public UserInformation Auths()
{
LinUser linUser = _freeSql.Select <LinUser>().Where(r => r.Id == _currentUser.Id).First();
UserInformation user = _mapper.Map <UserInformation>(linUser);
user.Avatar = _currentUser.GetFileUrl(linUser.Avatar);
user.GroupName = user.GroupId != null?_freeSql.Select <LinGroup>().Where(r => r.Id == user.GroupId).First()?.Info : "";
if (linUser.IsAdmin())
{
user.Auths = new List <IDictionary <string, object> >();
}
else
{
if (linUser.GroupId != 0)
{
List <LinAuth> listAuths = _freeSql.Select <LinAuth>().Where(r => r.GroupId == linUser.GroupId).ToList();
user.Auths = ReflexHelper.AuthsConvertToTree(listAuths);;
}
}
return(user);
}
/// <summary>
/// 验证密码是否正确,生成Claims,返回用户身份信息
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
{
LinUser user = _useRepository.Where(r => r.Username == context.UserName || r.Email == context.UserName).ToOne();
//验证失败
if (user == null)
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "用户不存在");
return(Task.CompletedTask);
}
if (user.Password != LinCmsUtils.Get32Md5(context.Password))
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "请输入正确密码!");
return(Task.CompletedTask);
}
_useRepository.UpdateDiy.Set(r => new LinUser()
{
LastLoginTime = DateTime.Now
}).Where(r => r.Id == user.Id).ExecuteAffrows();
//subjectId 为用户唯一标识 一般为用户id
//authenticationMethod 描述自定义授权类型的认证方法
//authTime 授权时间
//claims 需要返回的用户身份信息单元
context.Result = new GrantValidationResult(
user.Id.ToString(),
OidcConstants.AuthenticationMethods.Password,
_clock.UtcNow.UtcDateTime,
new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Email, user.Email ?? ""),
new Claim(ClaimTypes.GivenName, user.Nickname ?? ""),
new Claim(ClaimTypes.Name, user.Username ?? ""),
new Claim(LinCmsClaimTypes.GroupId, user.GroupId.ToString()),
new Claim(LinCmsClaimTypes.IsAdmin, user.IsAdmin().ToString()),
new Claim(ClaimTypes.Role, user.IsAdmin()?LinGroup.Admin:user.GroupId.ToString())
});
return(Task.CompletedTask);
}
/// <summary>
/// 验证密码是否正确,生成Claims,返回用户身份信息
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
{
LinUser user = _fsql.Select <LinUser>().Where(r => r.Nickname == context.UserName).ToOne();
//验证失败
if (user == null)
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "用户不存在");
return(Task.CompletedTask);
}
if (user.Password != LinCmsUtils.Get32Md5(context.Password))
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "请输入正确密码!");
return(Task.CompletedTask);
}
//subjectId 为用户唯一标识 一般为用户id
//authenticationMethod 描述自定义授权类型的认证方法
//authTime 授权时间
//claims 需要返回的用户身份信息单元
context.Result = new GrantValidationResult(
user.Id.ToString(),
OidcConstants.AuthenticationMethods.Password,
_clock.UtcNow.UtcDateTime,
new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.SerialNumber, user.Nickname),
new Claim(ClaimTypes.Name, user.Username),
new Claim(LinCmsClaimTypes.GroupId, user.GroupId.ToString()),
new Claim(LinCmsClaimTypes.IsAdmin, user.IsAdmin().ToString()),
new Claim(ClaimTypes.Role, user.IsAdmin()?LinGroup.Administrator:user.GroupId.ToString())
});
return(Task.CompletedTask);
}
public async Task <IActionResult> Home(string provider = null, string redirectUrl = "")
{
if (string.IsNullOrWhiteSpace(provider))
{
return(BadRequest());
}
if (!await HttpContext.IsProviderSupportedAsync(provider))
{
return(BadRequest());
}
var authenticateResult = await _contextAccessor.HttpContext.AuthenticateAsync(provider);
if (!authenticateResult.Succeeded)
{
return(Redirect(redirectUrl));
}
var openIdClaim = authenticateResult.Principal.FindFirst(ClaimTypes.NameIdentifier);
if (openIdClaim == null || string.IsNullOrWhiteSpace(openIdClaim.Value))
{
return(Redirect(redirectUrl));
}
long id = 0;
switch (provider)
{
case LinUserCommunity.GitHub:
id = _userCommunityService.SaveGitHub(authenticateResult.Principal, openIdClaim.Value);
break;
case LinUserCommunity.QQ:
break;
case LinUserCommunity.WeiXin:
break;
default:
_logger.LogError($"未知的privoder:{provider},redirectUrl:{redirectUrl}");
break;
}
List <Claim> authClaims = authenticateResult.Principal.Claims.ToList();
LinUser user = FreeSql.Select <LinUser>().WhereCascade(r => r.IsDeleted == false).Where(r => r.Id == id).First();
List <Claim> claims = new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Email, user.Email ?? ""),
new Claim(ClaimTypes.GivenName, user.Nickname ?? ""),
new Claim(ClaimTypes.Name, user.Username ?? ""),
new Claim(LinCmsClaimTypes.GroupId, user.GroupId.ToString()),
new Claim(LinCmsClaimTypes.IsAdmin, user.IsAdmin().ToString()),
new Claim(ClaimTypes.Role, user.IsAdmin()?LinGroup.Admin:user.GroupId.ToString())
};
claims.AddRange(authClaims);
string token = this.CreateToken(claims);
return(Redirect($"{redirectUrl}?token={token}"));
}