/// <summary>
/// 创建证件单元信息
/// </summary>
/// <returns></returns>
private Claim[] GetUserClaims(CustomerClaimModel claimModel)
{
return(new Claim[]
{
new Claim("CustomerId", claimModel.CustomerId.ToString()),
new Claim("UserName", claimModel.UserName.ToString()),
new Claim("TrueName", claimModel.TrueName.ToString()),
new Claim("Pic", string.IsNullOrEmpty(claimModel.Pic)?string.Empty:claimModel.Pic.ToString())
});
}
public BaseController()
{
httpContex = MyHttpContext.Current;
var request = httpContex.Request;
baseUri = new StringBuilder()
.Append(request.Scheme)
.Append("://")
.Append(request.Host)
.ToString();
if (request.Host.Port == 80)
{
baseUri = baseUri.Replace(":80", "");
}
CustomerClaimModel claimModel = new CustomerClaimModel();
//从Token中取出登陆用户信息
var _user = httpContex.User.Claims;
if (_user != null)
{
foreach (var item in _user)
{
if (item.Type == "CustomerId")
{
claimModel.CustomerId = Guid.Parse(item.Value);
}
if (item.Type == "UserName")
{
claimModel.UserName = item.Value;
}
if (item.Type == "TrueName")
{
claimModel.TrueName = item.Value;
}
}
loginUser = claimModel;
}
}
/// <summary>
/// 登陆校验
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
{
await Task.Run(() =>
{
//根据context.UserName和context.Password与数据库的数据做校验,判断是否合法
string userName = context.UserName;
string password = context.Password;
CustomerClaimModel claimModel = customerServie.Login(userName, password);
if (claimModel.Notice.NotifyType == NotifyType.Success)
{
//用户名密码验证成功
context.Result = new GrantValidationResult(
subject: context.UserName,
authenticationMethod: "custom",
claims: GetUserClaims(claimModel)
);
}
else
{
//验证失败
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, claimModel.Notice.Message);
}
});
}
/// <summary>
/// 用户登录
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns></returns>
public CustomerClaimModel Login(string userName, string password)
{
CustomerClaimModel claimModel = new CustomerClaimModel();
if (!customerRepository.CheckExists(r => !r.IsDeleted & r.UserName == userName))
{
//用户名不存在
claimModel.Notice = new Notification(NotifyType.Error, "用户不存在。");
}
else
{
//用户名存在
string _password = HashHelper.GetMd5(password);
var customer = customerRepository.Entities.Where(r => !r.IsDeleted
& r.UserName == userName
& r.Password == _password).FirstOrDefault();
if (customer == null)
{
//用户名密码校验失败
StringBuilder errorMsg = new StringBuilder();
errorMsg.Append("用户名或密码错误。");
var _customer = customerRepository.Entities.Where(r => !r.IsDeleted & r.UserName == userName).FirstOrDefault();
if (_customer.LoginErrorTimes < 0)
{
_customer.LoginErrorTimes = 1;
errorMsg.Append("您已经登录错误1次,还有4次登录机会。");
}
else if (_customer.LoginErrorTimes >= 0 & _customer.LoginErrorTimes < 4)
{
errorMsg.Append(string.Format("你已经登录错误{0}次,还有{1}次登录机会。", Convert.ToString(_customer.LoginErrorTimes + 1), Convert.ToString(4 - _customer.LoginErrorTimes)));
_customer.LoginErrorTimes++;
}
else
{
_customer.LoginErrorTimes++;
_customer.IsLocked = true;
errorMsg.Append("您已经登录错误5次,账户已被锁定。");
}
_customer.LastLoginTime = DateTime.Now;
claimModel.Notice = new Notification(NotifyType.Error, errorMsg.ToString());
customerRepository.Update(_customer);
}
else
{
//用户名密码校验成功
if (customer.IsLocked)
{
//用户已经被锁定
claimModel.Notice = new Notification(NotifyType.Error, "用户已经被锁定。");
}
else
{
//用户状态正常
claimModel.CustomerId = customer.Id;
claimModel.UserName = customer.UserName;
claimModel.TrueName = customer.TrueName;
claimModel.Pic = customer.Pic;
claimModel.Notice = new Notification(NotifyType.Success, "登录成功。");
customer.LoginErrorTimes = 0;
}
customer.LastLoginTime = DateTime.Now;
customerRepository.Update(customer);
}
}
return(claimModel);
}
