erp-platform/api/src/Erp.Platform.HttpApi.Host/Identity/PlatformAccountController.cs

using System.Threading.Tasks;
using Erp.Platform.Localization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Localization;
using Microsoft.Extensions.Options;
using Volo.Abp;
using Volo.Abp.Account;
using Volo.Abp.Account.Web.Areas.Account.Controllers.Models;
using Volo.Abp.Auditing;
using Volo.Abp.DependencyInjection;
using Volo.Abp.Identity;
using Volo.Abp.Settings;
using Volo.Abp.Validation;
using AccountController = Volo.Abp.Account.Web.Areas.Account.Controllers.AccountController;
using IdentityUser = Volo.Abp.Identity.IdentityUser;
using SignInResult = Microsoft.AspNetCore.Identity.SignInResult;
using UserLoginInfo = Volo.Abp.Account.Web.Areas.Account.Controllers.Models.UserLoginInfo;

namespace Erp.Platform.Identity;

[Dependency(ReplaceServices = true)]
[ExposeServices(typeof(AccountController))]
[RemoteService(Name = AccountRemoteServiceConsts.RemoteServiceName)]
public class PlatformAccountController : AccountController
{
    #region Captcha Related Props
    public readonly ICaptchaManager captchaManager;
    private readonly IStringLocalizer<PlatformResource> LP;

    [BindProperty(Name = "g-recaptcha-response")]
    [DisableAuditing]
    public string CaptchaResponse { get; set; }
    #endregion

    public PlatformAccountController(
        SignInManager<IdentityUser> signInManager,
        IdentityUserManager userManager,
        ISettingProvider settingProvider,
        IdentitySecurityLogManager identitySecurityLogManager,
        IOptions<IdentityOptions> identityOptions,
        IdentityDynamicClaimsPrincipalContributorCache identityDynamicClaimsPrincipalContributorCache,
        ICaptchaManager captchaManager,
        IStringLocalizer<PlatformResource> LP
        ) : base(signInManager, userManager, settingProvider, identitySecurityLogManager, identityOptions, identityDynamicClaimsPrincipalContributorCache)
    {
        this.captchaManager = captchaManager;
        this.LP = LP;
    }

    public override async Task<AbpLoginResult> Login(UserLoginInfo login)
    {
        await CheckLocalLoginAsync();

        ValidateLoginInfo(login);

        var user = await ReplaceEmailAndReturnUser(login);
        if (user == null)
        {
            return new PlatformLoginResult(SignInResult.Failed, LP);
        }

        //Verify captcha if AccessFailedCount > maxAccessFailedCount
        var maxAccessFailedCount = await SettingProvider.GetAsync<int>(PlatformConsts.AbpAccount.Captcha.MaxFailedAccessAttempts);
        if (user.AccessFailedCount >= maxAccessFailedCount)
        {
            var tokenVerified = await captchaManager.VerifyCaptchaAsync(CaptchaResponse);
            if (!tokenVerified)
            {
                return new PlatformLoginResult(PlatformLoginResultType.ShowCaptcha, LP);
            }
        }

        var signInResult = await SignInManager.PasswordSignInAsync(
            login.UserNameOrEmailAddress,
            login.Password,
            login.RememberMe,
            true
        );

        await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
        {
            Identity = IdentitySecurityLogIdentityConsts.Identity,
            Action = signInResult.ToIdentitySecurityLogActionK(),
            UserName = login.UserNameOrEmailAddress
        });

        var result = new PlatformLoginResult(signInResult, LP);
        if (result.PResult != PlatformLoginResultType.Succeeded && user.AccessFailedCount >= maxAccessFailedCount)
        {
            // Display captcha
            result.PResult = PlatformLoginResultType.ShowCaptcha;
        }

        return result;
    }

    protected async Task<IdentityUser> ReplaceEmailAndReturnUser(UserLoginInfo login)
    {
        if (ValidationHelper.IsValidEmailAddress(login.UserNameOrEmailAddress))
        {
            var userByEmail = await UserManager.FindByEmailAsync(login.UserNameOrEmailAddress);
            if (userByEmail != null)
            {
                login.UserNameOrEmailAddress = userByEmail.UserName;
                return userByEmail;
            }
        }
        else
        {
            var userByUsername = await UserManager.FindByNameAsync(login.UserNameOrEmailAddress);
            if (userByUsername != null)
            {
                return userByUsername;
            }
        }

        return null;
    }

}