所以我使用ASP身份。我通过添加isEnabled来自定义配置文件,以便我知道用户是否处于活动状态。这工作正常,数据库更新没有问题。
所以经过研究,我发现我需要覆盖"公共异步覆盖任务PasswordSignInAsync"我可以检查isEnabled属性。这也很好,因为它将我需要的正确SigninStatus传递给登录页面。
IdentifyConfig.cs文件:
public async override Task<SignInStatus> PasswordSignInAsync(string userName, string password, bool rememberMe, bool shouldLockout)
{
var user = UserManager.FindByEmailAsync(userName).Result;
if (user.IsEnabled != false)
{
return await Task.FromResult<SignInStatus>(SignInStatus.Success);
}
return await Task.FromResult<SignInStatus>(SignInStatus.LockedOut);
}
登录页面:
protected void LogIn(object sender, EventArgs e)
{
if (IsValid)
{
// Validate the user password
var manager = Context.GetOwinContext().GetUserManager<ApplicationUserManager>();
var signinManager = Context.GetOwinContext().GetUserManager<ApplicationSignInManager>();
// This doen't count login failures towards account lockout
// To enable password failures to trigger lockout, change to shouldLockout: true
//var result = signinManager.PasswordSignIn(Email.Text, Password.Text, RememberMe.Checked, shouldLockout: false);
var result = signinManager.PasswordSignInAsync(Email.Text, Password.Text, RememberMe.Checked, shouldLockout: false);
switch (result.Result)
{
case SignInStatus.Success:
//IdentityHelper.RedirectToReturnUrl(Request.QueryString["ReturnUrl"], Response);
Response.Redirect("/Account/Dashboard");
break;
case SignInStatus.LockedOut:
Response.Redirect("/Account/Lockout");
break;
case SignInStatus.RequiresVerification:
Response.Redirect(String.Format("/Account/TwoFactorAuthenticationSignIn?ReturnUrl={0}&RememberMe={1}",
Request.QueryString["ReturnUrl"],
RememberMe.Checked),
true);
break;
case SignInStatus.Failure:
default:
//FailureText.Text = "Invalid login attempt";
//ErrorMessage.Visible = true;
break;
}
}
}
开关盒进入正确的情况,但这是问题所在。当它进入SignInStatus.Success的情况时:它只是停留在循环中并继续呈现登录屏幕,就像用户未经过身份验证一样。现在,我确定我在Override for
上遗漏了一些东西public async override Task PasswordSignInAsync(string userName, string password, bool rememberMe, bool shouldLockout)
功能,但我想如果Success回来了用户的授权。
如果我取消注释
//var result = signinManager.PasswordSignIn(Email.Text, Password.Text, RememberMe.Checked, shouldLockout: false);
功能它工作正常,但我无法检查IsEnabled值。请在此问题上获得任何建议。
答案 0 :(得分:0)
我相信我们有一些问题会让你感到复杂,这个过程有点难以剖析
我将假设您使用的是非ASP.NET核心版本的东西。因此,这个修改版本应该有所帮助。我无法100%验证。
public async override Task<SignInStatus> PasswordSignInAsync(string userName, string password, bool rememberMe, bool shouldLockout)
{
var user = await UserManager.FindByEmailAsync(userName);
//User not found
if (user == null)
return SignInStatus.Failure;
//User not enabled
if (user.IsEnabled != false)
return SignInStatus.Failure;
//Now, validate that the password was correct
var isValidPassword = await UserManager.CheckPasswordAsync(user, password);
if (!isValidPassword)
return SignInStatus.Failure;
//Now we know they are valid and enabled, login and return
await base.SignInAsync(user, isPersistent, false);
return SignInStatus.Success;
}
以上代码应该适合您,没有问题。唯一的问题是用于传递给CheckPassword asyc的类型,我没有准备好验证的项目。但这应该会让你到那里。