/// <summary>登录请求验证</summary> /// <param name="request"></param> /// <returns></returns> public async Task <LoginResult> LoginAsync(LoginRequest request, TimeSpan tokenExpireInterval) { var result = new LoginResult(); var userInfo = await GetUserInfo(request.UserName); if (userInfo == null) { result.ErrorMessage = $"用户名称{request.UserName}不存在"; return(result); } if (request.AuthenticationType == AuthenticationType.Forms && userInfo.PASSWORD != HashPassword(request.Password, userInfo.PASSWORDSALT)) { result.ErrorMessage = $"用户密码错误"; return(result); } var principal = BuildPrincipal(userInfo, request.AuthenticationType.ToString()); var userAuthSessionsRepository = GetService <IRepository <UserAuthSessions> >(); var token = Guid.NewGuid().ToString(); var now = DateTime.Now; var userAuthSession = new UserAuthSessions { SessionKey = token, AppKey = request.AppCode, UserName = userInfo.USERNAME, AuthenticationType = principal.Identity.AuthenticationType, Valid = true, CreateTime = now, InvalidTime = now + tokenExpireInterval, IPAddress = request.UserHostAddress, }; userAuthSessionsRepository.Add(userAuthSession); principal.CreateTime = userAuthSession.CreateTime; principal.ExpireTime = userAuthSession.InvalidTime; result.Token = token; result.Principal = principal; result.Succeed = true; return(result); }
/// <summary>续期</summary> /// <param name="request"></param> /// <returns></returns> public async Task <LoginResult> RenewAsync(string token, IPKSPrincipal principal, TimeSpan tokenExpireInterval) { var userAuthSessionsRepository = GetService <IRepository <UserAuthSessions> >(); var userSession = await LoadSessionFromToken(userAuthSessionsRepository, token); if (userSession == null || !userSession.Valid) { return(null); } var userInfo = await GetUserInfo(userSession.UserName); var newPrincipal = BuildPrincipal(userInfo, userSession.AuthenticationType); var newToken = Guid.NewGuid().ToString(); var now = DateTime.Now; var newUserSession = new UserAuthSessions { SessionKey = newToken, AppKey = userSession.AppKey, UserName = userInfo.USERNAME, AuthenticationType = userSession.AuthenticationType, Valid = true, CreateTime = now, InvalidTime = now + tokenExpireInterval, IPAddress = userSession.IPAddress, }; userAuthSessionsRepository.Add(newUserSession); newPrincipal.CreateTime = newUserSession.CreateTime; newPrincipal.ExpireTime = newUserSession.InvalidTime; var result = new LoginResult(); result.Token = newToken; result.Principal = newPrincipal; result.Succeed = true; return(result); }