public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
{
APIUser APIUser = new APIUser();
APIUser.UserName = context.UserName;
APIUser.Password = context.Password;
var LoginResult = _IUserLoginService.ValidateUser(APIUser);
if (LoginResult == UserLoginResult.Successful)
{
context.Result = new GrantValidationResult(
subject: context.UserName,
authenticationMethod: "custom",
claims: GetUserClaims(context.UserName));
}
else
{
//验证失败
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "身份验证失败");
}
}
public ActionResult Login(UserAuthorization userAuth)
{
if (!ModelState.IsValid)
{
return(View(userAuth));
}
var user = _userLoginService.GetUserByEmail(userAuth.Email);
var jsonNetResult = new JsonNetResult();
jsonNetResult.Data = new { Message = LocalizationResourceServiceSingleton.Current.GetValue(Constants.Entities.UserNameOrPasswordIncorrectMsg), IsLogedIn = false };
if (user == null)
{
return(jsonNetResult);
}
var userBan = _userLoginService.GetUserBan(user.Id);
var validateUser = _userLoginService.ValidateUser(userAuth.Email, userAuth.Password);
var banTime = (int)_userLoginService.GetBanTime(userBan).TotalMinutes;
var banInterval = Int32.Parse(ConfigurationManager.AppSettings["BanInterval"]);
var maxAttemptValue = Int32.Parse(ConfigurationManager.AppSettings["MaxAttemptValue"]);
var userLoginHistory = new UserLoginHistory {
UserId = user.Id, LoginDate = DateTime.Now, LoginResult = false
};
if (userBan.UserIsBan)
{
if (banTime < banInterval)
{
jsonNetResult.Data = new { Message = LocalizationResourceServiceSingleton.Current.GetValue(Constants.Entities.UserBannedMsg), IsLogedIn = false };
return(jsonNetResult);
}
}
if (!validateUser)
{
_userLoginService.UserLoginHistory(userLoginHistory);
if (userBan.AttemptCount < maxAttemptValue)
{
userBan.AttemptCount++;
}
if (userBan.AttemptCount == maxAttemptValue)
{
userBan.UserIsBan = true;
userBan.StartBanTime = DateTime.Now;
userBan.AttemptCount = 0;
_unitOfWork.Commit();
jsonNetResult.Data = new { Message = LocalizationResourceServiceSingleton.Current.GetValue(Constants.Entities.UserBannedMsg), IsLogedIn = false };
return(jsonNetResult);
}
_unitOfWork.Commit();
return(jsonNetResult);
}
FormsAuthentication.SetAuthCookie(userAuth.Email, false);
if (banTime > banInterval)
{
userBan.UserIsBan = false;
}
userBan.AttemptCount = 0;
userLoginHistory.LoginResult = true;
_userLoginService.UserLoginHistory(userLoginHistory);
_unitOfWork.Commit();
jsonNetResult.Data = new { Message = LocalizationResourceServiceSingleton.Current.GetValue(Constants.Entities.LoginSuccessMsg), IsLogedIn = true };
return(jsonNetResult);
}
