Exemplo n.º 1
0
        public IActionResult GetValidateCode()
        {
            var vc = ValidateCodeHelper.GetValidateCode();

            HttpContext.Session.SetString("validateCode", vc.ValidateNum.ToLower());
            byte[] bs = vc.ImgStream;
            return(File(bs, @"image/Png"));
        }
Exemplo n.º 2
0
        public ActionResult Index(string path, int width, int height)
        {
            var code = ValidateCodeHelper.GetValidateCode(4);

            Session["vcode_" + path] = code.ToLower();
            var image  = ValidateCodeHelper.CreateValidateImage(code);
            var stream = new MemoryStream();

            image.Save(stream, ImageFormat.Jpeg);
            image.Dispose();
            stream.Position = 0;
            return(File(stream, "image/jpeg", "verifyCode.jpg"));
        }
Exemplo n.º 3
0
        public ActionResult Login(string name, string password, string validateCode = null)
        {
            //是否是安全IP地址
            var  currentIp = HttpContext.Connection.RemoteIpAddress.ToString();
            bool isSafeIp  = _projectSetting.Value.SafeIPAddress.Split(",").Any(c => c == currentIp);

            if (!isSafeIp)
            {
                if (string.IsNullOrEmpty(validateCode))
                {
                    return(ErrorJsonResult("请输入验证码"));
                }
                string code = HttpContext.Session.GetString("validateCode");
                if (code != validateCode.ToLower())
                {
                    return(ErrorJsonResult("验证码错误"));
                }
                //更新验证码
                HttpContext.Session.SetString("validateCode", ValidateCodeHelper.GetValidateCode().ValidateNum.ToLower());
            }
            var sr = _accountService.Login(name, password);

            if (!sr.IsSucceed)
            {
                return(ErrorJsonResult(sr.Message));
            }
            string cookieKey = _projectSetting.Value.CookieKey;
            //每一个登录用户生成不同的cookie
            string cookieValue = BitConverter.ToInt64(Guid.NewGuid().ToByteArray()).ToString();

            //写入cookie
            HttpContext.Response.Cookies.Append(cookieKey, cookieValue, new CookieOptions
            {
                Expires  = DateTime.Now.AddMinutes(_projectSetting.Value.SessionTimeOut),
                HttpOnly = true
            });
            //当前登录用户
            var currentSysUser = new CurrentSysUser()
            {
                UserID    = sr.Data.UserID,
                LoginName = sr.Data.LoginName,
                UserName  = sr.Data.UserName
            };
            var menuList = _accountService.GetMenuList(currentSysUser.UserID).Data;

            currentSysUser.MenuList = menuList.Select(s => new CurrentSysUserMenu()
            {
                ID       = s.MenuID,
                Name     = s.MenuName,
                URL      = s.URL,
                ParentID = s.ParentID,
                Icon     = s.Icon,
                Sort     = s.Sort
            }).ToList();
            //将用户权限以cookieValue为键写入cache
            string userCacheKey = GetCacheKey(cookieValue);

            //滑动方式添加缓存
            _cacheManager.Add(userCacheKey, currentSysUser, new TimeSpan(0, _projectSetting.Value.SessionTimeOut, 0), true);

            return(SuccessJsonResult());
        }
Exemplo n.º 4
0
        public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
        {
            IHttpContextAccessor httpContextAccessor = IocManager.Instance.Resolve <IHttpContextAccessor>();
            string             recvValidateCode      = httpContextAccessor.HttpContext.Request.Form["VaildCode"];
            ValidateCodeHelper validateCodeHelper    = IocManager.Instance.Resolve <ValidateCodeHelper>();
            string             validateCode          = validateCodeHelper.GetValidateCode();

            if (!string.Equals(validateCode, recvValidateCode, StringComparison.OrdinalIgnoreCase))
            {
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "验证码错误");
                return;
            }
            AccountAppService accountAppService = IocManager.Instance.Resolve <AccountAppService>();

            IAbpSession abpSession = IocManager.Instance.Resolve <IAbpSession>();

            LoginInput input = new LoginInput();

            input.Username = context.UserName;
            input.Password = context.Password;
            input.TenantId = abpSession.TenantId;
            var output = await accountAppService.Login(input);

            if (!output.IsSuccess())
            {
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, output.ErrorMessage);
                return;
            }
            var loginResult = output.AbpLoginResult;

            switch (loginResult.Result)
            {
            case AbpLoginResultType.Success:
                IdentityUser user = loginResult.User;
                context.Result = new GrantValidationResult(
                    subject: context.UserName,
                    authenticationMethod: "custom",
                    claims: new Claim[]
                {
                    new Claim("Id", user.Id.ToString()),
                    new Claim("UserName", user.UserName),
                    new Claim("EmailAddress", user.EmailAddress),
                    new Claim("Name", user.Name),
                }
                    );
                break;

            case AbpLoginResultType.InvalidUserNameOrEmailAddress:
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "不存在的用户名");
                break;

            case AbpLoginResultType.InvalidPassword:
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "密码错误");
                break;

            default:
                //验证失败
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "身份验证失败");
                break;
            }
        }