public async Task <SysLoginResult <UserInfo> > LoginAuth(LoginUser model)
{
//验证并返回登录用户对象
SysLoginResult <UserInfo> resLoginUser = await _sysSignInManager.LoginAuth(ObjectMapper.Map <UserInfo>(model));
return(resLoginUser);
}
public async Task ValidateAsync(ExtensionGrantValidationContext context)
{
var userName = context.Request.Raw.GetValues("UserName")[0];
var password = context.Request.Raw.GetValues("Password")[0];
if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(password))
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidClient, "请提供授权账号与密码");
return;
}
//授权验证
SysLoginResult <UserInfo> resLoginUser = await _sysSignInManager.LoginAuth(new UserInfo()
{
UserCode = userName, Password = password
});
if (resLoginUser != null)
{
context.Result = new GrantValidationResult(
subject: resLoginUser.User.Id.ToString(), //用户唯一标识 ,用户id 用户表是int因此此处需要采用int类型
authenticationMethod: context.Request.GrantType, //描述自定义授权类型的认证方法
authTime: DateTime.Now, // 授权时间
claims: resLoginUser.Identity.Claims //授权凭证
);
}
else
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidClient, "账号 " + userName + " 未获取到有效授权");
}
}
public async Task <SysLoginResult <UserInfo> > LoginAuth(LoginUser model)
{
//验证并返回登录用户对象
SysLoginResult <UserInfo> resLoginUser = await _userInfoManager.LoginAuth(model.MapTo <UserInfo>());
return(resLoginUser);
}
/// <summary>
/// 验证登录用户
/// </summary>
/// <param name="context"></param>
public async Task <SysLoginResult <UserInfo> > LoginRequest(LoginUser model, string returnUrl)
{
//验证用户信息
SysLoginResult <UserInfo> result = await _userInfoAppService.LoginAuth(model);
//返回登录
return(result);
}
/// <summary>
/// 验证登录用户
/// </summary>
/// <param name="context"></param>
public override async Task <SysLoginResult <UserInfo> > LoginRequest(LoginUser model)
{
//重写还可以执行原有父类业务
//var resultData = await base.LoginRequest(model);
//验证用户信息
SysLoginResult <UserInfo> result = await _userInfoAppService.LoginAuth(model);
//返回登录
return(result);
}
public async Task SetAuthenticationProperties(LoginUser model, SysLoginResult <UserInfo> resLoginUser)
{
if (resLoginUser.Identity != null)
{
await _sysSignInManager.SignOutAndSignInAsync(resLoginUser.Identity, model.IsPersistent);
}
else
{
throw new UserFriendlyException(nameof(LoginResultType.AuthenticationRegistrationFailure));
}
}
/// <summary>
/// 对具体用户账号与密码进行授权
/// 客户端访问方式必须是"grant_type" = "password"
/// 通过客户端的context.UserName与context.Password获取客户端传递的用户验证信息
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
//var tenantId = context.Request.Query["tenantId"];
//此处只做简单判断验证,可以添加自定义的验证逻辑
if (string.IsNullOrEmpty(context.UserName))
{
context.SetError("未提供用户账号信息.");
context.Rejected();
return;
}
//password验证需要通过 UserName 以及 Password获取,因此需要重新添加到到clientId与clientSecret便于生成restoken
context.OwinContext.Set <string>("clientId", context.UserName);
context.OwinContext.Set <string>("clientSecret", context.Password);
#region 验证登录信息
//获取登录用户信息
UserInfo userModel = _userInfoRepository.GetUserInfoByUserCode(context.UserName);
//验证用户信息
if (userModel == null)
{
throw new UserFriendlyException(nameof(LoginResultType.InvalidUserNameOrEmailAddress), "用户账号无效!");
}
//未激活的用户不做登录
if (!userModel.IsActive)
{
throw new UserFriendlyException(nameof(LoginResultType.UserIsNotActive), "用户未激活!");
}
//验证登录的密码
var verificationResult = _userInfoManager.VerifyPassword(userModel.Password, context.Password);
if (!verificationResult)
{
throw new UserFriendlyException(nameof(LoginResultType.InvalidPassword), "用户密码无效!");
}
SysLoginResult <UserInfo> sysLoginResult = await _userInfoManager.CreateIdentityAsync(userModel);
#endregion
//设置登录验证成功后获取到的授权信息
var oAuthIdentity = new ClaimsIdentity(sysLoginResult.Identity);
//var oAuthIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
oAuthIdentity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
//授权安全令牌后,记录当前授权用户id 到安全令牌对象中
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{ "as:clientId", context.UserName }
});
//
var ticket = new AuthenticationTicket(oAuthIdentity, props);
context.Validated(ticket);
//return Task.FromResult<object>(null);
//return await base.GrantResourceOwnerCredentials(context);
}
public async Task <SysLoginResult <UserInfo> > VerifyAuthAndSignIn(LoginUser model)
{
//验证并返回登录用户对象
SysLoginResult <UserInfo> resLoginUser = await _userInfoManager.LoginAuth(model.MapTo <UserInfo>());
if (resLoginUser.Identity != null)
{
//注册登录凭证
SetAuthenticationProperties(model, resLoginUser);
}
return(resLoginUser);
}
public async Task <AuthenticateResultModel> Authenticate([FromBody] AuthenticateModel model)
{
//调用接口实现的登录验证
SysLoginResult <UserInfo> result = await _accounExtens.LoginRequest(new LoginUser()
{
UserCode = model.UserNameOrEmailAddress,
Password = model.Password
});
//创建token
return(CreateAccessTokenModel(result.Identity.Claims.ToList()));
}
public void SetAuthenticationProperties(LoginUser model, SysLoginResult <UserInfo> resLoginUser)
{
if (resLoginUser.Identity != null)
{
_authenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
//注册登录凭证
_authenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = model.IsPersistent
}, resLoginUser.Identity);
}
else
{
throw new UserFriendlyException(nameof(LoginResultType.AuthenticationRegistrationFailure));
}
}
public async Task <AjaxResponse> Authenticate(LoginUser model)
{
SysLoginResult <UserInfo> result = await _userInfoAppService.LoginAuth(model);
if (string.IsNullOrEmpty(model.UserNameCn))
{
_userInfoAppService.SetAuthenticationProperties(model, result);
}
var ticket = new AuthenticationTicket(result.Identity, new AuthenticationProperties());
var currentUtc = new SystemClock().UtcNow;
ticket.Properties.IssuedUtc = currentUtc;
ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromMinutes(ConstantConfig.WebApiExpires));
return(new AjaxResponse(OAuthBearerOptions.AccessTokenFormat.Protect(ticket)));
}
public async Task <JsonResult> LoginRequest(LoginUser model, string returnUrl)
{
if (string.IsNullOrWhiteSpace(returnUrl))
{
returnUrl = Request.ApplicationPath;
}
else
{
returnUrl = "/J_Home/Index/#/Views/J_Home/DesktopPage";
}
//登录验证
SysLoginResult <UserInfo> result = await _loginExtens.LoginRequest(model, returnUrl);
//注册用户信息
_userInfoAppService.SetAuthenticationProperties(model, result);
//
return(Json(new AjaxResponse()
{
TargetUrl = returnUrl
}));
}
//[IgnoreAntiforgeryToken]
public async Task <JsonResult> LoginRequest([FromBody] LoginUser model)
{
if (string.IsNullOrWhiteSpace(model.ReturnUrl))
{
model.ReturnUrl = GetAppHomeUrl();
}
//登录验证
//SysLoginResult<UserInfo> result = await _userInfoAppService.LoginAuth(model);
//调用接口实现的登录验证
SysLoginResult <UserInfo> result = await _accounExtens.LoginRequest(model);
//注册用户信息
await _userInfoAppService.SetAuthenticationProperties(model, result);
//
return(Json(new AjaxResponse()
{
TargetUrl = model.ReturnUrl
}));
}
