public async Task <ResultMessage> LoginOn([FromBody] User u)
        {
            var message = "";

            try
            {
                Ensure.NotNull(u, "登陆用户信息");
                Ensure.NotNullOrEmpty(u.Account, "用户账号");
                Ensure.NotNullOrEmpty(u.SecureCode, "密码");
                var user = await _queryService.FindUserAsync(new { Account = u.Account });

                if (user != null)
                {
                    if (user.SecureCode == SecurityCodeUtil.Md5(u.SecureCode))
                    {
                        var claims = new List <Claim>();
                        claims.Add(new Claim(ClaimTypes.Name, user.UserName));
                        claims.Add(new Claim(ClaimTypes.PrimarySid, user.Id));
                        if (user.UserType == EnumUserType.Admin)
                        {
                            claims.Add(new Claim(ClaimTypes.Role, UserType.Admin));
                        }
                        claims.Add(new Claim(ClaimTypes.Role, UserType.User));
                        var identity = new ClaimsIdentity(claims, "claimsLogin");

                        ClaimsPrincipal principal = new ClaimsPrincipal(identity);

                        await HttpContext.Authentication.SignInAsync("UserToken", principal,
                                                                     new AuthenticationProperties
                        {
                            ExpiresUtc   = DateTime.UtcNow.AddMinutes(30),
                            IsPersistent = false,
                            //AllowRefresh = false
                        });

                        return(new ResultMessage
                        {
                            Success = true,
                            Status = EnumStatus.Success,
                            Data = user,
                        });
                    }
                }
            }
            catch (Exception exception)
            {
                message = exception.Message;
            }
            return(new ResultMessage
            {
                Success = false,
                Status = EnumStatus.Failure,
                Message = string.IsNullOrEmpty(message) ? "登陆失败,请确认账号或密码是否正确。" : message
            });
        }