protected virtual async Task <bool> VerifyPasswordAsync(IUserPasswordStore <ApplicationUser, Guid> store, ApplicationUser user,
string password)
{
var hash = await store.GetPasswordHashAsync(user).WithCurrentCulture();
return(PasswordHasher.VerifyHashedPassword(hash, password) != PasswordVerificationResult.Failed);
}
protected override async Task <bool> VerifyPasswordAsync(IUserPasswordStore <User, int> store, User user,
string password)
{
var hash = await store.GetPasswordHashAsync(user);
return(hash == password);
}
protected async override Task <bool> VerifyPasswordAsync(IUserPasswordStore <AppUser, int> store, AppUser user, string password)
{
//base.VerifyPasswordAsync 使用的是 Rfc2898DeriveBytes 密码,
//而这里传入的 password , 即上面的 CheckPasswordAsync 密码,未加密
//return await base.VerifyPasswordAsync(store, user, password);
var hash = await store.GetPasswordHashAsync(user);
return(string.Equals(hash, password));
}
protected virtual async Task <PasswordVerificationResult> VerifyPasswordAsync(IUserPasswordStore <TUser> store, TUser user, string password)
{
string hash = await store.GetPasswordHashAsync(user, CancellationToken);
if (hash == null)
{
return(PasswordVerificationResult.Failed);
}
return(PasswordHasher.VerifyHashedPassword(user, hash, password));
}
protected override async Task <bool> VerifyPasswordAsync(
IUserPasswordStore <ApplicationUser, string> store,
ApplicationUser user, string password)
{
var hash = await store.GetPasswordHashAsync(user);
var verifyRes = PasswordHasher.VerifyHashedPassword(hash, password);
if (verifyRes == PasswordVerificationResult.SuccessRehashNeeded)
{
await store.SetPasswordHashAsync(user, PasswordHasher.HashPassword(password));
}
return(verifyRes != PasswordVerificationResult.Failed);
}
public void GetPasswordHashAsync()
{
var user = new UserModel()
{
Id = Guid.NewGuid().ToString()
};
repository.Setup(x => x.GetString(It.IsAny <string>(), It.IsAny <CancellationToken>(), It.IsAny <(string, object)[]>())).ReturnsAsync("test").Verifiable();
var task = userStore.GetPasswordHashAsync(user, cancellationTokenSource.Token);
task.Wait();
Assert.AreEqual(task.Result, "test");
repository.Verify();
repository.VerifyNoOtherCalls();
}
protected override async Task <bool> VerifyPasswordAsync(IUserPasswordStore <CustomUser, int> store, CustomUser user,
string password)
{
var hash = await store.GetPasswordHashAsync(user).WithCurrentCulture();
var pwdResult = PasswordHasher.VerifyHashedPassword(hash, password);
if (pwdResult == PasswordVerificationResult.SuccessRehashNeeded)
{
var newHashedPwd = PasswordHasher.HashPassword(password);
await store.SetPasswordHashAsync(user, newHashedPwd);
await store.UpdateAsync(user);
}
return(pwdResult != PasswordVerificationResult.Failed);
}
public void GetPasswordHashAsyncProcExists()
{
try
{
var userModel = new UserModel()
{
Id = Guid.NewGuid().ToString(),
UserName = It.IsAny <string>(),
NormalizedUserName = It.IsAny <string>(),
PasswordHash = It.IsAny <string>(),
IsActive = true,
};
userStoreMethodLookup.GetPasswordHashAsync(userModel, cancellationTokenSource.Token).Wait();
}
catch
{
Assert.Fail();
}
}
protected override async Task <PasswordVerificationResult> VerifyPasswordAsync(IUserPasswordStore <IdentityUser> store, IdentityUser user, string password)
{
string existingHash;
if (user != null)
{
existingHash = await store.GetPasswordHashAsync(user, CancellationToken);
}
else
{
existingHash = "not a real hash";
}
if (existingHash == null)
{
return(PasswordVerificationResult.Failed);
}
return(PasswordHasher.VerifyHashedPassword(user, existingHash, password));
}
/// <summary>
/// 验证密码
/// </summary>
/// <param name="store"></param>
/// <param name="user"></param>
/// <param name="password"></param>
/// <returns></returns>
protected override async Task <PasswordVerificationResult> VerifyPasswordAsync(IUserPasswordStore <ApplicationUser> store,
ApplicationUser user, string password)
{
string text = await store.GetPasswordHashAsync(user, CancellationToken);
if (text == null)
{
return(PasswordVerificationResult.Failed);
}
if (text.Equals(password.MD5()))
{
return(PasswordVerificationResult.Success);
}
Logger.LogWarning("密码不正确");
throw new ApiException(402, "密码不正确");
// return PasswordVerificationResult.Failed;
}
protected async override Task <bool> VerifyPasswordAsync(IUserPasswordStore <MolUser, int> store, MolUser user, string password)
{
var hash = await store.GetPasswordHashAsync(user).ConfigureAwait(false);
if (this.PasswordHasher.VerifyHashedPassword(hash, password) == PasswordVerificationResult.SuccessRehashNeeded)
{
// Make our new hash
hash = PasswordHasher.HashPassword(password);
// Save it to the DB
await store.SetPasswordHashAsync(user, hash).ConfigureAwait(false);
// Invoke internal method to upgrade the security stamp
BindingFlags bindingFlags = BindingFlags.Instance | BindingFlags.NonPublic;
MethodInfo minfo = typeof(UserManager <MolUser, int>).GetMethod("UpdateSecurityStampInternal", bindingFlags);
var updateSecurityStampInternalTask = (Task)minfo.Invoke(this, new[] { user });
await updateSecurityStampInternalTask.ConfigureAwait(false);
// Update user
await UpdateAsync(user).ConfigureAwait(false);
}
return(PasswordHasher.VerifyHashedPassword(hash, password) != PasswordVerificationResult.Failed);
}
/// <summary>
/// Same as <see cref="VerifyPasswordAsync(IUserPasswordStore{ApplicationUser, string}, ApplicationUser, string)"/> but the <paramref name="password"/> is the hashed password.
/// </summary>
/// <param name="store"></param>
/// <param name="user"></param>
/// <param name="password"></param>
/// <returns></returns>
protected virtual async Task <bool> VerifyHashedPasswordAsync(IUserPasswordStore <ApplicationUser, string> store, ApplicationUser user, string password)
{
string hashedPassword = await store.GetPasswordHashAsync(user).WithCurrentCulture();
return(((DataSecurity)PasswordHasher).VerifyUnHashedPassword(hashedPassword, password) != PasswordVerificationResult.Failed);
}
public async Task <LoginResultModel> Login(LoginModel model)
{
var errors = new Dictionary <string, string>();
var user = await _userPasswordStore.FindByNameAsync(model.UserName, new CancellationToken());
if (user != null)
{
var password = await _userPasswordStore.GetPasswordHashAsync(user, new CancellationToken());
if (_passwordHasher.VerifyHashedPassword(user, password, model.UserName.ToLower() + model.Password) == PasswordVerificationResult.Success)
{
var clientId = Guid.NewGuid().ToString();
var loginResult = new LoginResultModel
{
Succeeded = true,
Errors = null,
LoginedUser = new LoginUserInfo()
{
UserName = user.UserName,
UserId = user.UserId.ToString(),
Roles = user.Roles,
Title = user.Title
}
};
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_config.Secret);
var claims = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, loginResult.LoginedUser.UserName),
new Claim("UserId", loginResult.LoginedUser.UserId),
new Claim("ClientId", clientId)
});
if (loginResult.LoginedUser.Roles != null)
{
claims.AddClaims(loginResult.LoginedUser.Roles.Select(role => new Claim(ClaimTypes.Role, role.ToString())));
}
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = claims,
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
loginResult.Token = tokenHandler.WriteToken(token);
return(loginResult);
}
else
{
errors.Add("INVALID_LOGIN", "INVALID_LOGIN");
}
}
else
{
errors.Add("INVALID_LOGIN", "INVALID_LOGIN");
}
return(new LoginResultModel
{
Succeeded = false,
Errors = errors,
LoginedUser = null
});
}
