginToken.UserId + 500;
var key2 = loginToken.Timestamp + 9912;
var key3 = loginToken.AdminUrl.Trim().ToLower() + "admin";
var token = key.ToString().ToMd5HashString() + key3.ToMd5HashString().Substring(5, 15) +
key2.ToStr().ToMd5HashString().Substring(2, 18) + key3.ToMd5HashString();
return(token.ToLower().Trim());
}
private async Task GenerateToken(HttpContext context)
{
try
{
var username = context.Request.Form["username"].ToString();
var password = context.Request.Form["password"];
var CheckCredential = "DATABASE"; // DATABASE or STATIC
if (CheckCredential == "DATABASE")
{
var result = await _signInManager.PasswordSignInAsync(username, password, false, lockoutOnFailure : false);
if (!result.Succeeded)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Invalid username or password.");
return;
}
var user = await _userManager.Users
.SingleAsync(i => i.UserName == username);
if (user == null)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Invalid username or password.");
return;
}
var response = GetLoginToken.Execute(_configuration, user, _userDb);
// Serialize and return the response
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(response, _serializerSettings));
}
else
{
if (!(username == "apiadmin" && password == "@dminap!"))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Invalid username or password.");
return;
}
var response = GetLoginToken.ExecuteStaticUser("apiadmin", "@dminap!", _userDb);
// Serialize and return the response
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(response, _serializerSettings));
}
}
catch (Exception ex)
{
//TODO log error
//Logging.GetLogger("Login").Error("Erorr logging in", ex);
}
}
private async Task GenerateToken(HttpContext context)
{
var refreshToken = context.Request.Form["refreshToken"].ToString();
if (string.IsNullOrWhiteSpace(refreshToken))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User must relogin.");
return;
}
var db = context.RequestServices.GetService <ApiDbContext>();
var signInManager = context.RequestServices.GetService <SignInManager <ApplicationUser> >();
var userManager = context.RequestServices.GetService <UserManager <ApplicationUser> >();
var refreshTokenModel = db.RefreshTokens
.Include(x => x.User)
.Include(x => x.User.Claims)
.SingleOrDefault(i => i.Token == refreshToken);
if (refreshTokenModel == null)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User must relogin.");
return;
}
if (!await signInManager.CanSignInAsync(refreshTokenModel.User))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User is unable to login.");
return;
}
if (userManager.SupportsUserLockout && await userManager.IsLockedOutAsync(refreshTokenModel.User))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User is locked out.");
return;
}
var user = refreshTokenModel.User;
var token = GetLoginToken.Execute(user, db, refreshTokenModel);
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(token, _serializerSettings));
}
public async Task <IActionResult> Authenticate(string username, string password, string client_id)
{
string clientId = string.Empty;
Client client = null;
clientId = client_id;
if (clientId == null || clientId == "")
{
// context.Response.StatusCode = 400;
// await context.Response.WriteAsync("invalid_clientId, ClientId should be sent.");
// return;
}
//Find Client
client = _db.Clients.Find(clientId);
if (client == null)
{
return(BadRequest("invalid_clientId, Client is not registered in the system"));
}
if (!client.Active)
{
return(BadRequest("invalid_clientId, Client is inactive."));
}
if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password))
{
return(BadRequest("username and password may not be empty"));
}
var result = await _signInManager.PasswordSignInAsync(username, password, false, lockoutOnFailure : false);
if (!result.Succeeded)
{
return(BadRequest("Invalid username or password."));
}
var user = await _userManager.Users
.SingleAsync(i => i.UserName == username);
if (!user.IsEnabled)
{
return(BadRequest("Invalid username or password."));
}
var response = GetLoginToken.Execute(user, client, _db);
return(Ok(response));
}
public void TokenCreated()
{
ResponseDTO <LoginDTO> responseDTO = new ResponseDTO <LoginDTO>();
responseDTO.Data = new LoginDTO()
{
UserName = "******",
Type = "Enable"
};
GetLoginToken disabledUser = new GetLoginToken()
{
responseDTO = responseDTO
};
var response = (LoginResponseDTO)disabledUser.Execute().Result;
Assert.True(response.isSuccessful);
}
public void UserNotEnable()
{
ResponseDTO <LoginDTO> responseDTO = new ResponseDTO <LoginDTO>();
responseDTO.Data = new LoginDTO()
{
UserName = "******",
Type = "Disable"
};
GetLoginToken disabledUser = new GetLoginToken()
{
responseDTO = responseDTO
};
var response = (LoginResponseDTO)disabledUser.Execute().Result;
Assert.False(response.isSuccessful);
}
private async Task GenerateToken(HttpContext context)
{
try
{
var username = context.Request.Form["username"].ToString();
var password = context.Request.Form["password"];
var signInManager = context.RequestServices.GetService <SignInManager <User> >();
var userManager = context.RequestServices.GetService <UserManager <User> >();
var result = await signInManager.PasswordSignInAsync(username, password, false, lockoutOnFailure : false);
if (!result.Succeeded)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Invalid username or password.");
return;
}
var user = await userManager.Users
.SingleAsync(i => i.UserName == username);
if (!user.IsEnabled)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Invalid username or password.");
return;
}
var db = context.RequestServices.GetService <AdoptMeDataContext>();
var response = GetLoginToken.Execute(user, db);
// Serialize and return the response
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(response, _serializerSettings));
}
catch (Exception /*ex*/)
{
//TODO log error
//Logging.GetLogger("Login").Error("Erorr logging in", ex);
}
}
public async Task <IActionResult> Authenticate(string username, string password)
{
if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password))
{
return(BadRequest("username and password may not be empty"));
}
var result = await _signInManager.PasswordSignInAsync(username, password, false, lockoutOnFailure : false);
if (!result.Succeeded)
{
return(BadRequest("Invalid username or password."));
}
var user = await _userManager.Users
.SingleAsync(i => i.UserName == username);
if (!user.IsEnabled)
{
return(BadRequest("Invalid username or password."));
}
var response = GetLoginToken.Execute(user, _db);
return(Ok(response));
}
private async Task GenerateToken(HttpContext context)
{
try
{
var db = context.RequestServices.GetService <ApplicationDbContext>();
string clientId = string.Empty;
//Client client = null;
var username = context.Request.Form["username"].ToString();
var password = context.Request.Form["password"];
//clientId = context.Request.Form["client_Id"].ToString();
// if (clientId == null || clientId == "")
// {
// context.Response.StatusCode = 400;
// await context.Response.WriteAsync("invalid_clientId, ClientId should be sent.");
// return;
// }
// //Find Client
// client = db.Clients.Find(clientId);
// if (client == null)
// {
// context.Response.StatusCode = 400;
// await context.Response.WriteAsync("invalid_clientId, Client is not registered in the system.");
// return;
// }
// if (!client.Active)
// {
// context.Response.StatusCode = 400;
// await context.Response.WriteAsync("invalid_clientId, Client is inactive.");
// return;
// }
var signInManager = context.RequestServices.GetService <SignInManager <ApplicationUser> >();
var userManager = context.RequestServices.GetService <UserManager <ApplicationUser> >();
var result = await signInManager.PasswordSignInAsync(username, password, false, lockoutOnFailure : false);
if (!result.Succeeded)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Invalid username or password.");
return;
}
var user = await userManager.Users.SingleAsync(i => i.UserName == username);
if (!user.IsEnabled)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Invalid username or password.");
return;
}
//user, client, db
var response = GetLoginToken.Execute(user, db);
// Serialize and return the response
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(response, _serializerSettings));
}
catch (Exception ex)
{
//TODO log error
//Logging.GetLogger("Login").Error("Erorr logging in", ex);
}
}
/// <summary>
/// 根据Token自动登录
/// </summary>
/// <param name="loginByToken"></param>
/// <returns></returns>
public LoginInput LoginByToken(GetLoginToken loginByToken)
{
var maxTimestamp = DateTime.Now.AddMinutes(5).ConvertDateTimeInt();
var minTimestamp = DateTime.Now.AddMinutes(-5).ConvertDateTimeInt();
if (loginByToken.Timestamp.ConvertToLong() < minTimestamp ||
loginByToken.Timestamp.ConvertToLong() > maxTimestamp)
{
throw new ValidException($"时间错计算错误,服务器当前时间{DateTime.Now}");
}
if (HttpWeb.Ip != loginByToken.Ip)
{
throw new ValidException("IP不正确");
}
if (loginByToken.UserId <= 0)
{
throw new ValidException("用户Id不正确");
}
if (loginByToken.Token.IsNullOrEmpty() || loginByToken.Token.Length < 30)
{
throw new ValidException("token不正确");
}
if (loginByToken.SiteId.IsNullOrEmpty() || loginByToken.SiteId.Length < 20)
{
throw new ValidException("token不正确");
}
var token = GetLoginToken(loginByToken);
if (token != loginByToken.Token)
{
throw new ValidException("Token验证失败");
}
//var theme = Resolve<IThemeService>().FirstOrDefault();
//if (theme != null) {
// if (theme.SiteId.ToString() != loginByToken.SiteId) {
// throw new ValidException($"站点验证失败");
// }
//}
var user = Resolve <IUserService>().GetSingle("admin");
if (user == null)
{
Resolve <IAdminService>().DefaultInit();
}
if (user != null)
{
var userDetail = Resolve <IUserDetailService>().GetByIdNoTracking(r => r.UserId == user.Id);
var loginInput = new LoginInput {
UserName = user.UserName,
Password = userDetail.Password
};
return(loginInput);
}
throw new ValidException("超级管理员不存在");
}
/// <summary>
/// Executes login commands
/// </summary>
/// <returns>return username, token, view claims when pass, else fail messages</returns>
public LoginResponseDTO loginService()
{
response = new LoginResponseDTO();
response.Messages = new List <string>();
var userCredential = new UserCredentialTransformer()
{
userCredential = this.userCredential
};
var incommingloginDTO = (ResponseDTO <LoginDTO>)userCredential.Execute().Result;
if (incommingloginDTO.IsSuccessful == false)
{
response.isSuccessful = false;
response.Messages.Add("Incorrect Credentials");
return(response);
}
var getUserCredentials = new GetUsersCredentials()
{
loginDTO = incommingloginDTO.Data
};
var credentials = (ResponseDTO <LoginDTO>)getUserCredentials.Execute().Result;
if (credentials.IsSuccessful == false)
{
response.isSuccessful = false;
response.Messages.Add("User does not exist");
return(response);
}
var validated = new ValidateCredentials()
{
loginDTO = incommingloginDTO.Data,
responseDTO = credentials
};
var isValidated = (bool)validated.Execute().Result;
if (isValidated == false)
{
response.isSuccessful = false;
response.Messages.Add("Incorrect Credentials");
return(response);
}
var getToken = new GetLoginToken()
{
responseDTO = credentials
};
response = (LoginResponseDTO)getToken.Execute().Result;
if (response.isSuccessful == false)
{
response.isSuccessful = false;
response.Messages.Add("Could not Create Token");
return(response);
}
response.Messages.Add("Success");
return(response);
}
private async Task GenerateToken(HttpContext context)
{
var db = context.RequestServices.GetService <ApplicationDbContext>();
var refreshToken = context.Request.Form["refreshToken"].ToString();
var clientId = context.Request.Form["client_id"].ToString();
Client client = null;
if (clientId == null || clientId == "")
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("invalid_clientId, ClientId should be sent.");
return;
}
//Find Client
client = db.Clients.Find(clientId);
if (client == null)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("invalid_clientId, Client '{0}' is not registered in the system.");
return;
}
if (string.IsNullOrWhiteSpace(refreshToken))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User must relogin.");
return;
}
//var db = context.RequestServices.GetService<SecureIdContext>();
var signInManager = context.RequestServices.GetService <SignInManager <ApplicationUser> >();
var userManager = context.RequestServices.GetService <UserManager <ApplicationUser> >();
var refreshTokenModel = db.RefreshTokens
.Include(x => x.User)
.SingleOrDefault(i => i.Token == refreshToken);
if (refreshTokenModel == null)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User must relogin.");
return;
}
if (!await signInManager.CanSignInAsync(refreshTokenModel.User))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User is unable to login.");
return;
}
if (userManager.SupportsUserLockout && await userManager.IsLockedOutAsync(refreshTokenModel.User))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User is locked out.");
return;
}
var user = refreshTokenModel.User;
var token = GetLoginToken.Execute(user, client, db, refreshTokenModel);
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(token, _serializerSettings));
}
public async Task <IActionResult> LogIn([FromBody] LogInModel model)
{
//if (ModelState.IsValid)
//{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await userManager.Users.SingleAsync(i => i.UserName == model.Username);
var response = GetLoginToken.Execute(user, context);
return(Ok(response));
//COMENTADO 2
//var identity = await GetClaimsIdentity(model.Username, model.Password);
//if (identity == null)
//{
// return BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState));
//}
//var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, model.Username, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented });
//return new OkObjectResult(jwt);
///comentado 1
// var user = await userManager.FindByNameAsync(model.Username);
// if(user != null)
// {
// if(!await signInManager.CanSignInAsync(user) && (userManager.SupportsUserLockout && await userManager.IsLockedOutAsync(user))){
// return BadRequest();
// }
// if (!await userManager.CheckPasswordAsync(user, model.Password))
// {
// // Return bad request if the password is invalid
// return BadRequest();
// }
// if (userManager.SupportsUserLockout)
// {
// await userManager.ResetAccessFailedCountAsync(user);
// }
// //var principal = await signInManager.CreateUserPrincipalAsync(user);
// List<Claim> claims = new List<Claim>()
// {
// new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
// new Claim(JwtRegisteredClaimNames.Email, user.Email),
// new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
// };
// var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["Jwt:Key"]));
// var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
// DateTime expiresOn = DateTime.Now.AddDays(1);
// var token = new JwtSecurityToken(configuration["Jwt:Issuer"],
// configuration["Jwt:Issuer"],
// claims,
// expires: expiresOn,
// signingCredentials: creds);
// return new ObjectResult(new { Token= new JwtSecurityTokenHandler().WriteToken(token), Expires = expiresOn });
// }
// else
// {
// return BadRequest();
// }
//}
//else
//{
// return BadRequest();
//}
}
