コード例 #1
0
        private async Task <SignInResultCustom> TenantSignInAsync(Tenant tenant, string username, string password, bool isPersistent = false, bool lockoutOnFailure = false)
        {
            var user = await UserManager.FindByNameAsync(tenant.Id, username);

            var ldapEnabled = await _directoryManager.CheckForLdapSupport(tenant);

            var passwordSuccess = false;

            // Local users will immediately succeed if the password matches
            // NOTE: Skip if password hash is null since local users can't have null passwords
            if (user != null && user.PasswordHash != null)
            {
                passwordSuccess = VerifyPasswordHash(user, password);
            }

            // If user could not be signed in locally then let's try ldap
            if (ldapEnabled && !passwordSuccess)
            {
                var ldapUser = await LdapSignInAsync(tenant, username, password);

                if (ldapUser != null)
                {
                    // Success, ldap user found....
                    // Sync the user and sign in using external auth scheme
                    user = await SyncUserWithLdap(user, ldapUser);

                    await SignInAsync(user, isPersistent, "Ldap");

                    return(SignInResultCustom.Success(user));
                }
            }

            // fail if the user could not be found
            if (user == null)
            {
                return(SignInResultCustom.Failed());
            }

            // Return any abnormal user states only if the user supplied the correct password
            if (passwordSuccess)
            {
                if (user.MustChangePassword)
                {
                    return(SignInResultCustom.ChangePasswordRequired(user));
                }

                // fail if the user's email address has not been confirmed (custom)
                if (!user.EmailConfirmed)
                {
                    return(SignInResultCustom.EmailNotConfirmed());
                }
            }


            // If we get this far then continue processing using base SignInManager to handle
            // two factor authentication, lockout policies, and password rehashing
            var baseResult = await PasswordSignInAsync(user, password, isPersistent, lockoutOnFailure);

            return(new SignInResultCustom(user, baseResult));
        }