protected virtual async Task <AbpLoginResult <Tenant, User> > LoginCustomAsyncInternal(string account, string password)
        {
            if (account.IsNullOrEmpty() || password.IsNullOrEmpty())
            {
                throw new Exception("account or password");
            }

            //不启用租户,获取默认租户
            Tenant tenant = await GetDefaultTenantAsync();

            int?tenantId = tenant?.Id;

            using (UnitOfWorkManager.Current.SetTenantId(tenantId))
            {
                //根据用户名获取用户信息
                var user = await _userStore.FindByAccountAsync(account);

                if (user == null)
                {
                    return(new AbpLoginResult <Tenant, User>(AbpLoginResultType.UnknownExternalLogin, tenant));
                }

                //验证用户的密码是否正确
                var verificationResult = _userManager.PasswordHasher.VerifyHashedPassword(user, user.Password, password);
                if (verificationResult != PasswordVerificationResult.Success)
                {
                    if (await TryLockOutAsync(tenantId, user.Id))
                    {
                        return(new AbpLoginResult <Tenant, User>(AbpLoginResultType.LockedOut, tenant, user));
                    }

                    return(new AbpLoginResult <Tenant, User>(AbpLoginResultType.InvalidPassword, tenant, user));
                }

                //重置用户登录失败次数
                await _userManager.ResetAccessFailedCountAsync(user);

                //生成登录结果
                return(await CreateLoginResultAsync(user, tenant));
            }
        }
示例#2
0
        private async Task <AbpLoginResult <TTenant, TUser> > LoginAsyncInternal(string userNameOrEmailAddress, string plainPassword, string tenancyName, bool shouldLockout)
        {
            if (userNameOrEmailAddress.IsNullOrEmpty())
            {
                throw new ArgumentNullException(nameof(userNameOrEmailAddress));
            }

            if (plainPassword.IsNullOrEmpty())
            {
                throw new ArgumentNullException(nameof(plainPassword));
            }

            //Get and check tenant
            TTenant tenant = null;

            using (_unitOfWorkManager.Current.SetTenantId(null))
            {
                if (!_multiTenancyConfig.IsEnabled)
                {
                    tenant = await GetDefaultTenantAsync();
                }
                else if (!string.IsNullOrWhiteSpace(tenancyName))
                {
                    tenant = await _tenantRepository.FirstOrDefaultAsync(t => t.TenancyName == tenancyName);

                    if (tenant == null)
                    {
                        return(new AbpLoginResult <TTenant, TUser>(AbpLoginResultType.InvalidTenancyName));
                    }

                    if (!tenant.IsActive)
                    {
                        return(new AbpLoginResult <TTenant, TUser>(AbpLoginResultType.TenantIsNotActive, tenant));
                    }
                }
            }

            var tenantId = tenant == null ? (int?)null : tenant.Id;

            using (_unitOfWorkManager.Current.SetTenantId(tenantId))
            {
                //TryLoginFromExternalAuthenticationSources method may create the user, that's why we are calling it before AbpStore.FindByNameOrEmailAsync
                var loggedInFromExternalSource = await TryLoginFromExternalAuthenticationSources(userNameOrEmailAddress, plainPassword, tenant);

                var user = await _userManager.AbpStore.FindByNameOrEmailAsync(tenantId, userNameOrEmailAddress);

                if (user == null)
                {
                    return(new AbpLoginResult <TTenant, TUser>(AbpLoginResultType.InvalidUserNameOrEmailAddress, tenant));
                }

                if (!loggedInFromExternalSource)
                {
                    _userManager.InitializeLockoutSettings(tenantId);

                    if (await _userManager.IsLockedOutAsync(user.Id))
                    {
                        return(new AbpLoginResult <TTenant, TUser>(AbpLoginResultType.LockedOut, tenant, user));
                    }

                    var verificationResult = _userManager.PasswordHasher.VerifyHashedPassword(user.Password, plainPassword);
                    if (verificationResult != PasswordVerificationResult.Success)
                    {
                        if (shouldLockout)
                        {
                            if (await TryLockOutAsync(tenantId, user.Id))
                            {
                                return(new AbpLoginResult <TTenant, TUser>(AbpLoginResultType.LockedOut, tenant, user));
                            }
                        }

                        return(new AbpLoginResult <TTenant, TUser>(AbpLoginResultType.InvalidPassword, tenant, user));
                    }

                    await _userManager.ResetAccessFailedCountAsync(user.Id);
                }

                return(await CreateLoginResultAsync(user, tenant));
            }
        }