public async Task <AuthenticateResultModel> Authenticate(AuthenticateModel model) { var loginResult = await GetLoginResultAsync( model.UserName, model.Password, model.TenancyName ); var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); var authenticateModel = new AuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, UserId = loginResult.User.Id }; var user = await _userManager.GetByIdAsync(authenticateModel.UserId); user.SetData("currentToken", authenticateModel.EncryptedAccessToken); await _userManager.UpdateAsync(user); return(authenticateModel); }
public async Task <AuthenticateResultModel> AuthorizationAsync(AuthenticateModel authenticateModel, bool isLogining) { AuthenticateResultModel authenticateResultModel = await tokenAuthServiceProxy.AuthenticateAsync(authenticateModel); LoginInfoCache.SetAuthenticateModelAndAuthenticateResultModel(authenticateModel, authenticateResultModel); return(authenticateResultModel); }
public async Task <AuthenticateResultModel> Authenticate(AuthenticateModel model) { //先判断验证码 if (HttpContext.Session.Get <string>("CaptchaCode")?.ToLower() != model.VerifyCode.ToLower()) { throw new UserFriendlyException("您输入的验证码不正确,如看不清,可点击验证码更换"); } var loginResult = await GetLoginResultAsync( model.UserName, model.Password, model.TenancyName ); var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); //var permissions = await UserManager.GetGrantedPermissionsAsync(loginResult.User); var result = new AuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, UserId = loginResult.User.Id, //GrantedPermissions=permissions.Select(o=>o.Name) }; loginResult.User.SetData("currentToken", result.EncryptedAccessToken); await UserManager.UpdateAsync(loginResult.User); //HttpContext.Session.Set("LoginInfo", loginResult.User.Id); return(result); }
public async Task <ResultJsonObjModel> Applogin([FromBody] AuthenticateModel model) { try { var loginResult = await GetLoginResultAsync( model.UserNameOrEmailAddress, model.Password, GetTenancyNameOrNull() ); var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); var token = new AuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, UserId = loginResult.User.Id }; return(new ResultJsonObjModel(token)); } catch (Exception ex) { return(new ResultJsonObjModel(-1, ex.Message)); } }
public async Task <string> GetTicket([FromBody] LoginFromBodyModel model) { var loginResult = await GetLoginResultAsync( model.UserNameOrEmailAddress, model.Password ); var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); AuthenticateResultModel authTokenModel = new AuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }; string serverState = System.Guid.NewGuid().ToString("N"); //if(!string.IsNullOrEmpty(_session.GetString("serverState"))) //{ // _session.Remove("serverState"); //} //_session.SetString("serverState", serverState); string ticket = Common.Common.MD5String("utf-8", model.ClientId + model.ClientState + serverState).ToLower(); var expire = TimeSpan.FromSeconds(45); _cacheManager.GetCache("LoginTokenCache").DefaultSlidingExpireTime = expire; _cacheManager.GetCache("LoginTokenCache").Set(ticket, authTokenModel, expire); return(serverState); }
public AuthenticateResultModel Login(AuthenticateModel authenticateModel, bool isServerless) { if (!isServerless) { AuthenticateResultModel authenticateResultModel = authorizationManager.Authorization(authenticateModel, true); if (authenticateResultModel != null && !authenticateResultModel.AccessToken.IsNullOrEmpty()) { LoginInfoCache.SetAuthenticateModelAndAuthenticateResultModel(authenticateModel, authenticateResultModel); IEnumerable <FlatPermissionWithLevelDto> premissions = authorizationManager.GetAllPermissions(); LoginInfoCache.SetPermissions(premissions); runtimeSetting.RuntimeStatus = RuntimeStatus.Common; Logger.Info("login success!"); return(authenticateResultModel); } Logger.Warn("login fail!" + JsonConvert.SerializeObject(authenticateResultModel)); return(authenticateResultModel); } else //脱机登录 { runtimeSetting.RuntimeStatus = RuntimeStatus.Serverless; var authenticateResultModel = new AuthenticateResultModel { AccessToken = "Serverless", UserId = ServerlessConfig.ServerlessUserId }; LoginInfoCache.SetAuthenticateModelAndAuthenticateResultModel(authenticateModel, authenticateResultModel); return(authenticateResultModel); } }
public async Task <AuthenticateResultModel> LoginAsync(AuthenticateModel authenticateModel, bool isServerless) { if (!isServerless) { AuthenticateResultModel authenticateResultModel = await authorizationManager.AuthorizationAsync(authenticateModel, true); if (!authenticateResultModel.AccessToken.IsNullOrEmpty()) { LoginInfoCache.SetAuthenticateModelAndAuthenticateResultModel(authenticateModel, authenticateResultModel); IEnumerable <FlatPermissionWithLevelDto> premissions = await authorizationManager.GetAllPermissionsAsync(); LoginInfoCache.SetPermissions(premissions); Logger.Info("login success!"); return(authenticateResultModel); } Logger.Warn("login fail!" + JsonConvert.SerializeObject(authenticateResultModel)); return(authenticateResultModel); } else { //脱机登录 runtimeSetting.RuntimeStatus = RuntimeStatus.Serverless; var authenticateResultModel = new AuthenticateResultModel { AccessToken = "Serverless" }; LoginInfoCache.SetAuthenticateModelAndAuthenticateResultModel(authenticateModel, authenticateResultModel); return(authenticateResultModel); } }
public async Task <AjaxResponse> Authenticate(LoginModel loginModel) { var loginResult = await GetLoginResultAsync( loginModel.UsernameOrEmailAddress, loginModel.Password, loginModel.TenancyName ); var ticket = new AuthenticationTicket(loginResult.Identity, new AuthenticationProperties()); var currentUtc = new SystemClock().UtcNow; var expiresUtc = currentUtc.Add(TimeSpan.FromMinutes(30)); ticket.Properties.IssuedUtc = currentUtc; ticket.Properties.ExpiresUtc = expiresUtc; var timeSpan = expiresUtc - DateTime.UtcNow; var expireInSeconds = Convert.ToInt32(timeSpan.TotalSeconds); var result = new AuthenticateResultModel { AccessToken = OAuthBearerOptions.AccessTokenFormat.Protect(ticket), ExpireInSeconds = expireInSeconds }; return(new AjaxResponse(result)); }
/// <summary> /// 认证 /// </summary> public AuthenticateResultModel Authorization(AuthenticateModel authenticateModel, bool isLogining) { AuthenticateResultModel authenticateResultModel = tokenAuthServiceProxy.Authenticate(authenticateModel); if (!isLogining) //如果不是登录 { } LoginInfoCache.SetAuthenticateModelAndAuthenticateResultModel(authenticateModel, authenticateResultModel); return(authenticateResultModel); }
public static void SetAuthenticateModelAndAuthenticateResultModel(AuthenticateModel authenticateModel, AuthenticateResultModel authenticateResultModel ) { lock (_lockObject) { AuthenticateModel = authenticateModel; AuthenticateResultModel = authenticateResultModel; IsLogined = authenticateModel != null && authenticateResultModel != null && !authenticateResultModel.AccessToken.IsNullOrEmpty(); } }
/// <summary> /// <para>ユーザーの認可判定.</para> /// </summary> /// <param name="model"></param> /// <returns></returns> public AuthenticateResultModel Authenticate(AuthenticateChallengeModel model) { bool result = false; var user = UserMng.FindAsync(model.UserName, model.Password).Result; if (user != null) { var identity = UserMng.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie).Result; HttpContext.Current.GetOwinContext().Authentication.SignIn(identity); result = true; } return(AuthenticateResultModel.Create(model, result)); }
public async Task <AuthenticateResultModel> Authenticate([FromBody] AuthenticateModel model) { try { var loginResult = await GetLoginResultAsync( model.UserNameOrEmailAddress, model.Password, GetTenancyNameOrNull() ); var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); return(new AuthenticateResultModel { IsLoginSuccess = true, AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, UserId = loginResult.User.Id }); } catch (Exception ex) { var key = string.Empty; var exceptionResult = new AuthenticateResultModel { IsLoginSuccess = false, LoginMessage = ex.Message + "<br/> Username or Password is Incorrect.", Key = key }; var userExists = await _userManager.FindByNameOrEmailAsync(model.UserNameOrEmailAddress); if (userExists == null) { return(exceptionResult); } var appUser = await _applicationUserReposatory.GetAll().FirstOrDefaultAsync(x => x.UserId == userExists.Id && (!x.IsVerified || !x.IsPasswordCreated)); if (appUser == null) { return(exceptionResult); } key = await _encryptionDecryptionService.EncryptString(userExists.Id.ToString()); exceptionResult.Key = key; return(exceptionResult); } }
public async Task <ResultDto <AuthenticateResultModel> > Authencate(LoginRequestDto request) { var user = await _context.AppUsers.Where(x => x.Status != 0 && x.IsDeleted == false && x.UserName == request.UserName).FirstOrDefaultAsync(); if (user == null) { return(new ResultDto <AuthenticateResultModel>(ResponseCode.Validate, "Người dùng không tồn tại hoặc đã bị khóa", null)); } var result = await _signInManager.PasswordSignInAsync(user, request.Password, request.RememberMe, true); if (!result.Succeeded) { return(new ResultDto <AuthenticateResultModel>(ResponseCode.LogicError, "Đăng nhập thất bại", null)); } var roles = await _userManager.GetRolesAsync(user); // Phải chỉ định claim để authorize ở api có thể detect var claims = new[] { new Claim("email", user.Email), new Claim("userId", user.Id.ToString()), new Claim("roles", string.Join(';', roles)), }; // Mã hóa Claim var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Tokens:Key"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( _config["Tokens:Issuer"], _config["Tokens:Issuer"], claims, expires: DateTime.Now.AddDays(30), signingCredentials: creds ); var stringToken = new JwtSecurityTokenHandler().WriteToken(token); var authResultModel = new AuthenticateResultModel() { UserId = user.Id.ToString(), FullName = user.FullName, TypeAccount = (int)user.TypeAccount, Email = user.Email, PhoneNumber = user.PhoneNumber, Roles = roles, AccessToken = stringToken }; return(new ResultDto <AuthenticateResultModel>(ResponseCode.Success, "Thành công", authResultModel)); }
public async Task <AuthenticateResultModel> Authenticate([FromBody] AuthenticateModel model) { //var loginResult = await GetLoginResultAsync( // model.UserNameOrEmailAddress, // model.Password, // GetTenancyNameOrNull() //); //var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); //return new AuthenticateResultModel //{ // AccessToken = accessToken, // EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), // ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, // UserId = loginResult.User.Id //}; var httpHandler = new HttpClientHandler(); httpHandler.CookieContainer.Add( new Uri(_configuration.Authority), new Cookie("Abp.TenantId", AbpSession.TenantId?.ToString()) ); //Set TenantId var tokenClient = new TokenClient( $"{_configuration.Authority}/connect/token", "api1", _configuration.Secret, httpHandler); var tokenResponse = tokenClient .RequestResourceOwnerPasswordAsync(model.UserNameOrEmailAddress, model.Password) .ConfigureAwait(false) .GetAwaiter().GetResult(); if (tokenResponse.IsError) { throw new UserFriendlyException(tokenResponse.Error); } var data = new AuthenticateResultModel { AccessToken = tokenResponse.AccessToken, EncryptedAccessToken = GetEncrpyedAccessToken(tokenResponse.AccessToken), ExpireInSeconds = tokenResponse.ExpiresIn, }; return(data); }
public async Task <dynamic> ServeProvideData([FromBody] AuthenticateModel model) { var listPara = new List <string> { model.UserID, model.UserPWD }; var dynamicModel = (await _queryService.QueryFirstAsync <TB_PDAUserLogin>(GetSqlStr(), new { model.UserID, model.UserPWD })); var resultModel = new AuthenticateResultModel { UserId = dynamicModel.UserName }; return(dynamicModel); }
public IActionResult OnPost() { AuthenticateResultModel result = new AuthenticateResultModel(); try { string baseUrl = "http://localhost:5000"; HttpClient client = new HttpClient(); client.BaseAddress = new Uri(baseUrl); var contentType = new MediaTypeWithQualityHeaderValue("application/json"); client.DefaultRequestHeaders.Accept.Add(contentType); string stringData = JsonConvert.SerializeObject(loginData); var contentData = new StringContent(stringData, System.Text.Encoding.UTF8, "application/json"); HttpResponseMessage response = client.PostAsync("/api/user/authenticate", contentData).Result; string responseString = response.Content.ReadAsStringAsync().Result; result = JsonConvert.DeserializeObject <AuthenticateResultModel>(responseString); } catch (Exception ex) { throw ex; } if (string.IsNullOrEmpty(result.Token)) { ModelState.AddModelError("", "username or password is invalid"); return(Page()); } else { SetCookie("JWT", result.Token, 15); SetCookie("Username", loginData.Username, 15); SetCookie("IsFromCache", result.IsFromCache.ToString(), 15); return(RedirectToPage("Index")); } }
public async Task <AuthenticateResultModel> Authenticate([FromBody] AuthenticateModel model) { var loginResult = await GetLoginResultAsync( model.UserNameOrEmailAddress, model.Password, GetTenancyNameOrNull() ); AuthenticateResultModel ret = null; if (loginResult.Result == AbpLoginResultType.Success) { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); ret = new AuthenticateResultModel { exception = null, AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, UserId = loginResult.User.Id }; } else { ret = new AuthenticateResultModel { exception = _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, model.UserNameOrEmailAddress, GetTenancyNameOrNull()), AccessToken = null, EncryptedAccessToken = null, ExpireInSeconds = 0, UserId = 0 }; } return(ret); }
public async Task <AuthenticateResultModel> Authenticate([FromBody] AuthenticateModel model) { string tenancyName = string.Equals("XTOPMS", model.TenancyName, StringComparison.OrdinalIgnoreCase) ? null : model.TenancyName; // Add this for fix XTOPMS system api bool success = true; string[] authority = new string[] { "guest" }; AuthenticateResultModel result = new AuthenticateResultModel { UserId = 0, Success = success, Authority = authority, AccessToken = "", EncryptedAccessToken = "", ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }; try{ var loginResult = await GetLoginResultAsync( model.UserNameOrEmailAddress, model.Password, tenancyName // GetTenancyNameOrNull() ); var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); // TODO: write some code to get current user's roles. authority = authority.Append <String>("admin").ToArray(); // add a admin role. // Initiate result model result.UserId = loginResult.User.Id; result.AccessToken = accessToken; result.EncryptedAccessToken = GetEncrpyedAccessToken(accessToken); result.Success = success; result.Authority = authority; result.Code = ReturnCodeEnum.Success; return(result); } catch (UserFriendlyException exc) { result.Success = false; result.Code = ReturnCodeEnum.ERROR_UNKNOW_REASON; result.Error = exc.Details; } catch (MySql.Data.MySqlClient.MySqlException mySqlException) { /* * MySql.Data.MySqlClient.MySqlException(0x80004005): Unable to connect to any of the specified MySQL hosts. * at MySqlConnector.Core.ServerSession.ConnectAsync(ConnectionSettings cs, ILoadBalancer loadBalancer, IOBehavior ioBehavior, CancellationToken cancellationToken) * in C:\projects\mysqlconnector\src\MySqlConnector\Core\ServerSession.cs:line 322 * at MySqlConnector.Core.ConnectionPool.GetSessionAsync(MySqlConnection connection, IOBehavior ioBehavior, CancellationToken cancellationToken) * in C:\projects\mysqlconnector\src\MySqlConnector\Core\ConnectionPool.cs:line 112 * at MySqlConnector.Core.ConnectionPool.GetSessionAsync(MySqlConnection connection, IOBehavior ioBehavior, CancellationToken cancellationToken) * in C:\projects\mysqlconnector\src\MySqlConnector\Core\ConnectionPool.cs:line 141 * at MySql.Data.MySqlClient.MySqlConnection.CreateSessionAsync(Nullable`1 ioBehavior, CancellationToken cancellationToken) * in C:\projects\mysqlconnector\src\MySqlConnector\MySql.Data.MySqlClient\MySqlConnection.cs:line 431 * at MySql.Data.MySqlClient.MySqlConnection.OpenAsync(Nullable`1 ioBehavior, CancellationToken cancellationToken) * in C:\projects\mysqlconnector\src\MySqlConnector\MySql.Data.MySqlClient\MySqlConnection.cs:line 175 * at MySql.Data.MySqlClient.MySqlConnection.Open() in C:\projects\mysqlconnector\src\MySqlConnector\MySql.Data.MySqlClient\MySqlConnection.cs:line 161 * at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenDbConnection(Boolean errorsExpected) * at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.Open(Boolean errorsExpected) * at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.BeginTransaction(IsolationLevel isolationLevel) * at Pomelo.EntityFrameworkCore.MySql.Storage.Internal.MySqlExecutionStrategy.Execute[TState, TResult](TState state, Func`3 operation, Func`3 verifySucceeded) * at Abp.EntityFrameworkCore.Uow.DbContextEfCoreTransactionStrategy.CreateDbContext[TDbContext](String connectionString, IDbContextResolver dbContextResolver) * in D:\Github\aspnetboilerplate\src\Abp.EntityFrameworkCore\EntityFrameworkCore\Uow\DbContextEfCoreTransactionStrategy.cs:line 38 * at Abp.EntityFrameworkCore.Uow.EfCoreUnitOfWork.GetOrCreateDbContext[TDbContext](Nullable`1 multiTenancySide, String name) * in D:\Github\aspnetboilerplate\src\Abp.EntityFrameworkCore\EntityFrameworkCore\Uow\EfCoreUnitOfWork.cs:line 120 * at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase`3.get_Table() * in D:\Github\aspnetboilerplate\src\Abp.EntityFrameworkCore\EntityFrameworkCore\Repositories\EfCoreRepositoryBaseOfTEntityAndTPrimaryKey.cs:line 39 * at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase`3.GetAllIncluding(Expression`1[] propertySelectors) * in D:\Github\aspnetboilerplate\src\Abp.EntityFrameworkCore\EntityFrameworkCore\Repositories\EfCoreRepositoryBaseOfTEntityAndTPrimaryKey.cs:line 88 * at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase`3.FirstOrDefaultAsync(Expression`1 predicate) * in D:\Github\aspnetboilerplate\src\Abp.EntityFrameworkCore\EntityFrameworkCore\Repositories\EfCoreRepositoryBaseOfTEntityAndTPrimaryKey.cs:line 123 * at Abp.Threading.InternalAsyncHelper.AwaitTaskWithPostActionAndFinallyAndGetResult[T](Task`1 actualReturnValue, Func`1 postAction, Action`1 finalAction) * at Abp.Authorization.AbpLogInManager`3.LoginAsyncInternal(String userNameOrEmailAddress, String plainPassword, String tenancyName, Boolean shouldLockout) * at Abp.Authorization.AbpLogInManager`3.LoginAsync(String userNameOrEmailAddress, String plainPassword, String tenancyName, Boolean shouldLockout) * at Abp.Threading.InternalAsyncHelper.AwaitTaskWithPostActionAndFinallyAndGetResult[T](Task`1 actualReturnValue, Func`1 postAction, Action`1 finalAction) * at XTOPMS.Controllers.TokenAuthController.GetLoginResultAsync(String usernameOrEmailAddress, String password, String tenancyName) * in / Work / Dotnet / XTOPMSCORE_master / src / XTOPMS.Web.Core / Controllers / TokenAuthController.cs:line 218 * at XTOPMS.Controllers.TokenAuthController.Authenticate(AuthenticateModel model) * in / Work / Dotnet / XTOPMSCORE_master / src / XTOPMS.Web.Core / Controllers / TokenAuthController.cs:line 71 */ result.Success = false; result.Code = ReturnCodeEnum.ERROR_DATABASE_CANNOT_CONNECT; result.Error = mySqlException.Message; } catch (Exception exc) { result.Success = false; result.Code = ReturnCodeEnum.ERROR_UNKNOW_REASON; result.Error = exc.Message; } return(result); }