예제 #1
0
        public IActionResult GetVerifycode(string phone)
        {
            if (!regex.IsMatch(phone))
            {
                return(BadRequest());
            }
            var user = _userRepository.FindByPhone(phone);

            if (user != null)
            {
                _smsSender.SendSmsAsync(user.phone, user.code);
                return(StatusCode(200));
            }
            else
            {
                return(BadRequest());
            }
        }
예제 #2
0
        //this is used to validate your user account with provided grant at /connect/token
        public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
        {
            try
            {
                await Task.Yield();

                //get your user model from db (by username - in my case its phone)
                var user = _userRepository.FindByPhone(context.UserName);
                if (user != null)
                {
                    if (!user.ifValidate)
                    {
                        context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "PhoneNotValidate");
                        return;
                    }
                    //check if password match
                    if (Crypto.VerifyHashedPassword(user.password, context.Password))
                    {
                        //set the result
                        context.Result = new GrantValidationResult(
                            subject: user.id.ToString(),
                            authenticationMethod: "custom");
                        //claims: GetUserClaims(user));
                        return;
                    }

                    context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "Incorrect password");
                    return;
                }
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "User does not exist.");
                return;
            }
            catch (Exception ex)
            {
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, ex.ToString());
            }
        }