示例#1
0
        public async Task <IHttpActionResult> Login(LoginViewModel model)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }

            try
            {
                var ident = await service.Login(model);

                AuthManager.SignOut();
                AuthManager.SignIn(new AuthenticationProperties {
                    IsPersistent = false
                }, ident);

                return(Ok());
            }
            catch (ApplicationException ex)
            {
                return(BadRequest(ex.Message));
            }
        }
示例#2
0
        public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
        {
            IHttpContextAccessor httpContextAccessor = IocManager.Instance.Resolve <IHttpContextAccessor>();
            string             recvValidateCode      = httpContextAccessor.HttpContext.Request.Form["VaildCode"];
            ValidateCodeHelper validateCodeHelper    = IocManager.Instance.Resolve <ValidateCodeHelper>();
            string             validateCode          = validateCodeHelper.GetValidateCode();

            if (!string.Equals(validateCode, recvValidateCode, StringComparison.OrdinalIgnoreCase))
            {
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "验证码错误");
                return;
            }
            AccountAppService accountAppService = IocManager.Instance.Resolve <AccountAppService>();

            IAbpSession abpSession = IocManager.Instance.Resolve <IAbpSession>();

            LoginInput input = new LoginInput();

            input.Username = context.UserName;
            input.Password = context.Password;
            input.TenantId = abpSession.TenantId;
            var output = await accountAppService.Login(input);

            if (!output.IsSuccess())
            {
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, output.ErrorMessage);
                return;
            }
            var loginResult = output.AbpLoginResult;

            switch (loginResult.Result)
            {
            case AbpLoginResultType.Success:
                IdentityUser user = loginResult.User;
                context.Result = new GrantValidationResult(
                    subject: context.UserName,
                    authenticationMethod: "custom",
                    claims: new Claim[]
                {
                    new Claim("Id", user.Id.ToString()),
                    new Claim("UserName", user.UserName),
                    new Claim("EmailAddress", user.EmailAddress),
                    new Claim("Name", user.Name),
                }
                    );
                break;

            case AbpLoginResultType.InvalidUserNameOrEmailAddress:
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "不存在的用户名");
                break;

            case AbpLoginResultType.InvalidPassword:
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "密码错误");
                break;

            default:
                //验证失败
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "身份验证失败");
                break;
            }
        }