public void TestUserPassword()
{
var password = Guid.NewGuid().Shrink();
var userID = new Random().Next(4, 10);
var email = "email" + userID + "@11.com";
var user = IoC.Resolve<IUserRepository>().FindById<User>(userID);
var lastVerifyAt = user.Membership.LastPasswordVerifyAt;
var lastVerifyFailAt = user.Membership.LastPasswordFailureAt;
Assert.NotNull(user);
var loginCmdRight = new UserLogin(email, userID.ToString(), "192.168.0.6");
var loginCmdError = new UserLogin(email, userID.ToString() + "1", "192.168.0.6");
var exception = Assert.Throws<CommandExecutionException>(delegate
{
this.commandBus.Send(loginCmdError);
});
Assert.Equal(exception.ErrorCode, (int)ErrorCode.LoginNameOrPasswordError);
user = IoC.Resolve<IUserRepository>().FindById<User>(userID);
Assert.DoesNotThrow(delegate
{
this.commandBus.Send(loginCmdRight);
});
var savedUser = IoC.Resolve<IUserRepository>().FindById<User>(userID);
Assert.NotEqual(lastVerifyFailAt, savedUser.Membership.LastPasswordFailureAt);
Assert.NotEqual(lastVerifyAt, savedUser.Membership.LastPasswordVerifyAt);
var newpassword = Guid.NewGuid().Shrink();
var ga_otp = savedUser.GoogleAuthentication == null ? string.Empty : Utilities.GenerateGoogleAuthOTP(savedUser.GoogleAuthentication.OTPSecret);
var sms_otp = savedUser.SmsAuthentication == null ? string.Empty : Utilities.GenerateSmsOTP(savedUser.SmsAuthentication.OTPSecret, savedUser.SmsAuthentication.SmsCounter);
var modifyPassword = new UserModifyPassword(userID, user.ID.ToString(), newpassword);
Assert.DoesNotThrow(delegate
{
this.commandBus.Send(modifyPassword);
});
var loginCmdAfterModifyPassword = new UserLogin(email, newpassword, "192.168.0.6");
Assert.DoesNotThrow(delegate
{
this.commandBus.Send(loginCmdAfterModifyPassword);
});
}
public void TestUserRegisterAndLogin()
{
var password = Guid.NewGuid().Shrink();
var email = "test" + password.GetHashCode() + "@mytest.com";
//var rippleAddress = "test" + password.GetHashCode() + "@mytest.com";
//var rippleSecret = "test" + password.GetHashCode() + "@mytest.com";
var cmd = new UserRegister(Guid.NewGuid().Shrink(), email, password, password, 8, "asdjlfjadljflasdjflsjdf");
Assert.DoesNotThrow(delegate
{
this.commandBus.Send(cmd);
});
var savedUser = IoC.Resolve<IUserRepository>().FindByEmail(email);
Assert.NotNull(savedUser);
Assert.Equal(savedUser.Email, email);
Assert.True(savedUser.ID > 0);
Assert.Null(savedUser.GoogleAuthentication);
Assert.Null(savedUser.SmsAuthentication);
var loginCmd = new UserLogin(email, password, "192.168.0.6");
Assert.DoesNotThrow(delegate
{
this.commandBus.Send(loginCmd);
});
}
public ActionResult Login(string account, string password, string returnUrl)
{
account = account.NullSafe().Trim();
var key = account + this.GetUserIPAddress();
var retryCount = Cache.Get<int>(key);
var result = FCJsonResult.CreateFailResult(Language.LangHelpers.Lang("Unknow Exception,Please refresh the page and try again"));
//记录重试次数,并返回剩余可重试次数的函数
Func<string, int, FCJsonResult> RetryCountIncrease = (_key, _retryCount) =>
{
Cache.Add(_key, _retryCount + 1, new TimeSpan(2, 0, 0));
var leaveRetryCount = 5 - _retryCount;
var errorMsg = Language.LangHelpers.Lang("Invalid username / password. Please try again.You still have {0} chances").FormatWith(leaveRetryCount);
return FCJsonResult.CreateFailResult(errorMsg);
};
if (retryCount > 5)
{
var errorMsg = Language.LangHelpers.Lang("Login too frequently,Please try again 2 hours later.");
result = FCJsonResult.CreateFailResult(errorMsg);
}
else
{
if (string.IsNullOrEmpty(account) || string.IsNullOrEmpty(password))
{
result = RetryCountIncrease(key, retryCount);
}
else
{
try
{
var cmd = new UserLogin(account, password, this.GetUserIPAddress());
this.CommandBus.Send(cmd);
var repos = IoC.Resolve<IUserQuery>();
//执行成功后,读取用户的信息,保存至Session
LoginUser loginUser;
if (account.IsEmail())
loginUser = repos.GetUserByEmail(account);
else
loginUser = repos.GetUserByLoginName(account);
if (loginUser.IsManager || loginUser.IsLocked)
{
result = RetryCountIncrease(key, retryCount);
}
else
{
//暂存用户信息
var verifyHash = KeepCurrentUserInfoInTmpAndReturnHash(loginUser);
//判断用户是否开了双重身份验证
var code = 1 | (loginUser.IsOpenLoginGA ? 2 : 0) | (loginUser.IsOpenLoginSMS ? 4 : 0);
//移除登录失败统计
Cache.Remove(key);
if (code > 1)
{
return Json(new { Code = 2, ReturnUrl = returnUrl.NullSafe(), Hash = verifyHash });
}
else
{
this.CurrentUserPassTwoFactoryVerify();
return Json(new { Code = 1, ReturnUrl = returnUrl.NullSafe() });
}
}
}
catch (CommandExecutionException ex)
{
if (ex.ErrorCode == (int)ErrorCode.LoginNameOrPasswordError)
{
result = RetryCountIncrease(key, retryCount);
}
}
}
}
return Json(result);
}