public IActionResult GetValidateCode() { var vc = ValidateCodeHelper.GetValidateCode(); HttpContext.Session.SetString("validateCode", vc.ValidateNum.ToLower()); byte[] bs = vc.ImgStream; return(File(bs, @"image/Png")); }
public ActionResult Index(string path, int width, int height) { var code = ValidateCodeHelper.GetValidateCode(4); Session["vcode_" + path] = code.ToLower(); var image = ValidateCodeHelper.CreateValidateImage(code); var stream = new MemoryStream(); image.Save(stream, ImageFormat.Jpeg); image.Dispose(); stream.Position = 0; return(File(stream, "image/jpeg", "verifyCode.jpg")); }
public ActionResult Login(string name, string password, string validateCode = null) { //是否是安全IP地址 var currentIp = HttpContext.Connection.RemoteIpAddress.ToString(); bool isSafeIp = _projectSetting.Value.SafeIPAddress.Split(",").Any(c => c == currentIp); if (!isSafeIp) { if (string.IsNullOrEmpty(validateCode)) { return(ErrorJsonResult("请输入验证码")); } string code = HttpContext.Session.GetString("validateCode"); if (code != validateCode.ToLower()) { return(ErrorJsonResult("验证码错误")); } //更新验证码 HttpContext.Session.SetString("validateCode", ValidateCodeHelper.GetValidateCode().ValidateNum.ToLower()); } var sr = _accountService.Login(name, password); if (!sr.IsSucceed) { return(ErrorJsonResult(sr.Message)); } string cookieKey = _projectSetting.Value.CookieKey; //每一个登录用户生成不同的cookie string cookieValue = BitConverter.ToInt64(Guid.NewGuid().ToByteArray()).ToString(); //写入cookie HttpContext.Response.Cookies.Append(cookieKey, cookieValue, new CookieOptions { Expires = DateTime.Now.AddMinutes(_projectSetting.Value.SessionTimeOut), HttpOnly = true }); //当前登录用户 var currentSysUser = new CurrentSysUser() { UserID = sr.Data.UserID, LoginName = sr.Data.LoginName, UserName = sr.Data.UserName }; var menuList = _accountService.GetMenuList(currentSysUser.UserID).Data; currentSysUser.MenuList = menuList.Select(s => new CurrentSysUserMenu() { ID = s.MenuID, Name = s.MenuName, URL = s.URL, ParentID = s.ParentID, Icon = s.Icon, Sort = s.Sort }).ToList(); //将用户权限以cookieValue为键写入cache string userCacheKey = GetCacheKey(cookieValue); //滑动方式添加缓存 _cacheManager.Add(userCacheKey, currentSysUser, new TimeSpan(0, _projectSetting.Value.SessionTimeOut, 0), true); return(SuccessJsonResult()); }
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { IHttpContextAccessor httpContextAccessor = IocManager.Instance.Resolve <IHttpContextAccessor>(); string recvValidateCode = httpContextAccessor.HttpContext.Request.Form["VaildCode"]; ValidateCodeHelper validateCodeHelper = IocManager.Instance.Resolve <ValidateCodeHelper>(); string validateCode = validateCodeHelper.GetValidateCode(); if (!string.Equals(validateCode, recvValidateCode, StringComparison.OrdinalIgnoreCase)) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "验证码错误"); return; } AccountAppService accountAppService = IocManager.Instance.Resolve <AccountAppService>(); IAbpSession abpSession = IocManager.Instance.Resolve <IAbpSession>(); LoginInput input = new LoginInput(); input.Username = context.UserName; input.Password = context.Password; input.TenantId = abpSession.TenantId; var output = await accountAppService.Login(input); if (!output.IsSuccess()) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, output.ErrorMessage); return; } var loginResult = output.AbpLoginResult; switch (loginResult.Result) { case AbpLoginResultType.Success: IdentityUser user = loginResult.User; context.Result = new GrantValidationResult( subject: context.UserName, authenticationMethod: "custom", claims: new Claim[] { new Claim("Id", user.Id.ToString()), new Claim("UserName", user.UserName), new Claim("EmailAddress", user.EmailAddress), new Claim("Name", user.Name), } ); break; case AbpLoginResultType.InvalidUserNameOrEmailAddress: context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "不存在的用户名"); break; case AbpLoginResultType.InvalidPassword: context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "密码错误"); break; default: //验证失败 context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "身份验证失败"); break; } }