public virtual async Task ValidateAsync(ValidateCredentialsContext context)
{
if (string.IsNullOrWhiteSpace(context.Username))
{
context.Fail("User not found.");
return;
}
var sp = context.HttpContext.RequestServices;
var user = await _cache.FindAsync(sp, context.Username);
if (user == null)
{
context.Fail("User not found.");
return;
}
var attempt = _cache.VerifyPassword(sp, user, context.Password);
if (attempt == PasswordVerificationResult.Failed)
{
context.Fail("Login failed, password not match.");
return;
}
context.Principal = await _cache.IssueAsync(sp, user, false);
context.Success();
}
private Task ValidateWindowsTestCredentialsAsync(ValidateCredentialsContext context)
{
var credentials = new List <AccountInfo>()
{
new AccountInfo()
{
Username = "******", Password = "******", HomeDir = "c:\\temp\\tester"
},
}.ToDictionary(x => x.Username, StringComparer.OrdinalIgnoreCase);
if (!credentials.TryGetValue(context.Username, out var accountInfo))
{
return(HandleFailedAuthenticationAsync(context));
}
if (accountInfo.Password != context.Password)
{
context.Fail("Invalid password");
return(Task.FromResult(0));
}
var groups = Enumerable.Empty <Group>();
var ticket = CreateAuthenticationTicket(accountInfo, groups);
context.Principal = ticket.Principal;
context.Properties = ticket.Properties;
context.Success();
return(Task.FromResult(0));
}
public async Task CheckUser(ValidateCredentialsContext context, CancellationToken cancellationToken)
{
var userName = context.Username;
logger.LogInformation("Authenticating the user {UserName} ...", userName);
var userId = await userAuthenticator.AuthenticateUser(userName, context.Password, cancellationToken);
if (userId != null)
{
logger.LogInformation("The user {UserName} was authenticated successfully", userName);
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userId),
new Claim(ClaimTypes.Name, userName),
};
context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, context.Scheme.Name));
context.Success();
return;
}
logger.LogWarning("Failed to authenticate user {UserName}", userName);
context.Fail("The user name or password is incorrect");
}
private static async Task ValidateAsync(ValidateCredentialsContext context)
{
var dbContext = context.HttpContext.RequestServices
.GetRequiredService <TContext>();
var normusername = context.Username.ToUpper();
var user = await _cache.GetOrCreateAsync("`" + normusername.ToLower(), async entry =>
{
var value = await dbContext.Users
.Where(u => u.NormalizedUserName == normusername)
.Select(u => new { u.Id, u.UserName, u.PasswordHash, u.SecurityStamp })
.FirstOrDefaultAsync();
entry.AbsoluteExpirationRelativeToNow = TimeSpan.FromMinutes(5);
return(value);
});
if (user == null)
{
context.Fail("User not found.");
return;
}
var passwordHasher = context.HttpContext.RequestServices
.GetRequiredService <IPasswordHasher <TUser> >();
var attempt = passwordHasher.VerifyHashedPassword(
user: default, // assert that hasher don't need TUser