tsai
/
abp
mirror of https://github.com/abpframework/abp.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge pull request #22093 from abpframework/IsNotAllowed 

Check user password if sign in result is `IsNotAllowed`.
pull/22096/head
sumeyye 1 year ago
committed by GitHub
parent
64c96f1e2d 212749fa56
commit
5ae358498c
No known key found for this signature in database GPG Key ID: B5690EEEBB952194
2 changed files with 40 additions and 24 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 30
      modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs
  2. 34
      modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs

30
modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs
View File

@ -128,21 +128,29 @@ public class AbpResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
}
else if (result.IsNotAllowed)
{
Logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", context.UserName);
if (user.ShouldChangePasswordOnNextLogin)
if (!await UserManager.CheckPasswordAsync(user, context.Password))
{
await HandleShouldChangePasswordOnNextLoginAsync(context, user, context.Password);
return;
Logger.LogInformation("Authentication failed for username: {username}, reason: invalid credentials", context.UserName);
errorDescription = Localizer["InvalidUserNameOrPassword"];
}
if (await UserManager.ShouldPeriodicallyChangePasswordAsync(user))
else
{
await HandlePeriodicallyChangePasswordAsync(context, user, context.Password);
return;
}
Logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", context.UserName);
errorDescription = Localizer["LoginIsNotAllowed"];
if (user.ShouldChangePasswordOnNextLogin)
{
await HandleShouldChangePasswordOnNextLoginAsync(context, user, context.Password);
return;
}
if (await UserManager.ShouldPeriodicallyChangePasswordAsync(user))
{
await HandlePeriodicallyChangePasswordAsync(context, user, context.Password);
return;
}
errorDescription = Localizer["LoginIsNotAllowed"];
}
}
else
{

34
modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs
View File

@ -115,24 +115,32 @@ public partial class TokenController
}
else if (result.IsNotAllowed)
{
Logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", request.Username);
if (user.ShouldChangePasswordOnNextLogin)
if (!await UserManager.CheckPasswordAsync(user, request.Password))
{
return await HandleShouldChangePasswordOnNextLoginAsync(request, user, request.Password);
Logger.LogInformation("Authentication failed for username: {username}, reason: invalid credentials", request.Username);
errorDescription = "Invalid username or password!";
}
if (await UserManager.ShouldPeriodicallyChangePasswordAsync(user))
else
{
return await HandlePeriodicallyChangePasswordAsync(request, user, request.Password);
}
Logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", request.Username);
if (user.IsActive)
{
return await HandleConfirmUserAsync(request, user);
}
if (user.ShouldChangePasswordOnNextLogin)
{
return await HandleShouldChangePasswordOnNextLoginAsync(request, user, request.Password);
}
errorDescription = "You are not allowed to login! Your account is inactive.";
if (await UserManager.ShouldPeriodicallyChangePasswordAsync(user))
{
return await HandlePeriodicallyChangePasswordAsync(request, user, request.Password);
}
if (user.IsActive)
{
return await HandleConfirmUserAsync(request, user);
}
errorDescription = "You are not allowed to login! Your account is inactive.";
}
}
else
{

Write Preview
Loading…
Cancel
Save