/// <summary> /// 验证Bearer Token /// </summary> /// <param name="userAccountId">用户ID</param> /// <param name="accessToken">令牌</param> /// <returns></returns> public async Task<IPrincipal> AuthenticateBearerTokenAsync(string accessToken) { //1. 根据条件获取Token对象。 Token bearerToken = await Fetch(x => x.AccessToken == accessToken && !x.IsRevoked && x.ExpirationDate > DateTime.Now).SingleOrDefaultAsync(); if(bearerToken != null) { //2. 如果Token对象不为空,则为Token验证成功,建立Principal。 KoalaBlogIdentityObject identityObj = new KoalaBlogIdentityObject(); UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(_dbContext); //3. 获取UserAccountXPerson对象。 UserAccountXPerson uaxp = await uaxpHandler.LoadByUserAccountIDIncludeUserAccountAndPersonAsync(bearerToken.UserAccountID); if(uaxp != null) { if (uaxp.UserAccount != null) { identityObj.UserID = uaxp.UserAccount.ID; identityObj.UserName = uaxp.UserAccount.UserName; identityObj.Email = uaxp.UserAccount.Email; identityObj.Status = uaxp.UserAccount.Status; } if (uaxp.Person != null) { identityObj.PersonID = uaxp.Person.ID; identityObj.PersonNickName = uaxp.Person.NickName; identityObj.Introduction = uaxp.Person.Introduction; } } else { UserAccountHandler uaHandler = new UserAccountHandler(_dbContext); //4. 如果UserAccountXPerson对象为空,意味着可能是用户注册还没完成,则根据用户名获取UserAccount对象,赋值IdentityObject通用Property。 UserAccount userAccount = await uaHandler.GetByIdAsync(bearerToken.UserAccountID); if (userAccount != null) { identityObj.UserID = userAccount.ID; identityObj.UserName = userAccount.UserName; identityObj.Email = userAccount.Email; identityObj.Status = userAccount.Status; } } KoalaBlogIdentity identity = new KoalaBlogIdentity(identityObj); KoalaBlogPrincipal principal = new KoalaBlogPrincipal(identity); return principal; } return null; }
public async Task<string> GetPersonNickNameByUserAccountIDAsync(long userAccountID) { using (KoalaBlogDbContext dbContext = new KoalaBlogDbContext()) { PersonHandler perHandler = new PersonHandler(dbContext); UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(dbContext); //1. Get the UserAccountXPerson UserAccountXPerson uaxp = await uaxpHandler.LoadByUserAccountIDAsync(userAccountID); //2. Get the Person NickName return uaxp != null && uaxp.Person != null ? uaxp.Person.NickName : ""; } }
/// <summary> /// 创建Person并且建立UserAccountXPerson的关系 /// </summary> /// <param name="ua">UserAccount</param> /// <returns></returns> public async Task<Person> CreatePersonAsync(UserAccount ua) { AssertUtil.IsNotNull(ua, "UserAccount can't be null"); UserAccountHandler uaHandler = new UserAccountHandler(_dbContext); UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(_dbContext); AssertUtil.IsNotNull(await uaHandler.GetByIdAsync(ua.ID), "This user account doesn't exist"); //1. Check whether the existing relationships. AssertUtil.IsTrue(await uaxpHandler.AnyAsync(x => x.UserAccountID == ua.ID), "Existing relationships"); using(var dbTransaction = _dbContext.Database.BeginTransaction()) { try { //2. Setup the basic profile. Person per = new Person(); per.NickName = ua.UserName; per.RealNameAccessLevel = PersonInfoAccessInfo.MyselfOnly; per.SexualTrendAccessLevel = PersonInfoAccessInfo.MyselfOnly; per.MaritalStatusAccessLevel = PersonInfoAccessInfo.MyselfOnly; per.QQAccessLevel = PersonInfoAccessInfo.MyselfOnly; per.DOBAccessLevel = PersonInfoAccessInfo.MyselfOnly; per.BloodTypeAccessLevel = PersonInfoAccessInfo.MyselfOnly; per.HomePageAccessLevel = PersonInfoAccessInfo.MyselfOnly; per.AllowablePersonForComment = AllowablePersonForComment.All; per.AllowCommentAttachContent = true; Add(per); await SaveChangesAsync(); UserAccountXPerson uaxp = new UserAccountXPerson(); uaxp.UserAccountID = ua.ID; uaxp.PersonID = per.ID; uaxpHandler.Add(uaxp); await SaveChangesAsync(); dbTransaction.Commit(); return per; } catch (Exception) { dbTransaction.Rollback(); throw; } } }
/// <summary> /// 登录 /// </summary> /// <param name="userName">用户名</param> /// <param name="hashPassword">密码</param> /// <returns></returns> public async Task<Tuple<KoalaBlogIdentityObject, SignInStatus, string>> SignInAsync(string userName, string password, bool isPersistent) { KoalaBlogIdentityObject identityObject = new KoalaBlogIdentityObject(); var userAccount = await GetByUserNameAsync(userName); if (userAccount != null) { //1. 设置Common Property。 identityObject.UserID = userAccount.ID; identityObject.UserName = userAccount.UserName; identityObject.Email = userAccount.Email; identityObject.Status = userAccount.Status; bool isEmailConfirmed = userAccount.EmailConfirmed; if (!isEmailConfirmed) { return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.NotYetEmailConfirmed, string.Empty); } else { //2. 如果用户已经邮件验证完成则获取Person对象。 UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(_dbContext); UserAccountXPerson uaxp = await uaxpHandler.LoadByUserAccountIDAsync(userAccount.ID); if (uaxp != null && uaxp.Person != null) { identityObject.PersonID = uaxp.Person.ID; identityObject.PersonNickName = uaxp.Person.NickName; identityObject.Introduction = uaxp.Person.Introduction; } bool isLockedOut = userAccount.Status == UserAccount.STATUS_SUSPENDED; if (isLockedOut) { return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.LockedOut, string.Empty); } string pwd = KoalaBlogSecurityManager.CreatePasswordHash(password, userAccount.PasswordSalt); bool isValid = pwd == userAccount.Password; if (isValid) { userAccount.LastLogon = DateTime.Now; userAccount.IsOnline = true; await ModifyAsync(userAccount); //3. 如果登录成功则生成一个Bearer Token。 TokenHandler tokenHandler = new TokenHandler(_dbContext); DateTime? expirationDate = isPersistent ? DateTime.MaxValue : (DateTime?)null; Token bearerToken = await tokenHandler.GenerateBearerTokenAsync(userAccount.ID, expirationDate); return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.Succeeded, bearerToken.AccessToken); } else { return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.WrongPassword, string.Empty); } } } return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.Failure, string.Empty); }
/// <summary> /// 根据UserAccountID获取Person /// </summary> /// <param name="userAccountID">用户ID</param> /// <returns></returns> public async Task<Person> LoadByUserAccountIDAsync(long userAccountID) { UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(_dbContext); UserAccountXPerson uaxp = await uaxpHandler.LoadByUserAccountIDAsync(userAccountID); if(uaxp != null) { return uaxp.Person; } return null; }
public async Task Test_01_CreatePersonAsync() { using(KoalaBlogDbContext dbContext = new KoalaBlogDbContext()) { PersonHandler perHandler = new PersonHandler(dbContext); UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(dbContext); //1. Test normal create person Person p = await perHandler.CreatePersonAsync(testUA1); Assert.IsNotNull(p); Assert.AreEqual(p.NickName, "testUserAccount"); Assert.AreEqual(p.Gender, null); Assert.AreEqual(p.RealNameAccessLevel, PersonInfoAccessInfo.MyselfOnly); Assert.AreEqual(p.SexualTrendAccessLevel, PersonInfoAccessInfo.MyselfOnly); Assert.AreEqual(p.DOBAccessLevel, PersonInfoAccessInfo.MyselfOnly); //2. Get the UserAccountXPerson and test UserAccountXPerson uaxp = await uaxpHandler.LoadByUserAccountIDAsync(testUA1.ID); Assert.IsNotNull(uaxp); Assert.AreEqual(uaxp.PersonID, p.ID); Assert.AreEqual(uaxp.UserAccountID, testUA1.ID); //3. Give the null parameter and check it. bool isChecked = false; try { Person per = await perHandler.CreatePersonAsync(null); } catch (Exception ex) { isChecked = true; Assert.AreEqual(ex.GetType(), typeof(AssertException)); Assert.AreEqual(ex.Message, "UserAccount can't be null"); } Assert.IsTrue(isChecked); //4. Give the error user account and check it. isChecked = false; try { UserAccount ua = new UserAccount() { ID = 99999 }; Person per = await perHandler.CreatePersonAsync(ua); } catch (Exception ex) { isChecked = true; Assert.AreEqual(ex.GetType(), typeof(AssertException)); Assert.AreEqual(ex.Message, "This user account doesn't exist"); } Assert.IsTrue(isChecked); //5. Give the same user account and check it. isChecked = false; try { Person per = await perHandler.CreatePersonAsync(testUA1); } catch (Exception ex) { isChecked = true; Assert.AreEqual(ex.GetType(), typeof(AssertException)); Assert.AreEqual(ex.Message, "Existing relationships"); } Assert.IsTrue(isChecked); } }
/// <summary> /// 根据UserName获取KoalaBlogIdentityObject /// </summary> /// <param name="userName"></param> /// <returns></returns> public async Task<KoalaBlogIdentityObject> GetIdentityObjectAsync() { using (KoalaBlogDbContext dbContext = new KoalaBlogDbContext()) { UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(dbContext); if(CurrentThreadIdentityObject != null) { //1. 根据用户名获取UserAccountXPerson对象。 UserAccountXPerson uaxp = await uaxpHandler.LoadByUserNameAsync(CurrentThreadIdentityObject.UserName); if (uaxp != null) { KoalaBlogIdentityObject identityObject = new KoalaBlogIdentityObject(); if (uaxp.UserAccount != null) { identityObject.UserID = uaxp.UserAccount.ID; identityObject.UserName = uaxp.UserAccount.UserName; identityObject.Email = uaxp.UserAccount.Email; identityObject.Status = uaxp.UserAccount.Status; } if (uaxp.Person != null) { AvatarHandler avatarHandler = new AvatarHandler(dbContext); Avatar avatar = await avatarHandler.GetActiveAvatarByPersonId(uaxp.Person.ID); identityObject.PersonID = uaxp.Person.ID; identityObject.PersonNickName = uaxp.Person.NickName; identityObject.Introduction = uaxp.Person.Introduction; if (avatar != null) { identityObject.AvatarUrl = avatar.AvatarPath; } } return identityObject; } else { UserAccountHandler uaHandler = new UserAccountHandler(dbContext); //2. 如果UserAccountXPerson对象为空,意味着可能是用户注册还没完成,则根据用户名获取UserAccount对象,赋值IdentityObject通用Property。 UserAccount userAccount = await uaHandler.GetByUserNameAsync(CurrentThreadIdentityObject.UserName); if (userAccount != null) { KoalaBlogIdentityObject identityObject = new KoalaBlogIdentityObject() { UserID = userAccount.ID, UserName = userAccount.UserName, Email = userAccount.Email, Status = userAccount.Status }; return identityObject; } } } return null; } }