public async Task UserLoginAsync(UserLoginMessage message) { await Task.Delay(5000); await UserLoginLogManager.CreateAsync(message.MapTo(new UserLoginLogParameter())); await UnitOfWork.CommitAsync(); }
public async Task <IActionResult> Login(LoginViewModel model, string returnUrl = null) { //EnsureDatabaseCreated(_applicationDbContext); ViewData["ReturnUrl"] = returnUrl; if (ModelState.IsValid) { // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure : false); if (result.Succeeded) { var user = _applicationDbContext.Users.Where(a => a.Email == model.Email || a.UserName == model.Email).FirstOrDefault(); if (user != null) { if (user.IsDeleted) { return(View(model)); } await _userLoginLogManager.CreateAsync(new UserLoginLog { LoginTime = DateTime.Now, TrueName = user.TrueName, UserId = user.Id, UserName = user.UserName, OrganizationId = user.OrganizationId, LoginApplication = "网页登录", LoginIp = HttpContext.Connection.RemoteIpAddress.ToString(), }, CancellationToken.None); } return(RedirectToLocal(returnUrl)); } if (result.RequiresTwoFactor) { return(RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl, RememberMe = model.RememberMe })); } if (result.IsLockedOut) { return(View("Lockout")); } else { //ModelState.AddModelError(string.Empty, "Invalid login attempt."); ModelState.AddModelError("loginResult", "用户名或密码无效!"); return(View(model)); } } // If we got this far, something failed, redisplay form return(View(model)); }
public async Task <IActionResult> Exchange(OpenIdConnectRequest request) { Debug.Assert(request.IsTokenRequest(), "The OpenIddict binder for ASP.NET Core MVC is not registered. " + "Make sure services.AddOpenIddict().AddMvcBinders() is correctly called."); if (request.IsPasswordGrantType()) { var user = await _userManager.FindByNameAsync(request.Username); if (user == null) { return(BadRequest(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidGrant, ErrorDescription = "用户名或密码错误" })); } if (user.IsDeleted) { return(BadRequest(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidGrant, ErrorDescription = "用户名或密码错误" })); } // Validate the username/password parameters and ensure the account is not locked out. var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, lockoutOnFailure : true); if (!result.Succeeded) { return(BadRequest(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidGrant, ErrorDescription = "用户名或密码错误" })); } // Create a new authentication ticket. var ticket = await CreateTicketAsync(request, user); await _userLoginLogManager.CreateAsync(new UserLoginLog { LoginTime = DateTime.Now, TrueName = user.TrueName, UserId = user.Id, UserName = user.UserName, OrganizationId = user.OrganizationId, LoginApplication = request.ClientId, LoginIp = HttpContext.Connection.RemoteIpAddress.ToString(), }, CancellationToken.None); return(SignIn(ticket.Principal, ticket.Properties, ticket.AuthenticationScheme)); } else if (request.IsAuthorizationCodeGrantType() || request.IsRefreshTokenGrantType()) { // Retrieve the claims principal stored in the authorization code/refresh token. var info = await HttpContext.AuthenticateAsync(OpenIdConnectServerDefaults.AuthenticationScheme); // Retrieve the user profile corresponding to the authorization code/refresh token. // Note: if you want to automatically invalidate the authorization code/refresh token // when the user password/roles change, use the following line instead: // var user = _signInManager.ValidateSecurityStampAsync(info.Principal); var user = await _userManager.GetUserAsync(info.Principal); if (user == null) { return(BadRequest(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidGrant, ErrorDescription = "The token is no longer valid." })); } if (user.IsDeleted) { return(BadRequest(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidGrant, ErrorDescription = "The token is no longer valid." })); } // Ensure the user is still allowed to sign in. if (!await _signInManager.CanSignInAsync(user)) { return(BadRequest(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidGrant, ErrorDescription = "The user is no longer allowed to sign in." })); } // Create a new authentication ticket, but reuse the properties stored in the // authorization code/refresh token, including the scopes originally granted. var ticket = await CreateTicketAsync(request, user, info.Properties); await _userLoginLogManager.CreateAsync(new UserLoginLog { LoginTime = DateTime.Now, TrueName = user.TrueName, UserId = user.Id, UserName = user.UserName, OrganizationId = user.OrganizationId, LoginApplication = request.ClientId, LoginIp = HttpContext.Connection.RemoteIpAddress.ToString(), }, CancellationToken.None); return(SignIn(ticket.Principal, ticket.Properties, ticket.AuthenticationScheme)); } else if (request.GrantType == "openid") { var oid = request["openid"]; if (oid.HasValue) { string openId = oid.Value.Value.ToString(); string hasOpenid = _cache.GetString(openId); if (hasOpenid == "1") { _cache.Remove(oid.Value.Value.ToString()); } else { return(BadRequest(new OpenIdConnectResponse { Error = "illegal_request", ErrorDescription = "非法请求" })); } var user = _dbContext.Users.Where(x => x.WXOpenId == openId).FirstOrDefault(); if (user == null) { return(BadRequest(new OpenIdConnectResponse { Error = "login_error", ErrorDescription = "用户不存在" })); } if (user.IsDeleted) { return(BadRequest(new OpenIdConnectResponse { Error = "login_error", ErrorDescription = "用户不存在" })); } var ticket = await CreateTicketAsync(request, user); await _userLoginLogManager.CreateAsync(new UserLoginLog { LoginTime = DateTime.Now, TrueName = user.TrueName, UserId = user.Id, UserName = user.UserName, OrganizationId = user.OrganizationId, LoginApplication = request.ClientId, LoginIp = HttpContext.Connection.RemoteIpAddress.ToString(), }, CancellationToken.None); return(SignIn(ticket.Principal, ticket.Properties, ticket.AuthenticationScheme)); } } else if (request.IsClientCredentialsGrantType()) { var application = await _applicationManager.FindByClientIdAsync(request.ClientId, HttpContext.RequestAborted); if (application == null) { return(BadRequest(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidClient, ErrorDescription = "The client application was not found in the database." })); } // Create a new authentication ticket. var ticket = CreateApplicationTicket(request, application); return(SignIn(ticket.Principal, ticket.Properties, ticket.AuthenticationScheme)); } else if (request.GrantType == "face") { var faceImage = request["image"]; var username = request["username"]; if (faceImage.HasValue && username.HasValue) { string image = faceImage.Value.Value.ToString(); string uid = username.Value.Value.ToString(); BDFaceVerifyRequest faceRequest = new BDFaceVerifyRequest(); faceRequest.uid = uid; faceRequest.topNum = 1; faceRequest.image = image; var r = await restClient.Post <ResponseMessage <BDFaceVerifyResponse> >("/baidu/face/verify", faceRequest); if (r.IsSuccess() && r.Extension != null && r.Extension.result != null && r.Extension.result[0] >= 80) { var user = _dbContext.Users.Where(x => x.UserName.ToLower() == uid.ToLower()).FirstOrDefault(); if (user == null) { return(BadRequest(new OpenIdConnectResponse { Error = "login_error", ErrorDescription = "用户不存在" })); } if (user.IsDeleted) { return(BadRequest(new OpenIdConnectResponse { Error = "login_error", ErrorDescription = "用户不存在" })); } var ticket = await CreateTicketAsync(request, user); await _userLoginLogManager.CreateAsync(new UserLoginLog { LoginTime = DateTime.Now, TrueName = user.TrueName, UserId = user.Id, UserName = user.UserName, OrganizationId = user.OrganizationId, LoginApplication = request.ClientId, LoginIp = HttpContext.Connection.RemoteIpAddress.ToString() }, CancellationToken.None); return(SignIn(ticket.Principal, ticket.Properties, ticket.AuthenticationScheme)); } else { return(BadRequest(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidGrant, ErrorDescription = "人脸认证失败" })); } } } return(BadRequest(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.UnsupportedGrantType, ErrorDescription = "The specified grant type is not supported." })); }