/// <summary> /// 验证Bearer Token /// </summary> /// <param name="userAccountId">用户ID</param> /// <param name="accessToken">令牌</param> /// <returns></returns> public async Task<IPrincipal> AuthenticateBearerTokenAsync(string accessToken) { //1. 根据条件获取Token对象。 Token bearerToken = await Fetch(x => x.AccessToken == accessToken && !x.IsRevoked && x.ExpirationDate > DateTime.Now).SingleOrDefaultAsync(); if(bearerToken != null) { //2. 如果Token对象不为空,则为Token验证成功,建立Principal。 KoalaBlogIdentityObject identityObj = new KoalaBlogIdentityObject(); UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(_dbContext); //3. 获取UserAccountXPerson对象。 UserAccountXPerson uaxp = await uaxpHandler.LoadByUserAccountIDIncludeUserAccountAndPersonAsync(bearerToken.UserAccountID); if(uaxp != null) { if (uaxp.UserAccount != null) { identityObj.UserID = uaxp.UserAccount.ID; identityObj.UserName = uaxp.UserAccount.UserName; identityObj.Email = uaxp.UserAccount.Email; identityObj.Status = uaxp.UserAccount.Status; } if (uaxp.Person != null) { identityObj.PersonID = uaxp.Person.ID; identityObj.PersonNickName = uaxp.Person.NickName; identityObj.Introduction = uaxp.Person.Introduction; } } else { UserAccountHandler uaHandler = new UserAccountHandler(_dbContext); //4. 如果UserAccountXPerson对象为空,意味着可能是用户注册还没完成,则根据用户名获取UserAccount对象,赋值IdentityObject通用Property。 UserAccount userAccount = await uaHandler.GetByIdAsync(bearerToken.UserAccountID); if (userAccount != null) { identityObj.UserID = userAccount.ID; identityObj.UserName = userAccount.UserName; identityObj.Email = userAccount.Email; identityObj.Status = userAccount.Status; } } KoalaBlogIdentity identity = new KoalaBlogIdentity(identityObj); KoalaBlogPrincipal principal = new KoalaBlogPrincipal(identity); return principal; } return null; }
public KoalaBlogIdentity(KoalaBlogIdentityObject identityObject) { this._identityObject = identityObject; }
/// <summary> /// 登录 /// </summary> /// <param name="userName">用户名</param> /// <param name="hashPassword">密码</param> /// <returns></returns> public async Task<Tuple<KoalaBlogIdentityObject, SignInStatus, string>> SignInAsync(string userName, string password, bool isPersistent) { KoalaBlogIdentityObject identityObject = new KoalaBlogIdentityObject(); var userAccount = await GetByUserNameAsync(userName); if (userAccount != null) { //1. 设置Common Property。 identityObject.UserID = userAccount.ID; identityObject.UserName = userAccount.UserName; identityObject.Email = userAccount.Email; identityObject.Status = userAccount.Status; bool isEmailConfirmed = userAccount.EmailConfirmed; if (!isEmailConfirmed) { return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.NotYetEmailConfirmed, string.Empty); } else { //2. 如果用户已经邮件验证完成则获取Person对象。 UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(_dbContext); UserAccountXPerson uaxp = await uaxpHandler.LoadByUserAccountIDAsync(userAccount.ID); if (uaxp != null && uaxp.Person != null) { identityObject.PersonID = uaxp.Person.ID; identityObject.PersonNickName = uaxp.Person.NickName; identityObject.Introduction = uaxp.Person.Introduction; } bool isLockedOut = userAccount.Status == UserAccount.STATUS_SUSPENDED; if (isLockedOut) { return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.LockedOut, string.Empty); } string pwd = KoalaBlogSecurityManager.CreatePasswordHash(password, userAccount.PasswordSalt); bool isValid = pwd == userAccount.Password; if (isValid) { userAccount.LastLogon = DateTime.Now; userAccount.IsOnline = true; await ModifyAsync(userAccount); //3. 如果登录成功则生成一个Bearer Token。 TokenHandler tokenHandler = new TokenHandler(_dbContext); DateTime? expirationDate = isPersistent ? DateTime.MaxValue : (DateTime?)null; Token bearerToken = await tokenHandler.GenerateBearerTokenAsync(userAccount.ID, expirationDate); return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.Succeeded, bearerToken.AccessToken); } else { return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.WrongPassword, string.Empty); } } } return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.Failure, string.Empty); }
/// <summary> /// 根据UserName获取KoalaBlogIdentityObject /// </summary> /// <param name="userName"></param> /// <returns></returns> public async Task<KoalaBlogIdentityObject> GetIdentityObjectAsync() { using (KoalaBlogDbContext dbContext = new KoalaBlogDbContext()) { UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(dbContext); if(CurrentThreadIdentityObject != null) { //1. 根据用户名获取UserAccountXPerson对象。 UserAccountXPerson uaxp = await uaxpHandler.LoadByUserNameAsync(CurrentThreadIdentityObject.UserName); if (uaxp != null) { KoalaBlogIdentityObject identityObject = new KoalaBlogIdentityObject(); if (uaxp.UserAccount != null) { identityObject.UserID = uaxp.UserAccount.ID; identityObject.UserName = uaxp.UserAccount.UserName; identityObject.Email = uaxp.UserAccount.Email; identityObject.Status = uaxp.UserAccount.Status; } if (uaxp.Person != null) { AvatarHandler avatarHandler = new AvatarHandler(dbContext); Avatar avatar = await avatarHandler.GetActiveAvatarByPersonId(uaxp.Person.ID); identityObject.PersonID = uaxp.Person.ID; identityObject.PersonNickName = uaxp.Person.NickName; identityObject.Introduction = uaxp.Person.Introduction; if (avatar != null) { identityObject.AvatarUrl = avatar.AvatarPath; } } return identityObject; } else { UserAccountHandler uaHandler = new UserAccountHandler(dbContext); //2. 如果UserAccountXPerson对象为空,意味着可能是用户注册还没完成,则根据用户名获取UserAccount对象,赋值IdentityObject通用Property。 UserAccount userAccount = await uaHandler.GetByUserNameAsync(CurrentThreadIdentityObject.UserName); if (userAccount != null) { KoalaBlogIdentityObject identityObject = new KoalaBlogIdentityObject() { UserID = userAccount.ID, UserName = userAccount.UserName, Email = userAccount.Email, Status = userAccount.Status }; return identityObject; } } } return null; } }