private void CheckOther(LoginType loginType) { var v_user = _userService.GetByUserId(_currentUserID); if (v_user.RoleID == (int)Role.BlacklistUser) { LoginFailed(v_user, "您已被禁止登录", loginType); return; } if (v_user.ExpiryTime <= DateTime.Now) { LoginFailed(v_user, "会员到期,请续费后登录", loginType); return; } var onlineUsers = _onlineUserService.GetById(_currentUserID, "Fk_UserID"); int count = onlineUsers.Count; if (count == 0) { } else if (count < TcpServer.UserMaxLoginCount) { string ipAddress = onlineUsers.First().IPAddress; try { IPAddress ip1 = IPAddress.Parse(ipAddress); IPAddress ip2 = tcpSession.RemoteIPEndPoint.Address; if (ip1.Equals(ip2) == false) { LoginFailed(v_user, "您已在其他设备登录了工具", loginType); return; } } catch (Exception ex) { throw new NetworkException("解析数据库已保存的IP地址错误,ip:" + ipAddress, ex); } } else if (count >= TcpServer.UserMaxLoginCount) { LoginFailed(v_user, string.Format("您最多在同一设备上登录 {0} 个相同账号", TcpServer.UserMaxLoginCount), loginType); return; } OnlineUserDto newOnlineUser = V_User2OnlineUser(v_user); newOnlineUser.Key = Guid.NewGuid().ToString(); _onlineUserToken = newOnlineUser.Key; _onlineUserService.Add(newOnlineUser); LoginSuccess(v_user, loginType); }
public async Task <IActionResult> OnGetCallbackAsync(string returnUrl = null, string remoteError = null) { returnUrl = returnUrl ?? Url.Content("~/"); if (remoteError != null) { ErrorMessage = $"Error from external provider: {remoteError}"; return(RedirectToPage("./Login", new { ReturnUrl = returnUrl })); } var info = await _signInManager.GetExternalLoginInfoAsync(); if (info == null) { ErrorMessage = "Error loading external login information."; return(RedirectToPage("./Login", new { ReturnUrl = returnUrl })); } // Sign in the user with this external login provider if the user already has a login. var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, isPersistent : false, bypassTwoFactor : true); if (result.Succeeded) { //添加在线用户 string client = this.Request.Headers["User-Agent"]; var userName = info.Principal.FindFirstValue("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"); if (!string.IsNullOrEmpty(userName)) { _onlineUserService.Add(userName.ToLower(), client); } _logger.LogInformation("{Name} logged in with {LoginProvider} provider.", info.Principal.Identity.Name, info.LoginProvider); return(LocalRedirect(returnUrl)); } if (result.IsLockedOut) { return(RedirectToPage("./Lockout")); } else { // If the user does not have an account, then ask the user to create an account. ReturnUrl = returnUrl; LoginProvider = info.LoginProvider; if (info.Principal.HasClaim(c => c.Type == ClaimTypes.Email)) { Input = new InputModel { Email = info.Principal.FindFirstValue(ClaimTypes.Email) }; } return(Page()); } }
public async Task <IActionResult> OnPostAsync(string button, string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/"); // check if we are in the context of an authorization request var context = await _interaction.GetAuthorizationContextAsync(Input.ReturnUrl); // the user clicked the "cancel" button if (button != "login") { if (context != null) { // if the user cancels, send a result back into IdentityServer as if they // denied the consent (even if this client does not require consent). // this will send back an access denied OIDC error response to the client. await _interaction.GrantConsentAsync(context, ConsentResponse.Denied); // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null if (await _clientStore.IsPkceClientAsync(context.ClientId)) { return(RedirectToAction("Redirect")); } } else { // since we don't have a valid context, then we just go back to the home page return(Redirect("~/")); } } if (ModelState.IsValid) { // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure : true); if (result.Succeeded) { _logger.LogInformation("User logged in."); //添加在线用户 string client = this.Request.Headers["User-Agent"]; if (!string.IsNullOrEmpty(Input.Email)) { _onlineUserService.Add(Input.Email.ToLower(), client); } if (context != null) { if (await _clientStore.IsPkceClientAsync(context.ClientId)) { // if the client is PKCE then we assume it's native, so this change in how to // return the response is for better UX for the end user. //return View("Redirect", new RedirectViewModel { RedirectUrl = model.ReturnUrl }); } // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null return(Redirect(Input.ReturnUrl)); } return(LocalRedirect(returnUrl)); } if (result.RequiresTwoFactor) { return(RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe })); } if (result.IsLockedOut) { _logger.LogWarning("User account locked out."); return(RedirectToPage("./Lockout")); } else { ModelState.AddModelError(string.Empty, "尝试登录失败。");// "Invalid login attempt." //Input.ExternalProviders = await GetExternalProviders(); //return Page(); } } Input.ExternalProviders = await GetExternalProviders(); // If we got this far, something failed, redisplay form return(Page()); }