tsai
/
abp
mirror of https://github.com/abpframework/abp.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge pull request #22096 from abpframework/auto-merge/rel-9-0/3460 

Merge branch rel-9.1 with rel-9.0
pull/22097/head
maliming 1 year ago
committed by GitHub
parent
102c6863be 5ae358498c
commit
4d680daf76
No known key found for this signature in database GPG Key ID: B5690EEEBB952194
2 changed files with 40 additions and 24 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 30
      modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs
  2. 34
      modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs

30
modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs
View File

@ -128,21 +128,29 @@ public class AbpResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
}
else if (result.IsNotAllowed)
{
Logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", context.UserName);
if (user.ShouldChangePasswordOnNextLogin)
if (!await UserManager.CheckPasswordAsync(user, context.Password))
{
await HandleShouldChangePasswordOnNextLoginAsync(context, user, context.Password);
return;
Logger.LogInformation("Authentication failed for username: {username}, reason: invalid credentials", context.UserName);
errorDescription = Localizer["InvalidUserNameOrPassword"];
}
if (await UserManager.ShouldPeriodicallyChangePasswordAsync(user))
else
{
await HandlePeriodicallyChangePasswordAsync(context, user, context.Password);
return;
}
Logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", context.UserName);
errorDescription = Localizer["LoginIsNotAllowed"];
if (user.ShouldChangePasswordOnNextLogin)
{
await HandleShouldChangePasswordOnNextLoginAsync(context, user, context.Password);
return;
}
if (await UserManager.ShouldPeriodicallyChangePasswordAsync(user))
{
await HandlePeriodicallyChangePasswordAsync(context, user, context.Password);
return;
}
errorDescription = Localizer["LoginIsNotAllowed"];
}
}
else
{

34
modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs
View File

@ -115,24 +115,32 @@ public partial class TokenController
}
else if (result.IsNotAllowed)
{
Logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", request.Username);
if (user.ShouldChangePasswordOnNextLogin)
if (!await UserManager.CheckPasswordAsync(user, request.Password))
{
return await HandleShouldChangePasswordOnNextLoginAsync(request, user, request.Password);
Logger.LogInformation("Authentication failed for username: {username}, reason: invalid credentials", request.Username);
errorDescription = "Invalid username or password!";
}
if (await UserManager.ShouldPeriodicallyChangePasswordAsync(user))
else
{
return await HandlePeriodicallyChangePasswordAsync(request, user, request.Password);
}
Logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", request.Username);
if (user.IsActive)
{
return await HandleConfirmUserAsync(request, user);
}
if (user.ShouldChangePasswordOnNextLogin)
{
return await HandleShouldChangePasswordOnNextLoginAsync(request, user, request.Password);
}
errorDescription = "You are not allowed to login! Your account is inactive.";
if (await UserManager.ShouldPeriodicallyChangePasswordAsync(user))
{
return await HandlePeriodicallyChangePasswordAsync(request, user, request.Password);
}
if (user.IsActive)
{
return await HandleConfirmUserAsync(request, user);
}
errorDescription = "You are not allowed to login! Your account is inactive.";
}
}
else
{

Write Preview
Loading…
Cancel
Save