예제 #1
0
        public void TestUserPassword()
        {
            var password = Guid.NewGuid().Shrink();
            var userID = new Random().Next(4, 10);
            var email = "email" + userID + "@11.com";

            var user = IoC.Resolve<IUserRepository>().FindById<User>(userID);
            var lastVerifyAt = user.Membership.LastPasswordVerifyAt;
            var lastVerifyFailAt = user.Membership.LastPasswordFailureAt;

            Assert.NotNull(user);

            var loginCmdRight = new UserLogin(email, userID.ToString(), "192.168.0.6");
            var loginCmdError = new UserLogin(email, userID.ToString() + "1", "192.168.0.6");

            var exception = Assert.Throws<CommandExecutionException>(delegate
                         {
                             this.commandBus.Send(loginCmdError);
                         });

            Assert.Equal(exception.ErrorCode, (int)ErrorCode.LoginNameOrPasswordError);

            user = IoC.Resolve<IUserRepository>().FindById<User>(userID);

            Assert.DoesNotThrow(delegate
            {
                this.commandBus.Send(loginCmdRight);
            });

            var savedUser = IoC.Resolve<IUserRepository>().FindById<User>(userID);

            Assert.NotEqual(lastVerifyFailAt, savedUser.Membership.LastPasswordFailureAt);
            Assert.NotEqual(lastVerifyAt, savedUser.Membership.LastPasswordVerifyAt);

            var newpassword = Guid.NewGuid().Shrink();
            var ga_otp = savedUser.GoogleAuthentication == null ? string.Empty : Utilities.GenerateGoogleAuthOTP(savedUser.GoogleAuthentication.OTPSecret);
            var sms_otp = savedUser.SmsAuthentication == null ? string.Empty : Utilities.GenerateSmsOTP(savedUser.SmsAuthentication.OTPSecret, savedUser.SmsAuthentication.SmsCounter);
            var modifyPassword = new UserModifyPassword(userID, user.ID.ToString(), newpassword);

            Assert.DoesNotThrow(delegate
            {
                this.commandBus.Send(modifyPassword);
            });

            var loginCmdAfterModifyPassword = new UserLogin(email, newpassword, "192.168.0.6");

            Assert.DoesNotThrow(delegate
            {
                this.commandBus.Send(loginCmdAfterModifyPassword);
            });
        }
예제 #2
0
        public void TestUserRegisterAndLogin()
        {
            var password = Guid.NewGuid().Shrink();
            var email = "test" + password.GetHashCode() + "@mytest.com";
            //var rippleAddress = "test" + password.GetHashCode() + "@mytest.com";
            //var rippleSecret = "test" + password.GetHashCode() + "@mytest.com";

            var cmd = new UserRegister(Guid.NewGuid().Shrink(), email, password, password, 8, "asdjlfjadljflasdjflsjdf");
            Assert.DoesNotThrow(delegate
            {
                this.commandBus.Send(cmd);
            });

            var savedUser = IoC.Resolve<IUserRepository>().FindByEmail(email);

            Assert.NotNull(savedUser);
            Assert.Equal(savedUser.Email, email);
            Assert.True(savedUser.ID > 0);
            Assert.Null(savedUser.GoogleAuthentication);
            Assert.Null(savedUser.SmsAuthentication);

            var loginCmd = new UserLogin(email, password, "192.168.0.6");

            Assert.DoesNotThrow(delegate
            {
                this.commandBus.Send(loginCmd);
            });
        }
예제 #3
0
        public ActionResult Login(string account, string password, string returnUrl)
        {
            account = account.NullSafe().Trim();
            var key = account + this.GetUserIPAddress();
            var retryCount = Cache.Get<int>(key);
            var result = FCJsonResult.CreateFailResult(Language.LangHelpers.Lang("Unknow Exception,Please refresh the page and try again"));
            //记录重试次数,并返回剩余可重试次数的函数
            Func<string, int, FCJsonResult> RetryCountIncrease = (_key, _retryCount) =>
            {
                Cache.Add(_key, _retryCount + 1, new TimeSpan(2, 0, 0));

                var leaveRetryCount = 5 - _retryCount;
                var errorMsg = Language.LangHelpers.Lang("Invalid username / password. Please try again.You still have {0} chances").FormatWith(leaveRetryCount);
                return FCJsonResult.CreateFailResult(errorMsg);
            };

            if (retryCount > 5)
            {
                var errorMsg = Language.LangHelpers.Lang("Login too frequently,Please try again 2 hours later.");
                result = FCJsonResult.CreateFailResult(errorMsg);
            }
            else
            {
                if (string.IsNullOrEmpty(account) || string.IsNullOrEmpty(password))
                {
                    result = RetryCountIncrease(key, retryCount);
                }
                else
                {
                    try
                    {
                        var cmd = new UserLogin(account, password, this.GetUserIPAddress());
                        this.CommandBus.Send(cmd);
                        var repos = IoC.Resolve<IUserQuery>();
                        //执行成功后,读取用户的信息,保存至Session
                        LoginUser loginUser;

                        if (account.IsEmail())
                            loginUser = repos.GetUserByEmail(account);
                        else
                            loginUser = repos.GetUserByLoginName(account);

                        if (loginUser.IsManager || loginUser.IsLocked)
                        {
                            result = RetryCountIncrease(key, retryCount);
                        }
                        else
                        {
                            //暂存用户信息
                            var verifyHash = KeepCurrentUserInfoInTmpAndReturnHash(loginUser);
                            //判断用户是否开了双重身份验证
                            var code = 1 | (loginUser.IsOpenLoginGA ? 2 : 0) | (loginUser.IsOpenLoginSMS ? 4 : 0);
                            //移除登录失败统计
                            Cache.Remove(key);

                            if (code > 1)
                            {
                                return Json(new { Code = 2, ReturnUrl = returnUrl.NullSafe(), Hash = verifyHash });
                            }
                            else
                            {
                                this.CurrentUserPassTwoFactoryVerify();
                                return Json(new { Code = 1, ReturnUrl = returnUrl.NullSafe() });
                            }
                        }
                    }
                    catch (CommandExecutionException ex)
                    {
                        if (ex.ErrorCode == (int)ErrorCode.LoginNameOrPasswordError)
                        {
                            result = RetryCountIncrease(key, retryCount);
                        }
                    }
                }
            }
            return Json(result);
        }