public async Task <ActionResult> Login(LoginViewModel loginViewModel, string returnUrl) { if (ModelState.IsValid) { ViewBag.returnUrl = returnUrl; var user = _testUserStore.FindByUsername(loginViewModel.UserName); if (user == null) { ModelState.AddModelError(nameof(user.Username), "用户名不存在"); } else { bool result = _testUserStore.ValidateCredentials(loginViewModel.UserName, loginViewModel.Password); if (result) { var props = new AuthenticationProperties() { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(30) }; await HttpContext.SignInAsync(user.SubjectId, user.Username, props); return(RedirectToRoute(returnUrl)); } ModelState.AddModelError(nameof(user.Password), "密码错误"); } } return(View()); }
public async Task <ActionResult> Login(LoginInputModel model) { var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (ModelState.IsValid) { // validate username/password against in-memory store if (_users.ValidateCredentials(model.Username, model.Password)) { var user = _users.FindByUsername(model.Username); await _events.RaiseAsync(new UserLoginSuccessEvent(user.Username, user.SubjectId, user.Username)); // only set explicit expiration here if user chooses "remember me". // otherwise we rely upon expiration configured in cookie middleware. var props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromDays(30)) }; // issue authentication cookie with subject ID and username await HttpContext.SignInAsync(user.SubjectId, user.Username, props); if (context != null) { // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null return(Redirect(model.ReturnUrl)); } // request for a local page if (Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } else if (string.IsNullOrEmpty(model.ReturnUrl)) { return(Redirect("~/")); } else { // user might have clicked on a malicious link - should be logged throw new Exception("invalid return URL"); } } await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials")); ModelState.AddModelError("", "Invalid username or password"); } await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "SOMETHING WENT WRONG")); // something went wrong, show form with error var vm = await BuildLoginViewModelAsync(model); return(View(vm)); }
public async Task <IActionResult> Login(LoginViewModel Input, string returnUrl) { returnUrl = returnUrl ?? Url.Content("~/"); ViewBag.ReturnUrl = returnUrl; if (ModelState.IsValid) { var user = _testUserStore.FindByUsername(Input.UserName); if (user == null) { ModelState.AddModelError(nameof(Input.UserName), "user name not exists"); } else { if (!_testUserStore.ValidateCredentials(Input.UserName, Input.Password)) { ModelState.AddModelError(nameof(Input.Password), "invalid password"); } else { var props = new AuthenticationProperties() { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(30) }; await HttpContext.SignInAsync(user.SubjectId, user.Username, props); return(RedirectToLocal(returnUrl)); } } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true //var result = await _signInManager.PasswordSignInAsync(Input.UserName, Input.Password, Input.RememberMe, lockoutOnFailure: true); //if (result.Succeeded) //{ // _logger.LogInformation("User logged in."); // return LocalRedirect(returnUrl); //} //if (result.RequiresTwoFactor) //{ // return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe }); //} //if (result.IsLockedOut) //{ // _logger.LogWarning("User account locked out."); // return RedirectToPage("./Lockout"); //} //else //{ // ModelState.AddModelError(string.Empty, "Invalid login attempt."); // return Page(); //} } return(View()); }
public async Task <IActionResult> Login(LoginViewModel model, string returnUrl = null) { var context = await _interaction.GetAuthorizationContextAsync(returnUrl); if (ModelState.IsValid) { // validate username/password against in-memory store if (_users.ValidateCredentials(model.UserName, model.Password)) { var user = _users.FindByUsername(model.UserName); //(保存)认证信息字典 AuthenticationProperties props = new AuthenticationProperties { IsPersistent = true, //认证信息是否跨域有效 ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromMinutes(30)) //凭据有效时间 }; await Microsoft.AspNetCore.Http.AuthenticationManagerExtensions.SignInAsync( HttpContext, user.SubjectId, user.Username, props); if (context != null) { if (await _clientStore.IsPkceClientAsync(context.ClientId)) { // if the client is PKCE then we assume it's native, so this change in how to // return the response is for better UX for the end user. return(View("Redirect", new RedirectViewModel { RedirectUrl = returnUrl })); } // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null return(Redirect(returnUrl)); } // request for a local page if (Url.IsLocalUrl(returnUrl)) { return(Redirect(returnUrl)); } else if (string.IsNullOrEmpty(returnUrl)) { return(Redirect("~/")); } else { // user might have clicked on a malicious link - should be logged throw new Exception("invalid return URL"); } } ModelState.AddModelError(string.Empty, "errir"); } return(View(model)); }
public Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { if (_users.ValidateCredentials(context.UserName, context.Password)) { context.Result = new GrantValidationResult(_users.FindByUsername(context.UserName).SubjectId, "password", null, "local", null); return(Task.FromResult(context.Result)); } context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "The username and password do not match", null); return(Task.FromResult(context.Result)); }
public async Task <IActionResult> Login(LoginInputModel model, string button) { var context = await interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (ModelState.IsValid) { if (users.ValidateCredentials(model.Username, model.Password)) { var user = users.FindByUsername(model.Username); await events.RaiseAsync(new UserLoginSuccessEvent(user.Username, user.SubjectId, user.Username)); AuthenticationProperties props = null; if (model.RememberLogin) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.AddDays(1) }; } await HttpContext.SignInAsync(user.SubjectId, user.Username, props); if (context != null) { if (await clientStore.IsPkceClientAsync(context.ClientId)) { return(View("Redirect", new RedirectViewModel { RedirectUrl = model.ReturnUrl })); } return(Redirect(model.ReturnUrl)); } if (Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } if (string.IsNullOrEmpty(model.ReturnUrl)) { return(Redirect("~/")); } throw new Exception("invalid return URL"); } await events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials")); ModelState.AddModelError("", "Invalid username or password"); } var vm = await BuildLoginViewModelAsync(model); return(View(vm)); }
//[HttpPost] public async Task <IActionResult> DOSLogin([FromBody] LoginInputModel model) { Uri returnUri = new Uri(model.ReturnUrl); var context = await _interaction.GetAuthorizationContextAsync(returnUri.PathAndQuery); if (_users.ValidateCredentials(model.Username, model.Password)) { var user = _users.FindByUsername(model.Username); if (user != null && context != null) { await HttpContext.SignInAsync(user.SubjectId, user.Username); return(new JsonResult(new { RedirectUrl = returnUri.OriginalString })); } } return(Unauthorized()); }
public async Task <IActionResult> Login(LoginInputModel model, string button) { if (button != "login") { //用户点击取消按钮 var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (context != null) { //返回拒絕授权 await _interaction.GrantConsentAsync(context, ConsentResponse.Denied); //返回到回调页面 return(Redirect(model.ReturnUrl)); } else { return(Redirect("~/")); } } if (ModelState.IsValid) { if (_users.ValidateCredentials(model.Username, model.Password)) { var user = _users.FindByUsername(model.Username); await _events.RaiseAsync(new UserLoginSuccessEvent(user.Username, user.SubjectId, user.Username)); AuthenticationProperties props = null; if (AccountOptions.AllowRememberLogin && model.RememberLogin) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTime.UtcNow.Add(AccountOptions.RememberMeLoginDuration) }; } await HttpContext.SignInAsync(user.SubjectId, user.Username, props); if (_interaction.IsValidReturnUrl(model.ReturnUrl) || Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } return(Redirect("~/")); } await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials")); ModelState.AddModelError("", AccountOptions.InvalidCredentialsErrorMessage); } var vm = BuildLoginViewModelAsync(model); return(View(vm)); }
/// <summary> /// Validates the resource owner password credential /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { if (_users.ValidateCredentials(context.UserName, context.Password)) { var user = _users.FindByUsername(context.UserName); context.Result = new GrantValidationResult( user.SubjectId ?? throw new ArgumentException("Subject ID not set", nameof(user.SubjectId)), OidcConstants.AuthenticationMethods.Password, _clock.UtcNow.UtcDateTime, user.Claims); } return(Task.CompletedTask); }
public async Task <IActionResult> Login(LoginViewModel loginViewModel, string returnUrl) { //if (ModelState.IsValid) //{ // ViewData["ReturnUrl"] = returnUrl; // var user = await _userManager.FindByEmailAsync(loginViewModel.Email); // if (user == null) // { // ModelState.AddModelError(nameof(loginViewModel.Email), "Email not exists"); // } // else // { // await _signInManager.SignInAsync(user, new AuthenticationProperties { IsPersistent = true }); // return RedirectToLoacl(returnUrl); // } //} if (ModelState.IsValid) { ViewData["ReturnUrl"] = returnUrl; var user = _users.FindByUsername(loginViewModel.UserName); if (user == null) { ModelState.AddModelError(nameof(loginViewModel.UserName), "UserName not Exist"); } else { if (_users.ValidateCredentials(loginViewModel.UserName, loginViewModel.Password)) { var props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromMinutes(30)) }; await Microsoft.AspNetCore.Http.AuthenticationManagerExtensions.SignInAsync( HttpContext, user.SubjectId, user.Username, props ); return(RedirectToLoacl(returnUrl)); } ModelState.AddModelError(nameof(loginViewModel.Password), "Wrong Password"); } } return(View()); }
public async Task <IActionResult> Login(LoginInputModel model, string button) { var context = await interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (ModelState.IsValid) { if (users.ValidateCredentials(model.Username, model.Password)) { var user = users.FindByUsername(model.Username); await events.RaiseAsync(new UserLoginSuccessEvent(user.Username, user.SubjectId, user.Username, clientId : context?.Client.ClientId)); var isuser = new IdentityServerUser(user.SubjectId) { DisplayName = user.Username }; await HttpContext.SignInAsync(isuser); if (context != null) { if (context.IsNativeClient()) { return(this.LoadingPage("Redirect", model.ReturnUrl)); } return(Redirect(model.ReturnUrl)); } if (Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } if (string.IsNullOrEmpty(model.ReturnUrl)) { return(Redirect("~/")); } throw new Exception("invalid return URL"); } await events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials", clientId : context?.Client.ClientId)); ModelState.AddModelError(string.Empty, "Invalid username or password"); } var vm = await BuildLoginViewModelAsync(model); return(View(vm)); }
public async Task <IActionResult> Login(LoginInputModel model) { if (ModelState.IsValid) { // validate username/password against in-memory store if (_users.ValidateCredentials(model.Username, model.Password)) { AuthenticationProperties props = null; // only set explicit expiration here if persistent. // otherwise we reply upon expiration configured in cookie middleware. if (AccountOptions.AllowRememberLogin && model.RememberLogin) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration) }; } ; // issue authentication cookie with subject ID and username var user = _users.FindByUsername(model.Username); //get the client id from the auth context var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); await _userLoginManager.UserLogin("test", user.SubjectId, user.Claims.ToList(), context?.ClientId); await _events.RaiseAsync(new UserLoginSuccessEvent(user.Username, user.SubjectId, user.Username)); await HttpContext.Authentication.SignInAsync(user.SubjectId, user.Username, props); // make sure the returnUrl is still valid, and if yes - redirect back to authorize endpoint or a local page if (_interaction.IsValidReturnUrl(model.ReturnUrl) || Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } return(Redirect("~/")); } await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials")); ModelState.AddModelError("", AccountOptions.InvalidCredentialsErrorMessage); } // something went wrong, show form with error var vm = await _accountService.BuildLoginViewModelAsync(model); return(View(vm)); }
public async Task <IActionResult> OnPostAsync(string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/"); if (ModelState.IsValid) { // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true //var result = await _signInManager.PasswordSignInAsync(Input.UserName, Input.Password, Input.RememberMe, lockoutOnFailure: true); var testUser = _testUserStore.FindByUsername(Input.UserName); if (testUser == null) { ModelState.AddModelError(nameof(Input.UserName), "user not exists"); } var result = _testUserStore.ValidateCredentials(Input.UserName, Input.Password); if (result) { _logger.LogInformation("User logged in."); var props = new Microsoft.AspNetCore.Authentication.AuthenticationProperties() { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(30) }; await HttpContext.SignInAsync(testUser.SubjectId, props); return(LocalRedirect(returnUrl)); //return Redirect(returnUrl); } //if (result.RequiresTwoFactor) //{ // return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe }); //} //if (result.IsLockedOut) //{ // _logger.LogWarning("User account locked out."); // return RedirectToPage("./Lockout"); //} else { ModelState.AddModelError(string.Empty, "Invalid login attempt."); return(Page()); } } // If we got this far, something failed, redisplay form return(Page()); }
public async Task <IActionResult> Login([FromBody] LoginInputModel model) { var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (ModelState.IsValid) { // validate username/password against in-memory store if (_users.ValidateCredentials(model.Username, model.Password)) { var user = _users.FindByUsername(model.Username); await _events.RaiseAsync(new UserLoginSuccessEvent(user.Username, user.SubjectId, user.Username, clientId : context?.ClientId)); AuthenticationProperties props = null; if (AccountOptions.AllowRememberLogin && model.RememberLogin) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration) }; } ; await HttpContext.SignInAsync(user.SubjectId, user.Username, props); if (context != null) { return(Redirect(model.ReturnUrl)); } if (Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } else if (string.IsNullOrEmpty(model.ReturnUrl)) { return(Redirect("~/")); } else { return(Redirect("/")); } } await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials", clientId : context?.ClientId)); ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage); } return(Ok()); }
public async Task <IActionResult> Login([FromForm] LoginViewModel viewModel) { if (!_userStore.ValidateCredentials(viewModel.Username, viewModel.Password)) { ModelState.AddModelError("", "Invalid username or password"); viewModel.Password = string.Empty; return(View("/AuthServer/Views/Login.cshtml", viewModel)); } // Use an IdentityServer-compatible ClaimsPrincipal var principal = IdentityServerPrincipal.Create(viewModel.Username, viewModel.Username); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal); return(Redirect(viewModel.ReturnUrl)); }
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { if (_userService.ValidateCredentials(context.UserName, context.Password)) { TestUser user = _userService.FindByUsername(context.UserName); context.Result = new GrantValidationResult( subject: user.SubjectId, authenticationMethod: "custom" //claims: user.Claims ); } else { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "invalid custom credential"); } }
public async Task <IActionResult> Index(LoginViewModel vm) { var validCredentials = _userStore.ValidateCredentials(vm.Username, vm.Password); if (!validCredentials) { ModelState.AddModelError("InvalidCredentials", "Invalid Credentials"); return(View(vm)); } var user = _userStore.FindByUsername(vm.Username); await HttpContext.SignInAsync(user.SubjectId, vm.Username); return(Redirect(vm.ReturnUrl)); }
public async Task <IActionResult> Login(LoginInputModel model) { // check if we are in the context of an authorization request var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (ModelState.IsValid) { // validate username/password against in-memory store if (_users.ValidateCredentials(model.Username, model.Password)) { var user = _users.FindByUsername(model.Username); await _events.RaiseAsync(new UserLoginSuccessEvent(user.Username, user.SubjectId, user.Username)); // only set explicit expiration here if user chooses "remember me". // otherwise we rely upon expiration configured in cookie middleware. AuthenticationProperties props = null; // issue authentication cookie with subject ID and username await HttpContext.SignInAsync(user.SubjectId, user.Username, props); if (context != null) { // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null return(Redirect(model.ReturnUrl)); } else if (string.IsNullOrEmpty(model.ReturnUrl)) { return(Redirect("~/")); } else { // user might have clicked on a malicious link - should be logged throw new Exception("invalid return URL"); } } await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials")); ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage); } // something went wrong, show form with error var vm = await BuildLoginViewModelAsync(model); return(View(vm)); }
public async Task <IActionResult> Login(LoginInputModel model) { if (model == null) { throw new ArgumentNullException(nameof(model)); } if (!InteractionService.IsValidReturnUrl(model.ReturnUrl)) { throw new InvalidOperationException($"The url of '{model.ReturnUrl}' is not a valid return url."); } if (ModelState.IsValid) { if (TestUserStore.ValidateCredentials(model.Username, model.Password)) { var expiry = DateTimeOffset.UtcNow.Add(AuthorizationOptions.RefreshTokenLifetime); var props = model.RememberLogin ? new AuthenticationProperties { ExpiresUtc = expiry, IsPersistent = true } : null; var user = TestUserStore.FindByUsername(model.Username); await HttpContext.Authentication.SignInAsync(user.SubjectId, user.Username, props); return(Redirect(model.ReturnUrl)); } ModelState.AddModelError(string.Empty, "Invalid username or password"); } var authorizationContext = await InteractionService.GetAuthorizationContextAsync(model.ReturnUrl); var externalProviders = await GetProvidersAsync(authorizationContext); var viewModel = new LoginViewModel { Username = model.Username, Password = model.Password, RememberLogin = model.RememberLogin, ReturnUrl = model.ReturnUrl, ExternalProviders = externalProviders }; return(View(nameof(Login), viewModel)); }
public async Task <IActionResult> Login(LoginInputModel model) { if (ModelState.IsValid) { if (_users.ValidateCredentials(model.Username, model.Password)) { var user = _users.FindByUsername(model.Username); await HttpContext.Authentication.SignInAsync(user.SubjectId, user.Username); if (_interaction.IsValidReturnUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } } } return(Redirect("~/")); }
public async Task <IActionResult> Login(LoginInputModel model) { if (ModelState.IsValid) { // validate username/password against in-memory stores var usuarioOk = _users.ValidateCredentials(model.Username, model.Password); if (usuarioOk) { AuthenticationProperties props = null; // only set explicit expiration here if persistent. // otherwise we reply upon expiration configured in cookie middleware. if (AccountOptions.AllowRememberLogin && model.RememberLogin) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration) }; } ; // issue authentication cookie with subject ID and username var user = _users.FindByUsername(model.Username); await HttpContext.Authentication.SignInAsync(user.SubjectId, user.Username, props); // make sure the returnUrl is still valid, and if yes - redirect back to authorize endpoint if (_interaction.IsValidReturnUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } return(Redirect("~/")); } ModelState.AddModelError("", AccountOptions.InvalidCredentialsErrorMessage); } // something went wrong, show form with error var vm = await _account.BuildLoginViewModelAsync(model); return(View(vm)); }
/// <summary> /// 验证 /// </summary> /// <param name="context"></param> /// <returns></returns> public Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { if (context.UserName == "monster" && context.Password == "123456") { context.Result = new GrantValidationResult( "1", OidcConstants.AuthenticationMethods.Password, _clock.UtcNow.UtcDateTime, new Claim[0]); } else { //验证失败 context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "invalid custom credential"); } return(Task.CompletedTask); //此处使用context.UserName, context.Password 用户名和密码来与数据库的数据做校验 if (_users.ValidateCredentials(context.UserName, context.Password)) { var user = _users.FindByUsername(context.UserName); //验证通过返回结果 //subjectId 为用户唯一标识 一般为用户id //authenticationMethod 描述自定义授权类型的认证方法 //authTime 授权时间 //claims 需要返回的用户身份信息单元 此处应该根据我们从数据库读取到的用户信息 添加Claims 如果是从数据库中读取角色信息,那么我们应该在此处添加 context.Result = new GrantValidationResult( user.SubjectId ?? throw new ArgumentException("Subject ID not set", nameof(user.SubjectId)), OidcConstants.AuthenticationMethods.Password, _clock.UtcNow.UtcDateTime, user.Claims); } else { //验证失败 context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "invalid custom credential"); } return(Task.CompletedTask); }
public async Task <IActionResult> Login(LoginInputModel model, string button) { if (button == "cancel") { return(Redirect(model.ReturnUrl)); } if (ModelState.IsValid) { if (_users.ValidateCredentials(model.Username, model.Password)) { var user = _users.FindByUsername(model.Username); AuthenticationProperties props = null; if (model.RememberLogin) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration) }; } ; var isuser = new IdentityServerUser(user.SubjectId) { DisplayName = user.Username }; await HttpContext.SignInAsync(isuser, props); return(Redirect(model.ReturnUrl)); } ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage); } var vm = await BuildLoginViewModelAsync(model); return(View(vm)); }
public IActionResult Login(string username, string password, string ReturnUrl = "") { //User user = UserMock.FindUser(username, password);//这里写自己的认证逻辑 //var claimIdentity = new ClaimsIdentity("Cookie"); //claimIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())); //claimIdentity.AddClaim(new Claim(ClaimTypes.Name, user.Name)); //claimIdentity.AddClaim(new Claim(ClaimTypes.Email, user.Email)); //claimIdentity.AddClaim(new Claim(ClaimTypes.Role, user.Role)); //var claimsPrincipal = new ClaimsPrincipal(claimIdentity); //// 在Startup注册AddAuthentication时,指定了默认的Scheme,在这里便可以不再指定Scheme。 //base.HttpContext.SignInAsync(claimsPrincipal).Wait(); //SignInAsync 登入 //if (!string.IsNullOrEmpty(ReturnUrl)) return Redirect(ReturnUrl); TestUser user = _users.FindByUsername(username); if (user == null) { ModelState.AddModelError(nameof(username), "username is not exist"); } else { if (_users.ValidateCredentials(username, password)) { var props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromMinutes(30)) }; //HttpContext.SignInAsync(user.SubjectId, user.Username, props); Microsoft.AspNetCore.Http.AuthenticationManagerExtensions.SignInAsync(base.HttpContext, user.SubjectId, user.Username, props); return(Redirect(ReturnUrl)); } ModelState.AddModelError(nameof(password), "wrong password"); } return(View()); }
public async Task <IActionResult> Login(LoginInputModel model, string button) { // check if we are in the context of an authorization request var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (ModelState.IsValid) { // validate username/password against in-memory store if (_users.ValidateCredentials(model.Username, model.Password)) { var user = _users.FindByUsername(model.Username); await _events.RaiseAsync(new UserLoginSuccessEvent(user.Username, user.SubjectId, user.Username, clientId : context?.Client.ClientId)); AuthenticationProperties props = null; if (AccountOptions.AllowRememberLogin && model.RememberLogin) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration) }; } ; var isuser = new IdentityServerUser(user.SubjectId) { DisplayName = user.Username }; await HttpContext.SignInAsync(isuser, props); return(Redirect(model.ReturnUrl)); } await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials", clientId : context?.Client.ClientId)); ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage); } var vm = await BuildLoginViewModelAsync(model); return(View(vm)); }
/// <summary> /// 验证 /// </summary> /// <param name="context"></param> /// <returns></returns> public Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { List <TestUser> userList = new List <TestUser>() { new TestUser() { SubjectId = "1", Password = "******", Username = "******" } }; TestUserStore userStore = new TestUserStore(userList); //此处使用context.UserName, context.Password 用户名和密码来与数据库的数据做校验 if (userStore.ValidateCredentials(context.UserName, context.Password)) { var user = userStore.FindByUsername(context.UserName); var resultClaims = new List <Claim> { new Claim("测试1", "测试1"), new Claim("测试2", "测试2"), new Claim("测试3", "测试3"), new Claim("测试4", "测试4") }; resultClaims.AddRange(user.Claims); //验证通过返回结果 //subjectId 为用户唯一标识 一般为用户id //authenticationMethod 描述自定义授权类型的认证方法 //authTime 授权时间 //claims 需要返回的用户身份信息单元 此处应该根据我们从数据库读取到的用户信息 添加Claims 如果是从数据库中读取角色信息,那么我们应该在此处添加 context.Result = new GrantValidationResult( user.SubjectId ?? throw new ArgumentException("Subject ID not set", nameof(user.SubjectId)), OidcConstants.AuthenticationMethods.Password, _clock.UtcNow.UtcDateTime, resultClaims); } else { //验证失败 context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "invalid custom credential"); } return(Task.CompletedTask); }
public async Task <IActionResult> Login(LoginFormModel form) { if (ModelState.IsValid == false) { return(View(new LoginViewModel(form) { ExternalLoginList = await GetExternalLoginViewModels(form.ResumeUrl) })); } if (_userStore.ValidateCredentials(form.UserName, form.Password)) { var user = _userStore.FindByUsername(form.UserName); var properties = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.AddHours(1) }; var isuser = new IdentityServerUser(user.SubjectId) { DisplayName = user.Username }; await HttpContext.SignInAsync(isuser, properties); if (_idsInteraction.IsValidReturnUrl(form.ResumeUrl) || Url.IsLocalUrl(form.ResumeUrl)) { return(Redirect(form.ResumeUrl)); } return(Redirect("~/")); } else { ViewBag.Error = "invalid username or password."; return(View(new LoginViewModel(form) { ExternalLoginList = await GetExternalLoginViewModels(form.ResumeUrl) })); } }
public async Task <IActionResult> Login(LoginViewModel loginViewModel, string returnUrl = null) { if (ModelState.IsValid) { ViewData["returnUrl"] = returnUrl; //var user = await _userManager.FindByEmailAsync(loginViewModel.Email); var user = _users.FindByUsername(loginViewModel.UserName); if (user == null) { ModelState.AddModelError(nameof(loginViewModel.UserName), "UserName not exists"); } else { if (_users.ValidateCredentials(loginViewModel.UserName, loginViewModel.Password)) { // issue authentication cookie with subject ID and username var isuser = new IdentityServerUser(user.SubjectId) { DisplayName = user.Username, }; //是否记住 var prop = new AuthenticationProperties() { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromMinutes(30)) }; // 也可以用这个 HttpContext.SignInAsync(); await AuthenticationManagerExtensions.SignInAsync(HttpContext, isuser, prop); } } //账号密码先不做验证,需要可以自己写 //await _signInManager.SignInAsync(user, new AuthenticationProperties { IsPersistent = true }); return(RedirectToLocal(returnUrl)); } return(View()); }
public async Task <IActionResult> Login(LoginInputModel model) { //当登录提交给后台的model为null,则返回错误信息给前台 if (model == null) { //这里我只是简单处理了 return(View()); } //这里同理,当信息不完整的时候,返回错误信息给前台 if (string.IsNullOrEmpty(model.Username) || string.IsNullOrEmpty(model.Password)) { //这里只是简单处理了 return(View()); } //model.Username == "123" && model.Password == "123456" //if里面的是验证账号密码,可以用自定义的验证, //我这里使用的是TestUserStore的的验证方法, if (_users.FindByUsername(model.Username) != null && _users.ValidateCredentials(model.Username, model.Password)) { //配置Cookie AuthenticationProperties properties = new AuthenticationProperties() { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromMinutes(30)) }; //使用IdentityServer的SignInAsync来进行注册Cookie await HttpContext.SignInAsync(model.Username, model.Username); //使用IIdentityServerInteractionService的IsValidReturnUrl来验证ReturnUrl是否有问题 if (_interaction.IsValidReturnUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } return(View()); } return(View()); }
public string Login() { var u = _user.FindByUsername("niq"); if (u == null) { return "用户名为空"; } if(_user.ValidateCredentials("niq", "pwd")) { //Microsoft.AspNetCore.Authentication.AuthenticationHttpContextExtensions.SignInAsync(HttpContext,"",) var pr = new AuthenticationProperties { IsPersistent = true, ExpiresUtc=DateTimeOffset.UtcNow.Add(TimeSpan.FromMinutes(30)) }; Microsoft.AspNetCore.Http.AuthenticationManagerExtensions.SignInAsync(HttpContext, "900", "niq", pr); return "succes11"; } return "succes"; }