Exemple #1
0
        public UserInformation Auths()
        {
            LinUser linUser = _freeSql.Select <LinUser>().Where(r => r.Id == _currentUser.Id).First();

            UserInformation user = _mapper.Map <UserInformation>(linUser);

            user.Avatar    = _currentUser.GetFileUrl(linUser.Avatar);
            user.GroupName = user.GroupId != null?_freeSql.Select <LinGroup>().Where(r => r.Id == user.GroupId).First()?.Info : "";

            if (linUser.IsAdmin())
            {
                user.Auths = new List <IDictionary <string, object> >();
            }
            else
            {
                if (linUser.GroupId != 0)
                {
                    List <LinAuth> listAuths = _freeSql.Select <LinAuth>().Where(r => r.GroupId == linUser.GroupId).ToList();

                    user.Auths = ReflexHelper.AuthsConvertToTree(listAuths);;
                }
            }

            return(user);
        }
        /// <summary>
        /// 验证密码是否正确,生成Claims,返回用户身份信息
        /// </summary>
        /// <param name="context"></param>
        /// <returns></returns>
        public Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
        {
            LinUser user = _useRepository.Where(r => r.Username == context.UserName || r.Email == context.UserName).ToOne();

            //验证失败
            if (user == null)
            {
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "用户不存在");
                return(Task.CompletedTask);
            }

            if (user.Password != LinCmsUtils.Get32Md5(context.Password))
            {
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "请输入正确密码!");
                return(Task.CompletedTask);
            }

            _useRepository.UpdateDiy.Set(r => new LinUser()
            {
                LastLoginTime = DateTime.Now
            }).Where(r => r.Id == user.Id).ExecuteAffrows();

            //subjectId 为用户唯一标识 一般为用户id
            //authenticationMethod 描述自定义授权类型的认证方法
            //authTime 授权时间
            //claims 需要返回的用户身份信息单元
            context.Result = new GrantValidationResult(
                user.Id.ToString(),
                OidcConstants.AuthenticationMethods.Password,
                _clock.UtcNow.UtcDateTime,
                new List <Claim>()
            {
                new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
                new Claim(ClaimTypes.Email, user.Email ?? ""),
                new Claim(ClaimTypes.GivenName, user.Nickname ?? ""),
                new Claim(ClaimTypes.Name, user.Username ?? ""),
                new Claim(LinCmsClaimTypes.GroupId, user.GroupId.ToString()),
                new Claim(LinCmsClaimTypes.IsAdmin, user.IsAdmin().ToString()),
                new Claim(ClaimTypes.Role, user.IsAdmin()?LinGroup.Admin:user.GroupId.ToString())
            });
            return(Task.CompletedTask);
        }
Exemple #3
0
        /// <summary>
        /// 验证密码是否正确,生成Claims,返回用户身份信息
        /// </summary>
        /// <param name="context"></param>
        /// <returns></returns>
        public Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
        {
            LinUser user = _fsql.Select <LinUser>().Where(r => r.Nickname == context.UserName).ToOne();

            //验证失败
            if (user == null)
            {
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "用户不存在");
                return(Task.CompletedTask);
            }

            if (user.Password != LinCmsUtils.Get32Md5(context.Password))
            {
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "请输入正确密码!");
                return(Task.CompletedTask);
            }

            //subjectId 为用户唯一标识 一般为用户id
            //authenticationMethod 描述自定义授权类型的认证方法
            //authTime 授权时间
            //claims 需要返回的用户身份信息单元
            context.Result = new GrantValidationResult(
                user.Id.ToString(),
                OidcConstants.AuthenticationMethods.Password,
                _clock.UtcNow.UtcDateTime,
                new List <Claim>()
            {
                new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
                new Claim(ClaimTypes.Email, user.Email),
                new Claim(ClaimTypes.SerialNumber, user.Nickname),
                new Claim(ClaimTypes.Name, user.Username),
                new Claim(LinCmsClaimTypes.GroupId, user.GroupId.ToString()),
                new Claim(LinCmsClaimTypes.IsAdmin, user.IsAdmin().ToString()),
                new Claim(ClaimTypes.Role, user.IsAdmin()?LinGroup.Administrator:user.GroupId.ToString())
            });
            return(Task.CompletedTask);
        }
        public async Task <IActionResult> Home(string provider = null, string redirectUrl = "")
        {
            if (string.IsNullOrWhiteSpace(provider))
            {
                return(BadRequest());
            }

            if (!await HttpContext.IsProviderSupportedAsync(provider))
            {
                return(BadRequest());
            }

            var authenticateResult = await _contextAccessor.HttpContext.AuthenticateAsync(provider);

            if (!authenticateResult.Succeeded)
            {
                return(Redirect(redirectUrl));
            }
            var openIdClaim = authenticateResult.Principal.FindFirst(ClaimTypes.NameIdentifier);

            if (openIdClaim == null || string.IsNullOrWhiteSpace(openIdClaim.Value))
            {
                return(Redirect(redirectUrl));
            }
            long id = 0;

            switch (provider)
            {
            case LinUserCommunity.GitHub:
                id = _userCommunityService.SaveGitHub(authenticateResult.Principal, openIdClaim.Value);
                break;

            case LinUserCommunity.QQ:

                break;

            case LinUserCommunity.WeiXin:

                break;

            default:
                _logger.LogError($"未知的privoder:{provider},redirectUrl:{redirectUrl}");
                break;
            }
            List <Claim> authClaims = authenticateResult.Principal.Claims.ToList();

            LinUser user = FreeSql.Select <LinUser>().WhereCascade(r => r.IsDeleted == false).Where(r => r.Id == id).First();

            List <Claim> claims = new List <Claim>()
            {
                new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
                new Claim(ClaimTypes.Email, user.Email ?? ""),
                new Claim(ClaimTypes.GivenName, user.Nickname ?? ""),
                new Claim(ClaimTypes.Name, user.Username ?? ""),
                new Claim(LinCmsClaimTypes.GroupId, user.GroupId.ToString()),
                new Claim(LinCmsClaimTypes.IsAdmin, user.IsAdmin().ToString()),
                new Claim(ClaimTypes.Role, user.IsAdmin()?LinGroup.Admin:user.GroupId.ToString())
            };

            claims.AddRange(authClaims);

            string token = this.CreateToken(claims);

            return(Redirect($"{redirectUrl}?token={token}"));
        }