/// <summary>
/// 验证Bearer Token
/// </summary>
/// <param name="userAccountId">用户ID</param>
/// <param name="accessToken">令牌</param>
/// <returns></returns>
public async Task<IPrincipal> AuthenticateBearerTokenAsync(string accessToken)
{
//1. 根据条件获取Token对象。
Token bearerToken = await Fetch(x => x.AccessToken == accessToken && !x.IsRevoked && x.ExpirationDate > DateTime.Now).SingleOrDefaultAsync();
if(bearerToken != null)
{
//2. 如果Token对象不为空,则为Token验证成功,建立Principal。
KoalaBlogIdentityObject identityObj = new KoalaBlogIdentityObject();
UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(_dbContext);
//3. 获取UserAccountXPerson对象。
UserAccountXPerson uaxp = await uaxpHandler.LoadByUserAccountIDIncludeUserAccountAndPersonAsync(bearerToken.UserAccountID);
if(uaxp != null)
{
if (uaxp.UserAccount != null)
{
identityObj.UserID = uaxp.UserAccount.ID;
identityObj.UserName = uaxp.UserAccount.UserName;
identityObj.Email = uaxp.UserAccount.Email;
identityObj.Status = uaxp.UserAccount.Status;
}
if (uaxp.Person != null)
{
identityObj.PersonID = uaxp.Person.ID;
identityObj.PersonNickName = uaxp.Person.NickName;
identityObj.Introduction = uaxp.Person.Introduction;
}
}
else
{
UserAccountHandler uaHandler = new UserAccountHandler(_dbContext);
//4. 如果UserAccountXPerson对象为空,意味着可能是用户注册还没完成,则根据用户名获取UserAccount对象,赋值IdentityObject通用Property。
UserAccount userAccount = await uaHandler.GetByIdAsync(bearerToken.UserAccountID);
if (userAccount != null)
{
identityObj.UserID = userAccount.ID;
identityObj.UserName = userAccount.UserName;
identityObj.Email = userAccount.Email;
identityObj.Status = userAccount.Status;
}
}
KoalaBlogIdentity identity = new KoalaBlogIdentity(identityObj);
KoalaBlogPrincipal principal = new KoalaBlogPrincipal(identity);
return principal;
}
return null;
}
public KoalaBlogIdentity(KoalaBlogIdentityObject identityObject)
{
this._identityObject = identityObject;
}
/// <summary>
/// 登录
/// </summary>
/// <param name="userName">用户名</param>
/// <param name="hashPassword">密码</param>
/// <returns></returns>
public async Task<Tuple<KoalaBlogIdentityObject, SignInStatus, string>> SignInAsync(string userName, string password, bool isPersistent)
{
KoalaBlogIdentityObject identityObject = new KoalaBlogIdentityObject();
var userAccount = await GetByUserNameAsync(userName);
if (userAccount != null)
{
//1. 设置Common Property。
identityObject.UserID = userAccount.ID;
identityObject.UserName = userAccount.UserName;
identityObject.Email = userAccount.Email;
identityObject.Status = userAccount.Status;
bool isEmailConfirmed = userAccount.EmailConfirmed;
if (!isEmailConfirmed)
{
return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.NotYetEmailConfirmed, string.Empty);
}
else
{
//2. 如果用户已经邮件验证完成则获取Person对象。
UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(_dbContext);
UserAccountXPerson uaxp = await uaxpHandler.LoadByUserAccountIDAsync(userAccount.ID);
if (uaxp != null && uaxp.Person != null)
{
identityObject.PersonID = uaxp.Person.ID;
identityObject.PersonNickName = uaxp.Person.NickName;
identityObject.Introduction = uaxp.Person.Introduction;
}
bool isLockedOut = userAccount.Status == UserAccount.STATUS_SUSPENDED;
if (isLockedOut)
{
return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.LockedOut, string.Empty);
}
string pwd = KoalaBlogSecurityManager.CreatePasswordHash(password, userAccount.PasswordSalt);
bool isValid = pwd == userAccount.Password;
if (isValid)
{
userAccount.LastLogon = DateTime.Now;
userAccount.IsOnline = true;
await ModifyAsync(userAccount);
//3. 如果登录成功则生成一个Bearer Token。
TokenHandler tokenHandler = new TokenHandler(_dbContext);
DateTime? expirationDate = isPersistent ? DateTime.MaxValue : (DateTime?)null;
Token bearerToken = await tokenHandler.GenerateBearerTokenAsync(userAccount.ID, expirationDate);
return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.Succeeded, bearerToken.AccessToken);
}
else
{
return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.WrongPassword, string.Empty);
}
}
}
return new Tuple<KoalaBlogIdentityObject, SignInStatus, string>(identityObject, SignInStatus.Failure, string.Empty);
}
/// <summary>
/// 根据UserName获取KoalaBlogIdentityObject
/// </summary>
/// <param name="userName"></param>
/// <returns></returns>
public async Task<KoalaBlogIdentityObject> GetIdentityObjectAsync()
{
using (KoalaBlogDbContext dbContext = new KoalaBlogDbContext())
{
UserAccountXPersonHandler uaxpHandler = new UserAccountXPersonHandler(dbContext);
if(CurrentThreadIdentityObject != null)
{
//1. 根据用户名获取UserAccountXPerson对象。
UserAccountXPerson uaxp = await uaxpHandler.LoadByUserNameAsync(CurrentThreadIdentityObject.UserName);
if (uaxp != null)
{
KoalaBlogIdentityObject identityObject = new KoalaBlogIdentityObject();
if (uaxp.UserAccount != null)
{
identityObject.UserID = uaxp.UserAccount.ID;
identityObject.UserName = uaxp.UserAccount.UserName;
identityObject.Email = uaxp.UserAccount.Email;
identityObject.Status = uaxp.UserAccount.Status;
}
if (uaxp.Person != null)
{
AvatarHandler avatarHandler = new AvatarHandler(dbContext);
Avatar avatar = await avatarHandler.GetActiveAvatarByPersonId(uaxp.Person.ID);
identityObject.PersonID = uaxp.Person.ID;
identityObject.PersonNickName = uaxp.Person.NickName;
identityObject.Introduction = uaxp.Person.Introduction;
if (avatar != null)
{
identityObject.AvatarUrl = avatar.AvatarPath;
}
}
return identityObject;
}
else
{
UserAccountHandler uaHandler = new UserAccountHandler(dbContext);
//2. 如果UserAccountXPerson对象为空,意味着可能是用户注册还没完成,则根据用户名获取UserAccount对象,赋值IdentityObject通用Property。
UserAccount userAccount = await uaHandler.GetByUserNameAsync(CurrentThreadIdentityObject.UserName);
if (userAccount != null)
{
KoalaBlogIdentityObject identityObject = new KoalaBlogIdentityObject()
{
UserID = userAccount.ID,
UserName = userAccount.UserName,
Email = userAccount.Email,
Status = userAccount.Status
};
return identityObject;
}
}
}
return null;
}
}