1. 首頁
  2. 問答
  3. 我如何驗證用戶?

我如何驗證用戶?

2015-09-01 71 views
0

我會保持簡單。當用戶使用雙因素身份驗證時,我有超時存儲我的數據庫。如果用戶被記住,但日期已超過超時日期,我想驗證用戶。現在我已經使用發送/驗證代碼完成了類似的事情,但我想知道是否有方法來驗證用戶,而無需使用AuthenticationManager跳過任何環節。我如何驗證用戶?

public async Task<ActionResult> Login(LoginViewModel model, string returnUrl) 
{  
    if (!ModelState.IsValid) 
    { 
     return View(model); 
    }  
    // This counts login failures towards account lockout 
    // To enable password failures to trigger account lockout, change to shouldLockout: false 
    var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: true); 

    switch (result) 
    { 
     case SignInStatus.Success: 
      return RedirectToAction("SuccessfulSignIn"); 
     case SignInStatus.LockedOut: 
      return View("Lockout"); 
     case SignInStatus.RequiresVerification:  
      var user = await UserManager.FindByNameAsync(model.Email);  
      bool Active = ActiveCheck(user);  
      bool RememberMeTimeOut = RememberMeTimeOutCheck(user);  
      if (!Active) 
      {  
       string code = await UserManager.GeneratePasswordResetTokenAsync(user.Id); 
       ViewBag.Expired = "Password Expired"; 

       return RedirectToAction("ResetPassword", "Account", new { userId = user.Id, code = code }); 
      } 
      else if (Active && !RememberMeTimeOut) 
      {  
       return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }); 
      } 
      else 
      { 
       //Quickly sign the user in 
       return RedirectToAction("SuccessfulSignIn"); 
      }  
     case SignInStatus.Failure: 
      default: 
      ModelState.AddModelError("", "Invalid login attempt"); 
      return View(model); 
    } 
}

來源

2015-09-01 Andrew Kilburn

回答

0

如果別人正在看這個,我得出的結論是,你不能簡單地'跳過'登錄過程。爲了解決這個問題,我創建了一個代碼(雙因素認證),而不是將它發送給用戶。然後驗證代碼。這似乎是對用戶進行身份驗證的最快(並且在我看來,很髒)的方式。

public async Task<ActionResult> TwoFSignIn(string Email) { 
      var user = await UserManager.FindByNameAsync(Email); 
      string code = await UserManager.GenerateTwoFactorTokenAsync(user.Id, "Email Code"); 
      await SignInManager.TwoFactorSignInAsync("Email Code", code, isPersistent: false, rememberBrowser: false); 
      return RedirectToAction("SuccessfulSignIn"); 
     }

來源

2015-09-01 14:55:35

相關問題

 相關問題