private void CheckOther(LoginType loginType)
{
var v_user = _userService.GetByUserId(_currentUserID);
if (v_user.RoleID == (int)Role.BlacklistUser)
{
LoginFailed(v_user, "您已被禁止登录", loginType);
return;
}
if (v_user.ExpiryTime <= DateTime.Now)
{
LoginFailed(v_user, "会员到期,请续费后登录", loginType);
return;
}
var onlineUsers = _onlineUserService.GetById(_currentUserID, "Fk_UserID");
int count = onlineUsers.Count;
if (count == 0)
{
}
else if (count < TcpServer.UserMaxLoginCount)
{
string ipAddress = onlineUsers.First().IPAddress;
try
{
IPAddress ip1 = IPAddress.Parse(ipAddress);
IPAddress ip2 = tcpSession.RemoteIPEndPoint.Address;
if (ip1.Equals(ip2) == false)
{
LoginFailed(v_user, "您已在其他设备登录了工具", loginType);
return;
}
}
catch (Exception ex)
{
throw new NetworkException("解析数据库已保存的IP地址错误,ip:" + ipAddress, ex);
}
}
else if (count >= TcpServer.UserMaxLoginCount)
{
LoginFailed(v_user, string.Format("您最多在同一设备上登录 {0} 个相同账号", TcpServer.UserMaxLoginCount), loginType);
return;
}
OnlineUserDto newOnlineUser = V_User2OnlineUser(v_user);
newOnlineUser.Key = Guid.NewGuid().ToString();
_onlineUserToken = newOnlineUser.Key;
_onlineUserService.Add(newOnlineUser);
LoginSuccess(v_user, loginType);
}
public async Task <IActionResult> OnGetCallbackAsync(string returnUrl = null, string remoteError = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (remoteError != null)
{
ErrorMessage = $"Error from external provider: {remoteError}";
return(RedirectToPage("./Login", new { ReturnUrl = returnUrl }));
}
var info = await _signInManager.GetExternalLoginInfoAsync();
if (info == null)
{
ErrorMessage = "Error loading external login information.";
return(RedirectToPage("./Login", new { ReturnUrl = returnUrl }));
}
// Sign in the user with this external login provider if the user already has a login.
var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, isPersistent : false, bypassTwoFactor : true);
if (result.Succeeded)
{
//添加在线用户
string client = this.Request.Headers["User-Agent"];
var userName = info.Principal.FindFirstValue("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress");
if (!string.IsNullOrEmpty(userName))
{
_onlineUserService.Add(userName.ToLower(), client);
}
_logger.LogInformation("{Name} logged in with {LoginProvider} provider.", info.Principal.Identity.Name, info.LoginProvider);
return(LocalRedirect(returnUrl));
}
if (result.IsLockedOut)
{
return(RedirectToPage("./Lockout"));
}
else
{
// If the user does not have an account, then ask the user to create an account.
ReturnUrl = returnUrl;
LoginProvider = info.LoginProvider;
if (info.Principal.HasClaim(c => c.Type == ClaimTypes.Email))
{
Input = new InputModel
{
Email = info.Principal.FindFirstValue(ClaimTypes.Email)
};
}
return(Page());
}
}
public async Task <IActionResult> OnPostAsync(string button, string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
// check if we are in the context of an authorization request
var context = await _interaction.GetAuthorizationContextAsync(Input.ReturnUrl);
// the user clicked the "cancel" button
if (button != "login")
{
if (context != null)
{
// if the user cancels, send a result back into IdentityServer as if they
// denied the consent (even if this client does not require consent).
// this will send back an access denied OIDC error response to the client.
await _interaction.GrantConsentAsync(context, ConsentResponse.Denied);
// we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
if (await _clientStore.IsPkceClientAsync(context.ClientId))
{
return(RedirectToAction("Redirect"));
}
}
else
{
// since we don't have a valid context, then we just go back to the home page
return(Redirect("~/"));
}
}
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure : true);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
//添加在线用户
string client = this.Request.Headers["User-Agent"];
if (!string.IsNullOrEmpty(Input.Email))
{
_onlineUserService.Add(Input.Email.ToLower(), client);
}
if (context != null)
{
if (await _clientStore.IsPkceClientAsync(context.ClientId))
{
// if the client is PKCE then we assume it's native, so this change in how to
// return the response is for better UX for the end user.
//return View("Redirect", new RedirectViewModel { RedirectUrl = model.ReturnUrl });
}
// we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
return(Redirect(Input.ReturnUrl));
}
return(LocalRedirect(returnUrl));
}
if (result.RequiresTwoFactor)
{
return(RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe }));
}
if (result.IsLockedOut)
{
_logger.LogWarning("User account locked out.");
return(RedirectToPage("./Lockout"));
}
else
{
ModelState.AddModelError(string.Empty, "尝试登录失败。");// "Invalid login attempt."
//Input.ExternalProviders = await GetExternalProviders();
//return Page();
}
}
Input.ExternalProviders = await GetExternalProviders();
// If we got this far, something failed, redisplay form
return(Page());
}
