private TLoginSuccess ClientTryLoginAccess(ApplicationUser user, OAuthGrantResourceOwnerCredentialsContext oauthContext, EntityFrameworkContext efContext) { TLoginSuccess success = TLoginSuccess.Success; if (user.client_id.HasValue) { Dom.Client client = efContext.Clients.Find(user.client_id.Value); success = TryLoginAccess("client", client.accessStart, client.accessEnd, oauthContext); } return(success); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext oauthContext) { TLoginSuccess loginSuccess = TLoginSuccess.None; oauthContext.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); var userManager = oauthContext.OwinContext.GetUserManager <ApplicationUserManager>(); var username = Uri.UnescapeDataString(oauthContext.UserName); var password = Uri.UnescapeDataString(oauthContext.Password); ApplicationUser user = await userManager.FindAsync(username, password); if (user == null) { oauthContext.SetError("invalid_grant", "Der Benutzername oder das Kennwort ist falsch."); loginSuccess = TLoginSuccess.InvalidGrant; } else { using (EntityFrameworkContext efContext = new EntityFrameworkContext()) { loginSuccess = UserTryLoginAccess(user, oauthContext); if (loginSuccess == TLoginSuccess.Success) { loginSuccess = ClientTryLoginAccess(user, oauthContext, efContext); } WriteLoginLog(user, loginSuccess, efContext); efContext.SaveChanges(); } if (loginSuccess == TLoginSuccess.Success) { ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, OAuthDefaults.AuthenticationType); ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager, CookieAuthenticationDefaults.AuthenticationType); AuthenticationProperties properties = CreateProperties(user.UserName); AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties); oauthContext.Validated(ticket); oauthContext.Request.Context.Authentication.SignIn(cookiesIdentity); } } }
private void WriteLoginLog(ApplicationUser user, TLoginSuccess loginSuccess, EntityFrameworkContext efContext) { LogType logType; switch (loginSuccess) { case TLoginSuccess.Success: logType = LogType.Login; break; case TLoginSuccess.NoAccess: logType = LogType.LoginAttemptWithoutAccess; break; default: logType = LogType.LoginAttemptInvalidGrant; break; } var userLog = UserLog.Create(user, logType); efContext.UserLogs.Add(userLog); }