/// <summary>
/// Constructor
/// </summary>
/// <param name="userManager"></param>
/// <param name="authenticationManager"></param>
public InspurSignInManager(InspurUserManager <TUser, TKey> userManager, IAuthenticationManager authenticationManager)
{
if (userManager == null)
{
throw new ArgumentNullException("userManager");
}
if (authenticationManager == null)
{
throw new ArgumentNullException("authenticationManager");
}
InspurUserManager = userManager;
AuthenticationManager = authenticationManager;
}
/// <summary>
/// Sign the user in using an associated external login
/// </summary>
/// <param name="loginInfo"></param>
/// <param name="isPersistent"></param>
/// <returns></returns>
public async Task <InspurSignInStatus> ExternalSignInAsync(InspurExternalLoginInfo loginInfo, bool isPersistent)
{
var user = await InspurUserManager.FindAsync(loginInfo.Login).WithCurrentCulture();
if (user == null)
{
return(InspurSignInStatus.Failure);
}
//if (await InspurUserManager.IsLockedOutAsync(user.Id).WithCurrentCulture())
//{
// return InspurSignInStatus.LockedOut;
//}
return(await SignInOrTwoFactor(user, isPersistent).WithCurrentCulture());
}
/// <summary>
/// Validate the token for the user
/// </summary>
/// <param name="purpose"></param>
/// <param name="token"></param>
/// <param name="manager"></param>
/// <param name="user"></param>
/// <returns></returns>
public virtual async Task <bool> ValidateAsync(string purpose, string token, InspurUserManager <TUser, TKey> manager,
TUser user)
{
int code;
if (!Int32.TryParse(token, out code))
{
return(false);
}
var securityToken = await manager.CreateSecurityTokenAsync(user.Id).WithCurrentCulture();
var modifier = await GetUserModifierAsync(purpose, manager, user).WithCurrentCulture();
return(securityToken != null && Rfc6238AuthenticationService.ValidateCode(securityToken, code, modifier));
}
/// <summary>
/// Send a two factor code to a user
/// </summary>
/// <param name="provider"></param>
/// <returns></returns>
public virtual async Task <bool> SendTwoFactorCodeAsync(string provider)
{
var userId = await GetVerifiedUserIdAsync().WithCurrentCulture();
if (userId == null)
{
return(false);
}
var token = await InspurUserManager.GenerateTwoFactorTokenAsync(userId, provider).WithCurrentCulture();
// See IdentityConfig.cs to plug in Email/SMS services to actually send the code
await InspurUserManager.NotifyTwoFactorTokenAsync(userId, provider, token).WithCurrentCulture();
return(true);
}
private async Task <InspurSignInStatus> SignInOrTwoFactor(TUser user, bool isPersistent)
{
var id = Convert.ToString(user.Id);
if (await InspurUserManager.GetTwoFactorEnabledAsync(user.Id).WithCurrentCulture() &&
(await InspurUserManager.GetValidTwoFactorProvidersAsync(user.Id).WithCurrentCulture()).Count > 0 &&
!await AuthenticationManager.TwoFactorBrowserRememberedAsync(id).WithCurrentCulture())
{
var identity = new ClaimsIdentity(DefaultAuthenticationTypes.TwoFactorCookie);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, id));
AuthenticationManager.SignIn(identity);
return(InspurSignInStatus.RequiresVerification);
}
await SignInAsync(user, isPersistent, false).WithCurrentCulture();
return(InspurSignInStatus.Success);
}
/// <summary>
/// Sign in the user in using the user name and password
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="isPersistent"></param>
/// <param name="shouldLockout"></param>
/// <returns></returns>
public virtual async Task <InspurSignInStatus> PasswordSignInAsync(string email, string password, bool isPersistent, bool shouldLockout)
{
if (InspurUserManager == null)
{
return(InspurSignInStatus.Failure);
}
//var user = await InspurUserManager.FindByNameAsync(userName).WithCurrentCulture();
//if (user == null)
//{
//}
var user = await InspurUserManager.FindByEmailAsync(email).WithCurrentCulture();
if (user == null)
{
return(InspurSignInStatus.Failure);
}
//if (await InspurUserManager.IsLockedOutAsync(user.Id).WithCurrentCulture())
//{
// return InspurSignInStatus.LockedOut;
//}
if (await InspurUserManager.CheckPasswordAsync(user, password).WithCurrentCulture())
{
//await InspurUserManager.ResetAccessFailedCountAsync(user.Id).WithCurrentCulture();
return(await SignInOrTwoFactor(user, isPersistent).WithCurrentCulture());
}
if (shouldLockout)
{
// If lockout is requested, increment access failed count which might lock out the user
await InspurUserManager.AccessFailedAsync(user.Id).WithCurrentCulture();
//if (await InspurUserManager.IsLockedOutAsync(user.Id).WithCurrentCulture())
//{
// return InspurSignInStatus.LockedOut;
//}
}
return(InspurSignInStatus.Failure);
}
/// <summary>
/// Called to generate the ClaimsIdentity for the user, override to add additional claims before SignIn
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public virtual Task <ClaimsIdentity> CreateUserIdentityAsync(TUser user)
{
return(InspurUserManager.CreateIdentityAsync(user, AuthenticationType));
}
/// <summary>
/// Used for entropy in the token, uses the user.Id by default
/// </summary>
/// <param name="purpose"></param>
/// <param name="manager"></param>
/// <param name="user"></param>
/// <returns></returns>
public virtual Task <string> GetUserModifierAsync(string purpose, InspurUserManager <TUser, TKey> manager, TUser user)
{
return(Task.FromResult("Totp:" + purpose + ":" + user.Id));
}
/// <summary>
/// This token provider does not notify the user by default
/// </summary>
/// <param name="token"></param>
/// <param name="manager"></param>
/// <param name="user"></param>
/// <returns></returns>
public virtual Task NotifyAsync(string token, InspurUserManager <TUser, TKey> manager, TUser user)
{
return(Task.FromResult(0));
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="manager"></param>
public InspurUserValidator(InspurUserManager <TUser, string> manager)
: base(manager)
{
}
