/// <summary> /// 构造下Idr4登陆界面显示视图模型 /// </summary> /// <param name="ReturnUrl"></param> /// <returns></returns> private async Task <Idr4LoginViewModel> CreateIdr4LoginViewModelAsync(string ReturnUrl) { Idr4LoginViewModel vm = new Idr4LoginViewModel(); var context = await _identityServerInteractionService.GetAuthorizationContextAsync(ReturnUrl); if (context != null) { if (context?.IdP != null) { // 扩展外部扩展登录模型处理 vm.EnableLocalLogin = false; vm.ReturnUrl = ReturnUrl; vm.username = context?.LoginHint; vm.ExternalProviders = new ExternalProvider[] { new ExternalProvider { AuthenticationScheme = context.IdP } }; } } //外部登陆 获取所有授权信息 并查找当前可用的授权信息 var schemes = await _schemeProvider.GetAllSchemesAsync(); var providers = schemes .Where(x => x.DisplayName != null) .Select(x => new ExternalProvider { DisplayName = x.DisplayName, AuthenticationScheme = x.Name }).ToList(); var allowLocal = true; if (context?.ClientId != null) { var client = await _clientStore.FindEnabledClientByIdAsync(context.ClientId); if (client != null) { allowLocal = client.EnableLocalLogin; vm.ClientName = client.ClientName; vm.ClientUrl = client.ClientUri; vm.ClientLogoUrl = client.LogoUri; if (client.IdentityProviderRestrictions != null && client.IdentityProviderRestrictions.Any()) { providers = providers.Where(provider => client.IdentityProviderRestrictions.Contains(provider.AuthenticationScheme)).ToList(); } } } vm.AllowRememberLogin = AccountOptions.AllowRememberLogin; vm.EnableLocalLogin = allowLocal && AccountOptions.AllowLocalLogin; vm.ReturnUrl = ReturnUrl; vm.username = context?.LoginHint; vm.ExternalProviders = providers.ToArray(); return(vm); }
public async Task <IActionResult> Login(Idr4LoginViewModel model) { #region Idr4验证处理 这里主要对ReturnUrl处理 var context = await _identityServerInteractionService.GetAuthorizationContextAsync(model.ReturnUrl); if (context == null) { //不存在客户端信息 Redirect("~/"); } #endregion #region 基础验证 if (string.IsNullOrEmpty(model.username)) { ModelState.AddModelError("", "请输入用户名"); } if (string.IsNullOrEmpty(model.password)) { ModelState.AddModelError("", "请输入密码"); } #endregion if (ModelState.IsValid) { var user = await _testUserStore.FindByName(model.username); if (user == null) { ModelState.AddModelError("", "用户不存在"); } else if (await _testUserStore.ValidatorUser(user, model.password)) { //查询用户信息 await _events.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Id, user.UserName)); //记住登录 AuthenticationProperties authenticationProperties = null; if (AccountOptions.AllowRememberLogin && model.RememberLogin) { authenticationProperties = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration) }; } //SignIn var userClaims = await _testUserStore.GetAllClaimsByUser(user); await HttpContext.SignInAsync(user.Id, user.UserName, authenticationProperties, userClaims.ToArray()); if (_identityServerInteractionService.IsValidReturnUrl(model.ReturnUrl) || Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } return(Redirect("~/")); } else { await _events.RaiseAsync(new UserLoginFailureEvent(model.username, "登录失败")); ModelState.AddModelError("", AccountOptions.InvalidCredentialsErrorMessage); } } //防止验证失败后返回视图后 界面模型参数不存在 所以这里需要构建一次模型 var vm = await CreateIdr4LoginViewModelAsync(model.ReturnUrl); return(View("Login", vm)); }