private async Task SetAdminPassword(string adminPassword) { var admin = await UserManager.FindByIdAsync("1"); await UserManager.InitializeOptionsAsync(AbpSession.TenantId); var loginResult = await _logInManager.LoginAsync(User.AdminUserName, "123qwe"); var signInResult = await _signInManager.SignInOrTwoFactorAsync(loginResult, false); if (signInResult.Succeeded) { CheckErrors(await UserManager.ChangePasswordAsync(admin, adminPassword)); admin.ShouldChangePasswordOnNextLogin = false; CheckErrors(await UserManager.UpdateAsync(admin)); } }
private async void Button_Click(object sender, RoutedEventArgs e) { await new SynchronizationContextRemove(); var loginResult = await _logInManager.LoginAsync(UserName, txt_password.Password); switch (loginResult.Result) { case AbpLoginResultType.Success: Thread.CurrentPrincipal = new ClaimsPrincipal(loginResult.Identity); mainWindowViewModel.User = (await _userManager.GetUserByIdAsync(AbpSession.UserId.Value)); SynchronizationContext.Post((o) => DialogResult = true, null); break; default: throw CreateExceptionForFailedLoginAttempt(loginResult.Result, UserName, ""); } }
public async Task <IActionResult> Bind(WechatBindInput input) { var openId = HttpContext.Session.GetString("WechatOpenId"); if (string.IsNullOrEmpty(openId)) { return(Content("请从微信中访问")); } if (UseCaptchaOnRegistration()) { RecaptchaValidator.Validate(input.Captcha); } var tenancyName = GetTenancyNameOrNull(); var loginResult = await LogInManager.LoginAsync(input.UserNameOrEmail, input.Password, tenancyName); if (loginResult.Result != AbpLoginResultType.Success) { var exception = AbpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, input.UserNameOrEmail, tenancyName); ViewData["Error"] = exception.Message; return(View(input)); } // 绑定 await _wechatService.BindAsync(new WechtLoginInput { UserId = loginResult.User.Id, TenantId = loginResult.Tenant.Id, ProviderKey = openId }); await _signInManager.SignInAsync(loginResult.User, true); if (AbpUrlHelper.IsLocalUrl(Request, input.ReturnUrl)) { return(Redirect(input.ReturnUrl)); } return(Redirect("/")); }
private async Task <AbpLoginResult <Tenant, User> > GetLoginResultAsync(string usernameOrEmailAddress, string password, string tenancyName) { var loginResult = await _logInManager.LoginAsync(usernameOrEmailAddress, password, tenancyName); if (SettingManager.GetSettingValueForApplication <bool>(AppSettingNames.UserManagement.IsPhoneNumberConfirmationRequiredForLogin) && !loginResult.User.IsPhoneNumberConfirmed) { throw new UserFriendlyException("登录失败", "没有验证手机号!"); } switch (loginResult.Result) { case AbpLoginResultType.Success: return(loginResult); default: throw CreateExceptionForFailedLoginAttempt(loginResult.Result, usernameOrEmailAddress, tenancyName); } }
public async Task LinkToUser(LinkToUserInput input) { var loginResult = await _logInManager.LoginAsync(input.UsernameOrEmailAddress, input.Password, input.TenancyName); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, input.UsernameOrEmailAddress, input.TenancyName); } if (AbpSession.IsUser(loginResult.User)) { throw new UserFriendlyException(L("YouCannotLinkToSameAccount")); } if (loginResult.User.ShouldChangePasswordOnNextLogin) { throw new UserFriendlyException(L("ChangePasswordBeforeLinkToAnAccount")); } await _userLinkManager.Link(GetCurrentUser(), loginResult.User); }
public async Task <bool> ResetPassword(ResetPasswordDto input) { if (_abpSession.UserId == null) { throw new UserFriendlyException("Please log in before attempting to reset password."); } var currentUser = await _userManager.GetUserByIdAsync(_abpSession.GetUserId()); var loginAsync = await _logInManager.LoginAsync(currentUser.UserName, input.AdminPassword, shouldLockout : false); if (loginAsync.Result != AbpLoginResultType.Success) { throw new UserFriendlyException( "Your 'Admin Password' did not match the one on record. Please try again."); } if (currentUser.IsDeleted || !currentUser.IsActive) { return(false); } var roles = await _userManager.GetRolesAsync(currentUser); if (!roles.Contains(StaticRoleNames.Tenants.Admin)) { throw new UserFriendlyException("Only administrators may reset passwords."); } var user = await _userManager.GetUserByIdAsync(input.UserId); if (user != null) { user.Password = _passwordHasher.HashPassword(user, input.NewPassword); await CurrentUnitOfWork.SaveChangesAsync(); } return(true); }
private async Task <LoginResult> GetLoginResultAsync(string usernameOrEmailAddress, string password) { var loginResult = await _logInManager.LoginAsync(usernameOrEmailAddress, password); switch (loginResult.Result) { case LoginResultType.Success: return(loginResult); case LoginResultType.InvalidUserNameOrEmailAddress: throw new UserFriendlyException("登录失败", "无效的登录用户名"); case LoginResultType.InvalidPassword: throw new UserFriendlyException("登录失败", "无效的登录密码"); case LoginResultType.LockedOut: throw new UserFriendlyException("登录失败", string.Format("用户 {0} 未激活,不能登录", loginResult.User.UserAccout)); default: throw new UserFriendlyException("登录失败", "用户名或密码无效"); } }
public async Task <JsonResult> Login(LoginViewModel loginModel, string returnUrl = "") { CheckModelState(); var loginResult = await _logInManager.LoginAsync(loginModel.UsernameOrEmailAddress, loginModel.Password); switch (loginResult.Result) { case AbpLoginResultType.Success: break; case AbpLoginResultType.InvalidUserNameOrEmailAddress: case AbpLoginResultType.InvalidPassword: throw new UserFriendlyException("Invalid user name or password!"); case AbpLoginResultType.UserIsNotActive: throw new UserFriendlyException("User is not active: " + loginModel.UsernameOrEmailAddress); case AbpLoginResultType.UserEmailIsNotConfirmed: throw new UserFriendlyException("Your email address is not confirmed!"); default: //Can not fall to default for now. But other result types can be added in the future and we may forget to handle it throw new UserFriendlyException("Unknown problem with login: " + loginResult.Result); } AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie); AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = loginModel.RememberMe }, loginResult.Identity); if (string.IsNullOrWhiteSpace(returnUrl)) { returnUrl = Request.ApplicationPath; } return(Json(new AjaxResponse { TargetUrl = returnUrl })); }
public async Task SetPassword(SetPasswordDto input) { // Kiểm tra password admin var adminUser = await _userRepository.FirstOrDefaultAsync((long)AbpSession.UserId); var loginAsync = await _logInManager.LoginAsync(adminUser.UserName, input.AdminPassword, shouldLockout : false); if (loginAsync.Result != AbpLoginResultType.Success) { throw new UserFriendlyException(L("WrongAdminPassword")); } var currentUser = await _userRepository.FirstOrDefaultAsync(input.UserId); if (currentUser != null) { currentUser.Password = _passwordHasher.HashPassword(currentUser, input.Password); } else { throw new UserFriendlyException(L("AccountIsNotFound")); } }
public async Task <bool> ChangePassword(ChangePasswordDto input) { if (_abpSession.UserId == null) { throw new UserFriendlyException("Please log in before attemping to change password."); } long userId = _abpSession.UserId.Value; var user = await _userManager.GetUserByIdAsync(userId); var loginAsync = await _logInManager.LoginAsync(user.UserName, input.CurrentPassword, shouldLockout : false); if (loginAsync.Result != AbpLoginResultType.Success) { throw new UserFriendlyException("Your 'Existing Password' did not match the one on record. Please try again or contact an administrator for assistance in resetting your password."); } if (!new Regex(AccountAppService.PasswordRegex).IsMatch(input.NewPassword)) { throw new UserFriendlyException("Passwords must be at least 8 characters, contain a lowercase, uppercase, and number."); } user.Password = _passwordHasher.HashPassword(user, input.NewPassword); CurrentUnitOfWork.SaveChanges(); return(true); }
//public async Task<bool> ChangePassword(ChangePasswordDto input) //{ // if (_abpSession.UserId == null) // { // throw new UserFriendlyException(L("LoginRequired")); // } // long userId = _abpSession.UserId.Value; // var user = await _userManager.GetUserByIdAsync(userId); // var loginAsync = await _logInManager.LoginAsync(user.UserName, input.CurrentPassword, shouldLockout: false); // if (loginAsync.Result != AbpLoginResultType.Success) // { // throw new UserFriendlyException(L("WrongCurrentPassword")); // } // // Yêu cầu complex password // //if (!new Regex(AccountAppService.PasswordRegex).IsMatch(input.NewPassword)) // //{ // // throw new UserFriendlyException("Passwords must be at least 8 characters, contain a lowercase, uppercase, and number."); // //} // user.Password = _passwordHasher.HashPassword(user, input.NewPassword); // CurrentUnitOfWork.SaveChanges(); // return true; //} public async Task <bool> ResetPassword(ResetPasswordDto input) { if (_abpSession.UserId == null) { throw new UserFriendlyException(L("LoginRequired")); } long currentUserId = _abpSession.UserId.Value; var currentUser = await _userManager.GetUserByIdAsync(currentUserId); var loginAsync = await _logInManager.LoginAsync(currentUser.UserName, input.AdminPassword, shouldLockout : false); if (loginAsync.Result != AbpLoginResultType.Success) { throw new UserFriendlyException(L("WrongAdminPassword")); } if (currentUser.IsDeleted || !currentUser.IsActive) { return(false); } var roles = await _userManager.GetRolesAsync(currentUser); if (!roles.Contains(StaticRoleNames.Tenants.Admin)) { throw new UserFriendlyException(L("RoleAdminRequired")); } var user = await _userManager.GetUserByIdAsync(input.UserId); if (user != null) { user.Password = _passwordHasher.HashPassword(user, input.NewPassword); CurrentUnitOfWork.SaveChanges(); } return(true); }
public async Task <UserDto> ChangePwd(string oldPwd, string newPwd) { // 获取当前用户 var user = await UserManager.FindByIdAsync(AbpSession.UserId.ToString()); var loginResult = await _logInManager.LoginAsync(user.UserName, oldPwd, GetTenancyNameOrNull()); // 校验旧密码是否正确 if (loginResult.Identity == null) { throw new MesException("旧密码输入错误"); } var res = await UserManager.ChangePasswordAsyncNoValid(user, newPwd); if (res.Succeeded) { return(Mapper.Map <User, UserDto>(loginResult.User)); } else { throw new MesException(res.Errors); } }
public async Task <bool> ChangePassword(ChangePasswordDto input) { if (_abpSession.UserId == null) { throw new UserFriendlyException("Please log in before attemping to change password."); } long userId = _abpSession.UserId.Value; var user = await _userManager.GetUserByIdAsync(userId); string tenancyName = null; int? tenantId = AbpSession.TenantId; if (tenantId.HasValue) { Tenant tenant = await _tenantManager.GetByIdAsync(tenantId.Value); tenancyName = tenant.TenancyName; } var loginAsync = await _logInManager.LoginAsync(user.UserName, input.CurrentPassword, tenancyName : tenancyName, shouldLockout : false); if (loginAsync.Result != AbpLoginResultType.Success) { throw new UserFriendlyException(L("ExistingPasswordWrong")); } //if (!new Regex(AccountAppService.PasswordRegex).IsMatch(input.NewPassword)) //{ // throw new UserFriendlyException("Passwords must be at least 8 characters, contain a lowercase, uppercase, and number."); //} user.Password = _passwordHasher.HashPassword(user, input.NewPassword); CurrentUnitOfWork.SaveChanges(); return(true); }
public async Task <ActionResult> LoginBySingle() { string tkt = null; if (Request.HttpContext.Request.Query.ContainsKey("ticket")) { tkt = Request.HttpContext.Request.Query["ticket"][0]; } var protocal = "http://"; if (Request.IsHttps) { protocal = "https://"; } string service = protocal + Request.Host.Value;//.PathBase;//.GetLeftPart(UriPartial.Path); // 如果没有 ticket,则跳转到 认证平台 的登录页面 if (tkt == null || tkt.Length == 0) { string redir = CASHOST + "login?" + "service=" + service; //Response.Redirect(redir); return(Redirect(redir)); } ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(CheckValidationResult); // 检验 ticket 是否有效 string validateurl = CASHOST + "serviceValidate?" + "ticket=" + tkt + "&" + "service=" + service; StreamReader Reader = new StreamReader(new WebClient().OpenRead(validateurl)); string resp = Reader.ReadToEnd(); NameTable nt = new NameTable(); XmlNamespaceManager nsmgr = new XmlNamespaceManager(nt); XmlParserContext context = new XmlParserContext(null, nsmgr, null, XmlSpace.None); XmlTextReader reader = new XmlTextReader(resp, XmlNodeType.Element, context); string user = null; // "201509103";// // 在 xml 中找 cas:user 标签,如果没有找到,表示出错了。 while (reader.Read()) { if (reader.IsStartElement()) { string tag = reader.LocalName; if (tag == "user") { user = reader.ReadString(); } } } reader.Close(); // 如果没有找到 cas:user,输出错误提示。否则返回登录页面 if (user == null) { //Label1.Text = "从 认证平台 返回本程序, 但校验表示失败."; } else { //Session["user"] = user; var provider = ""; var findUserByGMGH = await _userRepository.FirstOrDefaultAsync(p => p.GMGH == user); if (findUserByGMGH == null) {//需要註冊綁定 //return RedirectToAction("Login"); } //_userLoginRepository.Insert(new UserLogin() { LoginProvider = provider, ProviderKey = user, UserId = findUserByGMGH.Id }); UserLoginInfo info = new UserLoginInfo(provider, user, provider + "@" + user); var loginResult = await _logInManager.LoginAsync(info); await _signInManager.SignInAsync(loginResult.Identity, false);//记录登录状态,使其不会自动跳入登陆页面 await UnitOfWorkManager.Current.SaveChangesAsync(); switch (loginResult.Result) { case AbpLoginResultType.Success: return(RedirectToAction("Index", "Home")); //进入首页 default: return(RedirectToAction("Login")); //_abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, usernameOrEmailAddress, tenancyName); } //FormsAuthentication.RedirectFromLoginPage(user, false); //在宁波卫职院图书馆、一卡通集成中,发现必须将这行代码去掉才能获取到user,运用此demo人员请注意。by aiyu52s 2014年1月14日 14:07:28 } return(null); }
private async Task <AbpLoginResult <Tenant, User> > GetLoginResultAsync(string usernameOrEmailAddress, string password, string tenancyName) { var loginResult = await _logInManager.LoginAsync(usernameOrEmailAddress, password, tenancyName); return(loginResult); }
public async Task <ExternalAuthenticateResultModel> WeChartMiniProgramLoginAsync() { //从第三方登录拿到当前用户(包含openId、sessionKey) var t = await base.HttpContext.AuthenticateAsync(MiniProgramConsts.AuthenticationScheme);//间接使用第三方身份验证方案获取信息 //拿到openId var openid = t.Principal.Claims.Single(c => c.Type == ClaimTypes.NameIdentifier).Value; var tenancyName = GetTenancyNameOrNull(); //尝试做第三发登录(内部通过openid找到本地账号做登录), var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(MiniProgramConsts.AuthenticationScheme, openid, MiniProgramConsts.AuthenticationSchemeDisplayName), tenancyName); //根据登录结果,若成功则直接返回jwtToken 或者自动注册后返回 switch (loginResult.Result) { case AbpLoginResultType.Success: { //更新微信用户信息 foreach (var item in t.Principal.Claims) { await userManager.ReplaceClaimAsync(loginResult.User, new Claim(item.Type, ""), item); } //返回jwtToken var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncryptedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } case AbpLoginResultType.UnknownExternalLogin: { //若未找到关联的本地账号则自动注册,再返回jwtToken var newUser = await RegisterExternalUserAsync(new ExternalAuthUserInfo { Provider = MiniProgramConsts.AuthenticationScheme, ProviderKey = openid, Name = t.Principal.Claims.SingleOrDefault(c => c.Type == "nickName")?.Value, EmailAddress = Guid.NewGuid().ToString("N") + "@mp.com", Surname = "a" }); if (!newUser.IsActive) { return(new ExternalAuthenticateResultModel { WaitingForActivation = true }); } // Try to login again with newly registered user! loginResult = await _logInManager.LoginAsync(new UserLoginInfo(MiniProgramConsts.AuthenticationScheme, openid, MiniProgramConsts.AuthenticationSchemeDisplayName), tenancyName); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, openid, tenancyName ); } //保存微信用户信息(排出openid,因为它存储在userlogins里) await userManager.AddClaimsAsync(loginResult.User, t.Principal.Claims.Where(c => c.Type != ClaimTypes.NameIdentifier)); return(new ExternalAuthenticateResultModel { AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, openid, tenancyName ); } } }
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model) { var externalUser = await GetExternalUserInfo(model); var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); var returnUrl = model.ReturnUrl; if (model.SingleSignIn.HasValue && model.SingleSignIn.Value && loginResult.Result == AbpLoginResultType.Success) { loginResult.User.SetSignInToken(); returnUrl = AddSingleSignInParametersToReturnUrl(model.ReturnUrl, loginResult.User.SignInToken, loginResult.User.Id, loginResult.User.TenantId); } return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, ReturnUrl = returnUrl }); } case AbpLoginResultType.UnknownExternalLogin: { var newUser = await RegisterExternalUserAsync(externalUser); if (!newUser.IsActive) { return(new ExternalAuthenticateResultModel { WaitingForActivation = true }); } //Try to login again with newly registered user! loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } } }
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model) { var externalUser = await GetExternalUserInfo(model); var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); //登陆成功时更新sessionkey if (externalUser is WechatAuthUserInfo) { var userInfo = externalUser as WechatAuthUserInfo; EventBus.Trigger(new WechatLoginSuccessEventData { SessionKey = userInfo.SessionKey, UserId = loginResult.User.Id }); } return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } case AbpLoginResultType.UnknownExternalLogin: { var newUser = await RegisterExternalUserAsync(externalUser); if (!newUser.IsActive) { return(new ExternalAuthenticateResultModel { WaitingForActivation = true }); } // Try to login again with newly registered user! loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, externalUser.ProviderKey, GetTenancyNameOrNull() ); } return(new ExternalAuthenticateResultModel { AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, externalUser.ProviderKey, GetTenancyNameOrNull() ); } } }
public async Task <ExternalAuthenticateResultModel> WeChatAuthenticate([FromBody] ExternalAuthenticateModel model) { var externalUser = await GetExternalUserInfo(model); //Logger.Info($"用户模型:{Newtonsoft.Json.JsonConvert.SerializeObject(externalUser)}"); //Logger.Debug(Newtonsoft.Json.JsonConvert.SerializeObject(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider) ) + GetTenancyNameOrNull()); var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); //Logger.Debug(loginResult.Result.ToString()); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncryptedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } case AbpLoginResultType.UnknownExternalLogin: { var newUser = await RegisterExternalUserAsync(externalUser); if (!newUser.IsActive) { return(new ExternalAuthenticateResultModel { WaitingForActivation = true }); } loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncryptedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } } }
public async Task <IActionResult> Login(LoginInputModel model, string button) { if (button != "login") { // the user clicked the "cancel" button var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (context != null) { // if the user cancels, send a result back into IdentityServer as if they // denied the consent (even if this client does not require consent). // this will send back an access denied OIDC error response to the client. await _interaction.GrantConsentAsync(context, ConsentResponse.Denied); // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null return(Redirect(model.ReturnUrl)); } else { // since we don't have a valid context, then we just go back to the home page return(Redirect("~/")); } } if (ModelState.IsValid) { var result = await logInManager.LoginAsync(model.Username, model.Password, "1"); if (result.Result == AbpLoginResultType.Success) { var user = result.User; await _events.RaiseAsync(new UserLoginSuccessEvent(user.Name, user.Id.ToString(), result.Tenant.Name)); // only set explicit expiration here if user chooses "remember me". // otherwise we rely upon expiration configured in cookie middleware. AuthenticationProperties props = null; if (AccountOptions.AllowRememberLogin && model.RememberLogin) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration) }; } ; await signInManager.SignInAsync(user, props); await UnitOfWorkManager.Current.SaveChangesAsync(); // make sure the returnUrl is still valid, and if so redirect back to authorize endpoint or a local page // the IsLocalUrl check is only necessary if you want to support additional local pages, otherwise IsValidReturnUrl is more strict if (_interaction.IsValidReturnUrl(model.ReturnUrl) || Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } return(Redirect("~/")); } await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, result.Result.ToString())); ModelState.AddModelError("", AccountOptions.InvalidCredentialsErrorMessage); } // something went wrong, show form with error var vm = await BuildLoginViewModelAsync(model); return(View(vm)); }
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model) { Logger.Debug($"ExternalAuthenticate:{model.ToJsonString()}"); if (model.AuthProvider == "WechatH5") { var decryptText = SimpleStringCipher.Instance.Decrypt(model.ProviderAccessCode, AppConsts.DefaultPassPhrase); var arr = decryptText.Split('|'); var expiredCode = DateTime.Now.AddMinutes(-1); if (arr.Length > 1) { DateTime.TryParse(arr[1], out expiredCode); } if (expiredCode < DateTime.Now) { throw new AbpProjectNameBusinessException(ErrorCode.Forbidden); } model.ProviderAccessCode = arr[0]; } var externalUser = await GetExternalUserInfo(model); var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); //登陆成功时更新sessionkey if (externalUser is WechatMiniAuthUserInfo) { var userInfo = externalUser as WechatMiniAuthUserInfo; EventBus.Trigger(new WechatLoginSuccessEventData { SessionKey = userInfo.SessionKey, UserId = loginResult.User.Id }); } return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } case AbpLoginResultType.UnknownExternalLogin: { var newUser = await RegisterExternalUserAsync(externalUser); if (!newUser.IsActive) { return(new ExternalAuthenticateResultModel { WaitingForActivation = true }); } // Try to login again with newly registered user! loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, externalUser.ProviderKey, GetTenancyNameOrNull() ); } return(new ExternalAuthenticateResultModel { AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, externalUser.ProviderKey, GetTenancyNameOrNull() ); } } }
public static async void LoginUser(string username, string password) { await _logInManager.LoginAsync(username, password); }
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model) { var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Identity != null) { await _signInManager.SignInAsync(loginResult.Identity, true); } await UnitOfWorkManager.Current.SaveChangesAsync(); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } case AbpLoginResultType.UnknownExternalLogin: { var externalUser = new ExternalAuthUserInfo() { EmailAddress = model.EmailAddress, Name = model.Name, Provider = model.AuthProvider, ProviderKey = model.ProviderKey, Surname = model.Surname }; var newUser = await RegisterExternalUserAsync(externalUser); if (!newUser.IsActive) { return(new ExternalAuthenticateResultModel { WaitingForActivation = true }); } // Try to login again with newly registered user! loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } return(new ExternalAuthenticateResultModel { AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } } }
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model) { var externalUser = await GetExternalUserInfo(model); // 判断是否有这个Key var tenancyName = GetTenancyNameOrNull(); var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), tenancyName); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User)); return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, UserId = loginResult.User.Id }); } case AbpLoginResultType.UnknownExternalLogin: case AbpLoginResultType.UserIsNotActive: if (loginResult.User == null) { // 该第三方key未绑定用户表信息 return(new ExternalAuthenticateResultModel { ProviderKey = model.ProviderKey, WaitingForActivation = false, UserId = 0 }); } else { // 找到该用户,但是处于锁定状态 return(new ExternalAuthenticateResultModel { ProviderKey = model.ProviderKey, WaitingForActivation = true, UserId = (await _userManager.GetUserByEmail(externalUser.EmailAddress)).Id }); } default: throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } #region 旧版本 //switch (loginResult.Result) //{ // case AbpLoginResultType.Success: // { // string accessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User)); // return new ExternalAuthenticateResultModel // { // AccessToken = accessToken, // EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), // ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, // UserId = loginResult.User.Id // }; // } // case AbpLoginResultType.UnknownExternalLogin: // { // //注册新用户到数据库中 // User newUser = await RegisterExternalUserAsync(externalUser); // if (!newUser.IsActive) // { // return new ExternalAuthenticateResultModel // { // WaitingForActivation = true, // UserId = newUser.Id, // ProviderKey = externalUser.ProviderKey, // }; // } // // Try to login again with newly registered user! // loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); // if (loginResult.Result != AbpLoginResultType.Success) // { // throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( // loginResult.Result, // model.ProviderKey, // GetTenancyNameOrNull() // ); // } // return new ExternalAuthenticateResultModel // { // AccessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User)), // ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds // }; // } // case AbpLoginResultType.UserIsNotActive: // { // // 需要进行账号绑定激活 // return new ExternalAuthenticateResultModel // { // WaitingForActivation = true, // UserId = (await _userManager.GetUserByEmail(externalUser.EmailAddress)).Id // }; // } // default: // { // throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( // loginResult.Result, // model.ProviderKey, // GetTenancyNameOrNull() // ); // } // } #endregion }
/// <summary> /// cs于2017.11.22上午进行了修改 /// 验证登录信息,返回对应登录结果数据 /// </summary> /// <param name="usernameOrEmailAddress"></param> /// <param name="password"></param> /// <param name="tenancyName"></param> /// <returns></returns> private async Task <AbpLoginResult <Tenant, User> > GetLoginResultAsync(string usernameOrEmailAddress, string password, string tenancyName) { var loginResult = await _logInManager.LoginAsync(usernameOrEmailAddress, password, tenancyName); var pwdRule = OperateSection.GetPwdRuleSection(); switch (loginResult.Result) { case AbpLoginResultType.Success: if (pwdRule.IsTrialError) //若启用了试错,则重置错误信息 { if (!string.IsNullOrEmpty(pwdRule.TrialErrorCount) && loginResult.User.LoginFailCount > Convert.ToInt32(pwdRule.TrialErrorCount.Trim())) { throw new Exception("登录失败:当前用户(" + usernameOrEmailAddress + ")已被锁定!"); } else { //var user = loginResult.User; //user.LoginFailCount = 0; //user.LockedReason = ""; //user.IsActive = true; //_userManager.Update(user); DbHelper.Execute("UPDATE ABP_USERS SET LOGIN_FAIL_COUNT=0,LOCKED_REASON='',IS_ACTIVE=1 WHERE ID=" + loginResult.User.Id); } } return(loginResult); case AbpLoginResultType.InvalidPassword: //当密码错误时 //先验证是否启用了试错 if (pwdRule.IsTrialError) //启用了试错 { if (!string.IsNullOrEmpty(pwdRule.TrialErrorCount) && loginResult.User.LoginFailCount > Convert.ToInt32(pwdRule.TrialErrorCount.Trim())) { throw new Exception("登录失败:当前用户(" + usernameOrEmailAddress + ")已被锁定!"); } else if (!string.IsNullOrEmpty(pwdRule.TrialErrorCount) && loginResult.User.LoginFailCount <= Convert.ToInt32(pwdRule.TrialErrorCount.Trim())) { string exceptionMsg = ""; //去累加失败次数,锁定用户 var user = loginResult.User; user.LoginFailCount = user.LoginFailCount + 1; //当累计错误大于试错数时 if (user.LoginFailCount > Convert.ToInt32(pwdRule.TrialErrorCount.Trim())) { exceptionMsg = "当前用户(" + usernameOrEmailAddress + ")密码已累计输错【" + pwdRule.TrialErrorCount + "】次,帐号已被锁定!"; user.IsActive = false; //锁定用户 } else { exceptionMsg = "当前用户(" + usernameOrEmailAddress + ")密码已累计输错【" + user.LoginFailCount + "】次,累计输错【" + pwdRule.TrialErrorCount + "】次将被锁定!"; } user.LockedReason = exceptionMsg; //_userManager.Update(user); //CurrentUnitOfWork.SaveChanges(); DbHelper.Execute(string.Format(@"UPDATE ABP_USERS SET LOGIN_FAIL_COUNT={0},LOCKED_REASON='{1}',IS_ACTIVE=1 WHERE ID={2}", user.LoginFailCount, exceptionMsg, user.Id)); throw new Exception("登录失败:" + exceptionMsg); } else { throw new Exception("登录失败:用户或密码错误(系统未配置试错次数)"); } } else { throw CreateExceptionForFailedLoginAttempt(loginResult.Result, usernameOrEmailAddress, tenancyName); } default: throw CreateExceptionForFailedLoginAttempt(loginResult.Result, usernameOrEmailAddress, tenancyName); } }
public async Task <bool> ExcuteAsync(WeChatMiniProgramLoginContext ct) { this.httpContext = ct.HttpContext; this.httpResponse = httpContext.Response; if (AbpSession.TenantId.HasValue) { this.tenancyName = _tenantCache.GetOrNull(AbpSession.TenantId.Value)?.TenancyName; } //尝试做第三发登录(内部通过openid找到本地账号做登录), var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(MiniProgramConsts.AuthenticationScheme, ct.WeChatUser.openid, MiniProgramConsts.AuthenticationSchemeDisplayName), tenancyName); //根据登录结果,若成功则直接返回jwtToken 或者自动注册后返回 switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); //User是聚合跟,因此查它的Claims性能差点,方式没毛病;即使这里不获取所有Claim,UserManager.ReplaceClaimAsync内部也会尝试查询全部,若我们查了,它就不会查了 var claims = await userManager.GetClaimsAsync(loginResult.User); //ReplaceClaimAsync abp 5.4版本有bug, //var sessionKeyClaim = claims.Single(c => c.Type == "session_key"); // var claimRT = await userManager.ReplaceClaimAsync(loginResult.User, sessionKeyClaim, new Claim("session_key", ct.WeChatUser.session_key)); await userManager.RemoveClaimsAsync(loginResult.User, claims.Where(c => c.Type == "session_key")); await userManager.AddClaimAsync(loginResult.User, new Claim("session_key", ct.WeChatUser.session_key)); #region 处理前端传递来的除code以外的其它数据 //var tttt = ct.WeChatUser.Input.EnumerateArray();//json格式的数组对象才能这样 //这样的方式才可以正常遍历前端传来的除code以外的其它数据 //foreach (var property in ct.WeChatUser.Input.EnumerateObject()) //{ // property.Name.Value.. //} //或者用下面的方式按需更新 //if (ct.WeChatUser.Input.TryGetProperty("nickName", out var k)) //{ // var claim = claims.Single(c => c.Type == "nickName"); // await userManager.ReplaceClaimAsync(loginResult.User, claim, new Claim("", "")); //} #endregion //await UnitOfWorkManager.Current.SaveChangesAsync();//必须加 await WriteJsonAsync(new { AccessToken = accessToken, EncryptedAccessToken = GetEncryptedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); return(true); } case AbpLoginResultType.UnknownExternalLogin: { //若未找到关联的本地账号则自动注册,再返回jwtToken var newUser = await RegisterExternalUserAsync(new ExternalAuthUserInfo { Provider = MiniProgramConsts.AuthenticationScheme, ProviderKey = ct.WeChatUser.openid, Name = Guid.NewGuid().ToString("N"), EmailAddress = Guid.NewGuid().ToString("N") + "@mp.com", Surname = "a" }); //if (!newUser.IsActive) //{ // return new ExternalAuthenticateResultModel // { // WaitingForActivation = true // }; //} // Try to login again with newly registered user! loginResult = await _logInManager.LoginAsync(new UserLoginInfo(MiniProgramConsts.AuthenticationScheme, ct.WeChatUser.openid, MiniProgramConsts.AuthenticationSchemeDisplayName), tenancyName); if (loginResult.Result != AbpLoginResultType.Success) { //throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( // loginResult.Result, // openid, // tenancyName //); await WriteJsonAsync(new { msg = "注册失败" }); } //保存微信用户信息(排出openid,因为它存储在userlogins里) // await userManager.AddClaimsAsync(loginResult.User, t.Principal.Claims.Where(c => c.Type != ClaimTypes.NameIdentifier)); else { await userManager.AddClaimAsync(loginResult.User, new Claim("session_key", ct.WeChatUser.session_key)); await WriteJsonAsync(new { AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } return(true); } default: { await WriteJsonAsync(new { msg = "登录失败!" }); //throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( // loginResult.Result, // openid, // tenancyName //); } return(true); } }