增加外部api通过token方式登录系统，修改webapi

app/.eslintrc.js

@@ -0,0 +1,31 @@
+/*
+ * Eslint config file
+ * Documentation: https://eslint.org/docs/user-guide/configuring/
+ * Install the Eslint extension before using this feature.
+ */
+module.exports = {
+  env: {
+    es6: true,
+    browser: true,
+    node: true,
+  },
+  ecmaFeatures: {
+    modules: true,
+  },
+  parserOptions: {
+    ecmaVersion: 2018,
+    sourceType: 'module',
+  },
+  globals: {
+    wx: true,
+    App: true,
+    Page: true,
+    getCurrentPages: true,
+    getApp: true,
+    Component: true,
+    requirePlugin: true,
+    requireMiniProgram: true,
+  },
+  // extends: 'eslint:recommended',
+  rules: {},
+}

app/app.js

@@ -0,0 +1,2 @@
+// app.js
+App({})

app/app.json

@@ -0,0 +1,24 @@
+{
+  "pages": [
+    "pages/index/index"
+  ],
+  "window": {
+    "navigationBarTextStyle": "black",
+    "navigationStyle": "custom"
+  },
+  "style": "v2",
+  "renderer": "skyline",
+  "rendererOptions": {
+    "skyline": {
+      "defaultDisplayBlock": true,
+      "defaultContentBox": true,
+      "tagNameStyleIsolation": "legacy",
+      "disableABTest": true,
+      "sdkVersionBegin": "3.0.0",
+      "sdkVersionEnd": "15.255.255"
+    }
+  },
+  "componentFramework": "glass-easel",
+  "sitemapLocation": "sitemap.json",
+  "lazyCodeLoading": "requiredComponents"
+}

app/app.wxss

@@ -0,0 +1,10 @@
+/**app.wxss**/
+.container {
+  height: 100%;
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: space-between;
+  padding: 200rpx 0;
+  box-sizing: border-box;
+} 

app/components/navigation-bar/navigation-bar.js

@@ -0,0 +1,105 @@
+Component({
+  options: {
+    multipleSlots: true // 在组件定义时的选项中启用多slot支持
+  },
+  /**
+   * 组件的属性列表
+   */
+  properties: {
+    extClass: {
+      type: String,
+      value: ''
+    },
+    title: {
+      type: String,
+      value: ''
+    },
+    background: {
+      type: String,
+      value: ''
+    },
+    color: {
+      type: String,
+      value: ''
+    },
+    back: {
+      type: Boolean,
+      value: true
+    },
+    loading: {
+      type: Boolean,
+      value: false
+    },
+    homeButton: {
+      type: Boolean,
+      value: false,
+    },
+    animated: {
+      // 显示隐藏的时候opacity动画效果
+      type: Boolean,
+      value: true
+    },
+    show: {
+      // 显示隐藏导航，隐藏的时候navigation-bar的高度占位还在
+      type: Boolean,
+      value: true,
+      observer: '_showChange'
+    },
+    // back为true的时候，返回的页面深度
+    delta: {
+      type: Number,
+      value: 1
+    },
+  },
+  /**
+   * 组件的初始数据
+   */
+  data: {
+    displayStyle: ''
+  },
+  lifetimes: {
+    attached() {
+      const rect = wx.getMenuButtonBoundingClientRect()
+      wx.getSystemInfo({
+        success: (res) => {
+          const isAndroid = res.platform === 'android'
+          const isDevtools = res.platform === 'devtools'
+          this.setData({
+            ios: !isAndroid,
+            innerPaddingRight: `padding-right: ${res.windowWidth - rect.left}px`,
+            leftWidth: `width: ${res.windowWidth - rect.left }px`,
+            safeAreaTop: isDevtools || isAndroid ? `height: calc(var(--height) + ${res.safeArea.top}px); padding-top: ${res.safeArea.top}px` : ``
+          })
+        }
+      })
+    },
+  },
+  /**
+   * 组件的方法列表
+   */
+  methods: {
+    _showChange(show) {
+      const animated = this.data.animated
+      let displayStyle = ''
+      if (animated) {
+        displayStyle = `opacity: ${
+          show ? '1' : '0'
+        };transition:opacity 0.5s;`
+      } else {
+        displayStyle = `display: ${show ? '' : 'none'}`
+      }
+      this.setData({
+        displayStyle
+      })
+    },
+    back() {
+      const data = this.data
+      if (data.delta) {
+        wx.navigateBack({
+          delta: data.delta
+        })
+      }
+      this.triggerEvent('back', { delta: data.delta }, {})
+    }
+  },
+})

app/components/navigation-bar/navigation-bar.json

@@ -0,0 +1,5 @@
+{
+  "component": true,
+  "styleIsolation": "apply-shared",
+  "usingComponents": {}
+}

app/components/navigation-bar/navigation-bar.wxml

@@ -0,0 +1,64 @@
+<view class="weui-navigation-bar {{extClass}}">
+  <view class="weui-navigation-bar__inner {{ios ? 'ios' : 'android'}}" style="color: {{color}}; background: {{background}}; {{displayStyle}}; {{innerPaddingRight}}; {{safeAreaTop}};">
+
+    <!-- 左侧按钮 -->
+    <view class='weui-navigation-bar__left' style="{{leftWidth}};">
+      <block wx:if="{{back || homeButton}}">
+        <!-- 返回上一页 -->
+        <block wx:if="{{back}}">
+          <view class="weui-navigation-bar__buttons weui-navigation-bar__buttons_goback">
+            <view
+              bindtap="back"
+              class="weui-navigation-bar__btn_goback_wrapper"
+              hover-class="weui-active"
+              hover-stay-time="100"
+              aria-role="button"
+              aria-label="返回"
+            >
+              <view class="weui-navigation-bar__button weui-navigation-bar__btn_goback"></view>
+            </view>
+          </view>
+        </block>
+        <!-- 返回首页 -->
+        <block wx:if="{{homeButton}}">
+          <view class="weui-navigation-bar__buttons weui-navigation-bar__buttons_home">
+            <view
+              bindtap="home"
+              class="weui-navigation-bar__btn_home_wrapper"
+              hover-class="weui-active"
+              aria-role="button"
+              aria-label="首页"
+            >
+              <view class="weui-navigation-bar__button weui-navigation-bar__btn_home"></view>
+            </view>
+          </view>
+        </block>
+      </block>
+      <block wx:else>
+        <slot name="left"></slot>
+      </block>
+    </view>
+
+    <!-- 标题 -->
+    <view class='weui-navigation-bar__center'>
+      <view wx:if="{{loading}}" class="weui-navigation-bar__loading" aria-role="alert">
+        <view
+          class="weui-loading"
+          aria-role="img"
+          aria-label="加载中"
+        ></view>
+      </view>
+      <block wx:if="{{title}}">
+        <text>{{title}}</text>
+      </block>
+      <block wx:else>
+        <slot name="center"></slot>
+      </block>
+    </view>
+    
+    <!-- 右侧留空 -->
+    <view class='weui-navigation-bar__right'>
+      <slot name="right"></slot>
+    </view>
+  </view>
+</view>

app/components/navigation-bar/navigation-bar.wxss

@@ -0,0 +1,96 @@
+.weui-navigation-bar {
+  --weui-FG-0:rgba(0,0,0,.9);
+  --height: 44px;
+  --left: 16px;
+}
+.weui-navigation-bar .android {
+  --height: 48px;
+}
+
+.weui-navigation-bar {
+  overflow: hidden;
+  color: var(--weui-FG-0);
+  flex: none;
+}
+
+.weui-navigation-bar__inner {
+  position: relative;
+  top: 0;
+  left: 0;
+  height: calc(var(--height) + env(safe-area-inset-top));
+  display: flex;
+  flex-direction: row;
+  align-items: center;
+  justify-content: center;
+  padding-top: env(safe-area-inset-top);
+  width: 100%;
+  box-sizing: border-box;
+}
+
+.weui-navigation-bar__left {
+  position: relative;
+  padding-left: var(--left);
+  display: flex;
+  flex-direction: row;
+  align-items: flex-start;
+  height: 100%;
+  box-sizing: border-box;
+}
+
+.weui-navigation-bar__btn_goback_wrapper {
+  padding: 11px 18px 11px 16px;
+  margin: -11px -18px -11px -16px;
+}
+
+.weui-navigation-bar__btn_goback_wrapper.weui-active {
+  opacity: 0.5;
+}
+
+.weui-navigation-bar__btn_goback {
+  font-size: 12px;
+  width: 12px;
+  height: 24px;
+  -webkit-mask: url("data:image/svg+xml;charset=utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' width='12' height='24' viewBox='0 0 12 24'%3E  %3Cpath fill-opacity='.9' fill-rule='evenodd' d='M10 19.438L8.955 20.5l-7.666-7.79a1.02 1.02 0 0 1 0-1.42L8.955 3.5 10 4.563 2.682 12 10 19.438z'/%3E%3C/svg%3E") no-repeat 50% 50%;
+  mask: url("data:image/svg+xml;charset=utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' width='12' height='24' viewBox='0 0 12 24'%3E  %3Cpath fill-opacity='.9' fill-rule='evenodd' d='M10 19.438L8.955 20.5l-7.666-7.79a1.02 1.02 0 0 1 0-1.42L8.955 3.5 10 4.563 2.682 12 10 19.438z'/%3E%3C/svg%3E") no-repeat 50% 50%;
+  -webkit-mask-size: cover;
+  mask-size: cover;
+  background-color: var(--weui-FG-0);
+}
+
+.weui-navigation-bar__center {
+  font-size: 17px;
+  text-align: center;
+  position: relative;
+  display: flex;
+  flex-direction: row;
+  align-items: center;
+  justify-content: center;
+  font-weight: bold;
+  flex: 1;
+  height: 100%;
+}
+
+.weui-navigation-bar__loading {
+  margin-right: 4px;
+  align-items: center;
+}
+
+.weui-loading {
+  font-size: 16px;
+  width: 16px;
+  height: 16px;
+  display: block;
+  background: transparent url("data:image/svg+xml,%3C%3Fxml version='1.0' encoding='UTF-8'%3F%3E%3Csvg width='80px' height='80px' viewBox='0 0 80 80' version='1.1' xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink'%3E%3Ctitle%3Eloading%3C/title%3E%3Cdefs%3E%3ClinearGradient x1='94.0869141%25' y1='0%25' x2='94.0869141%25' y2='90.559082%25' id='linearGradient-1'%3E%3Cstop stop-color='%23606060' stop-opacity='0' offset='0%25'%3E%3C/stop%3E%3Cstop stop-color='%23606060' stop-opacity='0.3' offset='100%25'%3E%3C/stop%3E%3C/linearGradient%3E%3ClinearGradient x1='100%25' y1='8.67370605%25' x2='100%25' y2='90.6286621%25' id='linearGradient-2'%3E%3Cstop stop-color='%23606060' offset='0%25'%3E%3C/stop%3E%3Cstop stop-color='%23606060' stop-opacity='0.3' offset='100%25'%3E%3C/stop%3E%3C/linearGradient%3E%3C/defs%3E%3Cg stroke='none' stroke-width='1' fill='none' fill-rule='evenodd' opacity='0.9'%3E%3Cg%3E%3Cpath d='M40,0 C62.09139,0 80,17.90861 80,40 C80,62.09139 62.09139,80 40,80 L40,73 C58.2253967,73 73,58.2253967 73,40 C73,21.7746033 58.2253967,7 40,7 L40,0 Z' fill='url(%23linearGradient-1)'%3E%3C/path%3E%3Cpath d='M40,0 L40,7 C21.7746033,7 7,21.7746033 7,40 C7,58.2253967 21.7746033,73 40,73 L40,80 C17.90861,80 0,62.09139 0,40 C0,17.90861 17.90861,0 40,0 Z' fill='url(%23linearGradient-2)'%3E%3C/path%3E%3Ccircle id='Oval' fill='%23606060' cx='40.5' cy='3.5' r='3.5'%3E%3C/circle%3E%3C/g%3E%3C/g%3E%3C/svg%3E%0A") no-repeat;
+  background-size: 100%;
+  margin-left: 0;
+  animation: loading linear infinite 1s;
+}
+
+@keyframes loading {
+  from {
+    transform: rotate(0);
+  }
+  to {
+    transform: rotate(360deg);
+  }
+}

app/pages/index/index.js

@@ -0,0 +1,2 @@
+// index.js
+Page({})

app/pages/index/index.json

@@ -0,0 +1,5 @@
+{
+  "usingComponents": {
+    "navigation-bar": "/components/navigation-bar/navigation-bar"
+  }
+}

app/pages/index/index.wxml

@@ -0,0 +1,7 @@
+<!--index.wxml-->
+<navigation-bar title="Weixin" back="{{false}}" color="black" background="#FFF"></navigation-bar>
+<scroll-view class="scrollarea" scroll-y type="list">
+  <view class="container">
+    Weixin
+  </view>
+</scroll-view>

app/pages/index/index.wxss

@@ -0,0 +1,10 @@
+/**index.wxss**/
+page {
+  height: 100vh;
+  display: flex;
+  flex-direction: column;
+}
+.scrollarea {
+  flex: 1;
+  overflow-y: hidden;
+}

app/project.config.json

@@ -0,0 +1,28 @@
+{
+  "appid": "wx55c6a1a085db1601",
+  "compileType": "miniprogram",
+  "libVersion": "3.7.6",
+  "packOptions": {
+    "ignore": [],
+    "include": []
+  },
+  "setting": {
+    "coverView": true,
+    "es6": true,
+    "postcss": true,
+    "minified": true,
+    "enhance": true,
+    "showShadowRootInWxmlPanel": true,
+    "packNpmRelationList": [],
+    "babelSetting": {
+      "ignore": [],
+      "disablePlugins": [],
+      "outputPath": ""
+    }
+  },
+  "condition": {},
+  "editorSetting": {
+    "tabIndent": "insertSpaces",
+    "tabSize": 2
+  }
+}

app/project.private.config.json

@@ -0,0 +1,7 @@
+{
+  "description": "项目私有配置文件。此文件中的内容将覆盖 project.config.json 中的相同字段。项目的改动优先同步到此文件中。详见文档：https://developers.weixin.qq.com/miniprogram/dev/devtools/projectconfig.html",
+  "projectname": "shwasher_mapp",
+  "setting": {
+    "compileHotReLoad": true
+  }
+}

app/sitemap.json

@@ -0,0 +1,7 @@
+{
+    "desc": "关于本文件的更多信息，请参考文档 https://developers.weixin.qq.com/miniprogram/dev/framework/sitemap.html",
+    "rules": [{
+    "action": "allow",
+    "page": "*"
+    }]
+}

src_0nline/ShwasherSys/IwbZero.Yue/Authorization/AuthorizeFilter/CheckExpireTimeHelper.cs

@@ -27,7 +27,7 @@ namespace IwbZero.Authorization.AuthorizeFilter
                 return true;
             if (session.RememberMe != null && (bool)session.RememberMe)
                 return false;
-
+            //_cacheManager.GetCache(IwbZeroConsts.UserExpireTimeCache).Clear();
             DateTimeOffset expireUtc = _cacheManager.GetCache(IwbZeroConsts.UserExpireTimeCache)
                                             .Get(session.UserId + "", () => session.ExpireTime) ??
                                         default(DateTimeOffset);

src_0nline/ShwasherSys/ShwasherSys.Application/CompanyInfo/DeviceInfo/DeviceMgPlansApplicationService.cs

@@ -16,6 +16,7 @@ using ShwasherSys.CompanyInfo.DeviceInfo.Dto;
 using ShwasherSys.ProductStoreInfo;
 using System.Linq.Dynamic.Core;
 using Abp.Extensions;
+using Abp.Web.Security.AntiForgery;
 
 namespace ShwasherSys.CompanyInfo.DeviceInfo
 {

src_0nline/ShwasherSys/ShwasherSys.Web/App_Start/MvcAuthorizeFilter.cs

@@ -51,6 +51,7 @@ namespace ShwasherSys
             }
             try
             {
+                string userid = AbpSession.UserName;
                 _checkExpireTimeHelper.CheckUserHasExpire(AbpSession);
                 if (AbpSession.UserName != UserBase.AdminUserName)
                     _authorizationHelper.Authorize(methodInfo, methodInfo.DeclaringType);

src_0nline/ShwasherSys/ShwasherSys.Web/App_Start/ShwasherWebModule.cs

@@ -34,6 +34,7 @@ namespace ShwasherSys
             //    new BigCamelCasePropertyNamesContractResolver();
             GlobalConfiguration.Configuration.Formatters.JsonFormatter.SerializerSettings.DateFormatString = "yyyy-MM-dd HH:mm:ss";
             //Configuration.Modules.AbpWebCommon().SendAllExceptionsToClients = true;
+            //Configuration.Modules.AbpWeb().AntiForgery.IsEnabled = false;
             SetCacheExpireTime(Configuration);
         }
 

src_0nline/ShwasherSys/ShwasherSys.Web/App_Start/Startup.cs

@@ -1,15 +1,28 @@
 using System;
+using System.Collections.Concurrent;
 using System.Configuration;
-
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Abp.Dependency;
+using Abp.Extensions;
 using Abp.Owin;
-
+using IwbZero.Authorization;
 using Microsoft.Owin;
+using Microsoft.Owin.Security;
 using Microsoft.Owin.Security.Cookies;
-
+using Microsoft.Owin.Security.Infrastructure;
+using Microsoft.Owin.Security.OAuth;
 using Owin;
 
 using ShwasherSys;
 using ShwasherSys.Api.Controllers;
+using ShwasherSys.Authorization.Users;
+using ShwasherSys.Authorization;
+using IwbZero.Authorization.Permissions;
+using ShwasherSys.BaseSysInfo;
+using IwbZero.Session;
+using System.Globalization;
+using System.Net;
 
 [assembly: OwinStartup(typeof(Startup))]
 
@@ -22,6 +35,18 @@ namespace ShwasherSys
             app.UseAbp();
 
             app.UseOAuthBearerAuthentication(AccountController.OAuthBearerOptions);
+            var logInManager = IocManager.Instance.Resolve<LogInManager>();
+            app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions()
+            {
+                AllowInsecureHttp = true,
+                AuthenticationMode = AuthenticationMode.Active,
+                TokenEndpointPath = new PathString("/token"), //获取 access_token 授权服务请求地址
+                AuthorizeEndpointPath = new PathString("/authorize"), //获取 authorization_code 授权服务请求地址
+                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30), //access_token 过期时间
+              
+                Provider = new OpenAuthorizationServerProvider(logInManager), //access_token 相关授权服务
+                RefreshTokenProvider = new OpenRefreshTokenProvider() //refresh_token 授权服务
+            });
             app.UseCookieAuthentication(new CookieAuthenticationOptions
             {
                 AuthenticationType = ShwasherConsts.AuthenticationTypes,
@@ -40,4 +65,88 @@ namespace ShwasherSys
             //});
         }
     }
+    public class OpenRefreshTokenProvider : AuthenticationTokenProvider
+    {
+        private static ConcurrentDictionary<string, string> _refreshTokens = new ConcurrentDictionary<string, string>();
+
+        /// <summary>
+        /// 生成 refresh_token
+        /// </summary>
+        public override void Create(AuthenticationTokenCreateContext context)
+        {
+            context.Ticket.Properties.IssuedUtc = DateTime.UtcNow;
+            context.Ticket.Properties.ExpiresUtc = DateTime.UtcNow.AddDays(60);
+
+            context.SetToken(Guid.NewGuid().ToString("n") + Guid.NewGuid().ToString("n"));
+            _refreshTokens[context.Token] = context.SerializeTicket();
+        }
+
+        /// <summary>
+        /// 由 refresh_token 解析成 access_token
+        /// </summary>
+        public override void Receive(AuthenticationTokenReceiveContext context)
+        {
+            if (_refreshTokens.TryGetValue(context.Token, out string ticketData))
+            {
+                context.DeserializeTicket(ticketData);
+            }
+        }
+    }
+
+    public class OpenAuthorizationServerProvider : OAuthAuthorizationServerProvider
+    {
+        public  LogInManager LogInManager { get; set; }
+
+        public OpenAuthorizationServerProvider(LogInManager logInManager)
+        {
+            LogInManager = logInManager;
+        }
+
+
+        /// <summary>
+        /// 验证 client 信息
+        /// </summary>
+        public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
+        {
+            // if (context.ClientId == null)
+            // {
+            //     context.Validated();
+            // }
+            context.Validated();
+            return Task.CompletedTask;
+        }
+
+        /// <summary>
+        /// 生成 access_token（resource owner password credentials 授权方式）
+        /// </summary>
+        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
+        {
+            context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
+
+            // var user = context.OwinContext.Authentication.User;
+            // var identity = new ClaimsIdentity(context.Options.AuthenticationType);
+            // identity.AddClaim(new Claim(ClaimTypes.Name, user.Identity.Name));
+            //获取用户传入的用户名和密码
+            string username = context.UserName;
+            string password = context.Password;
+
+            var loginResult = await LogInManager.LoginAsync(username, password);
+            if (loginResult.Result != AbpLoginResultType.Success)
+            {
+                context.SetError("invalid_grant", "用户名或密码不正确");
+                return;
+            }
+           
+            var identity = loginResult.Identity;
+            identity.AddClaim(new Claim(IwbClaimTypes.RememberMe, "true"));
+            identity.AddClaim(new Claim(ShwasherConsts.UserDepartmentIdClaimType, loginResult.User.DepartmentID ?? ""));
+            
+            var expiresUtc = DateTimeOffset.UtcNow.AddMinutes(int.Parse(
+                System.Configuration.ConfigurationManager.AppSettings[
+                    "AuthSession.ExpireTimeInMinutes"] ?? "90"));
+            identity.AddClaim(new Claim(IwbClaimTypes.ExpireTime, expiresUtc.ToString(CultureInfo.InvariantCulture)));
+            context.Validated(loginResult.Identity);
+        }
+        
+    }
 }

src_0nline/ShwasherSys/ShwasherSys.Web/Web.config

@@ -406,6 +406,14 @@
         <assemblyIdentity name="System.IO.Compression" publicKeyToken="b77a5c561934e089" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-4.2.0.0" newVersion="4.2.0.0" />
       </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Memory" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.0.1.0" newVersion="4.0.1.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Security.Cryptography.Cng" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.3.1.0" newVersion="4.3.1.0" />
+      </dependentAssembly>
     </assemblyBinding>
   </runtime>
   <system.webServer>

src_0nline/ShwasherSys/ShwasherSys.WebApi/Api/Controllers/AccountController.cs

@@ -1,6 +1,16 @@
-using Abp.UI;
+using System;
+using System.ComponentModel.DataAnnotations;
+using System.Threading.Tasks;
+using System.Web.Http;
+using Abp.UI;
+using Abp.Web.Models;
 using Abp.WebApi.Controllers;
+using IwbZero.Authorization;
+using Microsoft.Extensions.Internal;
+using Microsoft.Owin.Security;
 using Microsoft.Owin.Security.OAuth;
+using ShwasherSys.Authorization;
+using ShwasherSys.Authorization.Users;
 
 namespace ShwasherSys.Api.Controllers
 {
@@ -8,74 +18,73 @@ namespace ShwasherSys.Api.Controllers
     {
         public static OAuthBearerAuthenticationOptions OAuthBearerOptions { get; private set; }
 
-        //private readonly LogInManager _logInManager;
+        private readonly LogInManager _logInManager;
 
         static AccountController()
         {
             OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
         }
 
-        //public AccountController(LogInManager logInManager)
-        //{
-        //    _logInManager = logInManager;
-        //    LocalizationSourceName = IwbYueConsts.LocalizationSourceName;
-        //}
-
-        //[HttpPost]
-        //public async Task<AjaxResponse> Authenticate(LoginModel loginModel)
-        //{
-        //    CheckModelState();
-
-        //    var loginResult = await GetLoginResultAsync(
-        //        loginModel.UsernameOrEmailAddress,
-        //        loginModel.Password,
-        //        loginModel.TenancyName
-        //        );
-
-        //    var ticket = new AuthenticationTicket(loginResult.Identity, new AuthenticationProperties());
-
-        //    var currentUtc = new SystemClock().UtcNow;
-        //    ticket.Properties.IssuedUtc = currentUtc;
-        //    ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromMinutes(30));
-
-        //    return new AjaxResponse(OAuthBearerOptions.AccessTokenFormat.Protect(ticket));
-        //}
-
-        //private async Task<AbpLoginResult<Tenant, User>> GetLoginResultAsync(string usernameOrEmailAddress, string password, string tenancyName)
-        //{
-        //    var loginResult = await _logInManager.LoginAsync(usernameOrEmailAddress, password, tenancyName);
-
-        //    switch (loginResult.Result)
-        //    {
-        //        case AbpLoginResultType.Success:
-        //            return loginResult;
-        //        default:
-        //            throw CreateExceptionForFailedLoginAttempt(loginResult.Result, usernameOrEmailAddress, tenancyName);
-        //    }
-        //}
-
-        //private Exception CreateExceptionForFailedLoginAttempt(AbpLoginResultType result, string usernameOrEmailAddress, string tenancyName)
-        //{
-        //    switch (result)
-        //    {
-        //        case AbpLoginResultType.Success:
-        //            return new ApplicationException("Don't call this method with a success result!");
-        //        case AbpLoginResultType.InvalidUserNameOrEmailAddress:
-        //        case AbpLoginResultType.InvalidPassword:
-        //            return new UserFriendlyException(L("LoginFailed"), L("InvalidUserNameOrPassword"));
-        //        case AbpLoginResultType.InvalidTenancyName:
-        //            return new UserFriendlyException(L("LoginFailed"), L("ThereIsNoTenantDefinedWithName{0}", tenancyName));
-        //        case AbpLoginResultType.TenantIsNotActive:
-        //            return new UserFriendlyException(L("LoginFailed"), L("TenantIsNotActive", tenancyName));
-        //        case AbpLoginResultType.UserIsNotActive:
-        //            return new UserFriendlyException(L("LoginFailed"), L("UserIsNotActiveAndCanNotLogin", usernameOrEmailAddress));
-        //        case AbpLoginResultType.UserEmailIsNotConfirmed:
-        //            return new UserFriendlyException(L("LoginFailed"), "Your email address is not confirmed. You can not login"); //TODO: localize message
-        //        default: //Can not fall to default actually. But other result types can be added in the future and we may forget to handle it
-        //            Logger.Warn("Unhandled login fail reason: " + result);
-        //            return new UserFriendlyException(L("LoginFailed"));
-        //    }
-        //}
+        public AccountController(LogInManager logInManager)
+        {
+            _logInManager = logInManager;
+            LocalizationSourceName = ShwasherConsts.LocalizationSourceName;
+        }
+
+        [HttpPost]
+        public async Task<AjaxResponse> Authenticate(LoginModel loginModel)
+        {
+            CheckModelState();
+
+            var loginResult = await GetLoginResultAsync(
+                loginModel.UsernameOrEmailAddress,
+                loginModel.Password
+            );
+
+            var ticket = new AuthenticationTicket(loginResult.Identity, new AuthenticationProperties());
+
+            var currentUtc = new SystemClock().UtcNow;
+            ticket.Properties.IssuedUtc = currentUtc;
+            ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromMinutes(30));
+
+            return new AjaxResponse(OAuthBearerOptions.AccessTokenFormat.Protect(ticket));
+        }
+
+        private async Task<IwbLoginResult<SysUser>> GetLoginResultAsync(string usernameOrEmailAddress, string password)
+        {
+            var loginResult = await _logInManager.LoginAsync(usernameOrEmailAddress, password);
+
+            switch (loginResult.Result)
+            {
+                case AbpLoginResultType.Success:
+                    return loginResult;
+                default:
+                    throw CreateExceptionForFailedLoginAttempt(loginResult.Result, usernameOrEmailAddress);
+            }
+        }
+
+        private Exception CreateExceptionForFailedLoginAttempt(AbpLoginResultType result, string usernameOrEmailAddress)
+        {
+            switch (result)
+            {
+                case AbpLoginResultType.Success:
+                    return new ApplicationException("Don't call this method with a success result!");
+                case AbpLoginResultType.InvalidUserNameOrEmailAddress:
+                case AbpLoginResultType.InvalidPassword:
+                    return new UserFriendlyException(L("LoginFailed"), L("InvalidUserNameOrPassword"));
+                // case AbpLoginResultType.InvalidTenancyName:
+                //     return new UserFriendlyException(L("LoginFailed"), L("ThereIsNoTenantDefinedWithName{0}", tenancyName));
+                // case AbpLoginResultType.TenantIsNotActive:
+                //     return new UserFriendlyException(L("LoginFailed"), L("TenantIsNotActive", tenancyName));
+                case AbpLoginResultType.UserIsNotActive:
+                    return new UserFriendlyException(L("LoginFailed"), L("UserIsNotActiveAndCanNotLogin", usernameOrEmailAddress));
+                case AbpLoginResultType.UserEmailIsNotConfirmed:
+                    return new UserFriendlyException(L("LoginFailed"), "Your email address is not confirmed. You can not login"); //TODO: localize message
+                default: //Can not fall to default actually. But other result types can be added in the future and we may forget to handle it
+                    Logger.Warn("Unhandled login fail reason: " + result);
+                    return new UserFriendlyException(L("LoginFailed"));
+            }
+        }
 
         protected virtual void CheckModelState()
         {
@@ -88,3 +97,23 @@ namespace ShwasherSys.Api.Controllers
 
     }
 }
+
+namespace ShwasherSys
+{
+    public class LoginModel
+    {
+        [Required]
+        public string UsernameOrEmailAddress { get; set; }
+
+        [Required]
+        public string Password { get; set; }
+
+        // public bool RememberMe { get; set; }
+
+
+
+        //public string TenancyName { get; set; }
+
+
+    }
+}

src_0nline/ShwasherSys/ShwasherSys.WebApi/ShwasherSys.WebApi.csproj

@@ -80,6 +80,12 @@
     <Reference Include="Microsoft.AspNet.Identity.Owin, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\..\packages\Microsoft.AspNet.Identity.Owin.2.2.2\lib\net45\Microsoft.AspNet.Identity.Owin.dll</HintPath>
     </Reference>
+    <Reference Include="Microsoft.Bcl.AsyncInterfaces, Version=8.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\Microsoft.Bcl.AsyncInterfaces.8.0.0\lib\netstandard2.0\Microsoft.Bcl.AsyncInterfaces.dll</HintPath>
+    </Reference>
+    <Reference Include="Microsoft.Bcl.TimeProvider, Version=8.0.0.1, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\Microsoft.Bcl.TimeProvider.8.0.1\lib\netstandard2.0\Microsoft.Bcl.TimeProvider.dll</HintPath>
+    </Reference>
     <Reference Include="Microsoft.Extensions.Caching.Abstractions, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\..\packages\Microsoft.Extensions.Caching.Abstractions.2.2.0\lib\netstandard2.0\Microsoft.Extensions.Caching.Abstractions.dll</HintPath>
     </Reference>
@@ -95,6 +101,18 @@
     <Reference Include="Microsoft.Extensions.Primitives, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
       <HintPath>..\..\packages\Microsoft.Extensions.Primitives.2.2.0\lib\netstandard2.0\Microsoft.Extensions.Primitives.dll</HintPath>
     </Reference>
+    <Reference Include="Microsoft.IdentityModel.Abstractions, Version=8.3.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\Microsoft.IdentityModel.Abstractions.8.3.0\lib\netstandard2.0\Microsoft.IdentityModel.Abstractions.dll</HintPath>
+    </Reference>
+    <Reference Include="Microsoft.IdentityModel.JsonWebTokens, Version=8.3.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\Microsoft.IdentityModel.JsonWebTokens.8.3.0\lib\netstandard2.0\Microsoft.IdentityModel.JsonWebTokens.dll</HintPath>
+    </Reference>
+    <Reference Include="Microsoft.IdentityModel.Logging, Version=8.3.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\Microsoft.IdentityModel.Logging.8.3.0\lib\netstandard2.0\Microsoft.IdentityModel.Logging.dll</HintPath>
+    </Reference>
+    <Reference Include="Microsoft.IdentityModel.Tokens, Version=8.3.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\Microsoft.IdentityModel.Tokens.8.3.0\lib\netstandard2.0\Microsoft.IdentityModel.Tokens.dll</HintPath>
+    </Reference>
     <Reference Include="Microsoft.Owin, Version=4.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\..\packages\Microsoft.Owin.4.0.1\lib\net45\Microsoft.Owin.dll</HintPath>
     </Reference>
@@ -160,7 +178,7 @@
     </Reference>
     <Reference Include="System" />
     <Reference Include="System.Buffers, Version=4.0.3.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
-      <HintPath>..\..\packages\System.Buffers.4.5.0\lib\netstandard2.0\System.Buffers.dll</HintPath>
+      <HintPath>..\..\packages\System.Buffers.4.5.1\lib\net461\System.Buffers.dll</HintPath>
     </Reference>
     <Reference Include="System.Collections.Immutable, Version=1.2.3.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
       <HintPath>..\..\packages\System.Collections.Immutable.1.5.0\lib\netstandard2.0\System.Collections.Immutable.dll</HintPath>
@@ -180,12 +198,15 @@
     </Reference>
     <Reference Include="System.Data.OracleClient" />
     <Reference Include="System.Drawing" />
+    <Reference Include="System.IdentityModel.Tokens.Jwt, Version=8.3.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\System.IdentityModel.Tokens.Jwt.8.3.0\lib\netstandard2.0\System.IdentityModel.Tokens.Jwt.dll</HintPath>
+    </Reference>
     <Reference Include="System.IO.Compression.FileSystem" />
     <Reference Include="System.Linq.Dynamic.Core, Version=1.0.10.0, Culture=neutral, PublicKeyToken=0f07ec44de6ac832, processorArchitecture=MSIL">
       <HintPath>..\..\packages\System.Linq.Dynamic.Core.1.0.10\lib\net46\System.Linq.Dynamic.Core.dll</HintPath>
     </Reference>
-    <Reference Include="System.Memory, Version=4.0.1.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
-      <HintPath>..\..\packages\System.Memory.4.5.2\lib\netstandard2.0\System.Memory.dll</HintPath>
+    <Reference Include="System.Memory, Version=4.0.1.2, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\System.Memory.4.5.5\lib\net461\System.Memory.dll</HintPath>
     </Reference>
     <Reference Include="System.Net" />
     <Reference Include="System.Net.Http" />
@@ -197,8 +218,8 @@
       <HintPath>..\..\packages\System.Numerics.Vectors.4.5.0\lib\net46\System.Numerics.Vectors.dll</HintPath>
     </Reference>
     <Reference Include="System.Runtime.Caching" />
-    <Reference Include="System.Runtime.CompilerServices.Unsafe, Version=4.0.4.1, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\..\packages\System.Runtime.CompilerServices.Unsafe.4.5.2\lib\netstandard2.0\System.Runtime.CompilerServices.Unsafe.dll</HintPath>
+    <Reference Include="System.Runtime.CompilerServices.Unsafe, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\System.Runtime.CompilerServices.Unsafe.6.0.0\lib\net461\System.Runtime.CompilerServices.Unsafe.dll</HintPath>
     </Reference>
     <Reference Include="System.Runtime.InteropServices.RuntimeInformation, Version=4.0.1.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
       <HintPath>..\..\packages\System.Runtime.InteropServices.RuntimeInformation.4.3.0\lib\net45\System.Runtime.InteropServices.RuntimeInformation.dll</HintPath>
@@ -221,6 +242,9 @@
       <HintPath>..\..\packages\System.Security.Claims.4.3.0\lib\net46\System.Security.Claims.dll</HintPath>
       <Private>True</Private>
     </Reference>
+    <Reference Include="System.Security.Cryptography.Cng, Version=4.3.1.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\System.Security.Cryptography.Cng.4.5.0\lib\net461\System.Security.Cryptography.Cng.dll</HintPath>
+    </Reference>
     <Reference Include="System.Security.Permissions, Version=4.0.1.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\..\packages\System.Security.Permissions.4.5.0\lib\net461\System.Security.Permissions.dll</HintPath>
     </Reference>
@@ -228,6 +252,15 @@
       <HintPath>..\..\packages\System.Security.Principal.Windows.4.5.1\lib\net461\System.Security.Principal.Windows.dll</HintPath>
     </Reference>
     <Reference Include="System.ServiceProcess" />
+    <Reference Include="System.Text.Encodings.Web, Version=8.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\System.Text.Encodings.Web.8.0.0\lib\netstandard2.0\System.Text.Encodings.Web.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Text.Json, Version=8.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\System.Text.Json.8.0.5\lib\netstandard2.0\System.Text.Json.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Threading.Tasks.Extensions, Version=4.2.0.1, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+      <HintPath>..\..\packages\System.Threading.Tasks.Extensions.4.5.4\lib\net461\System.Threading.Tasks.Extensions.dll</HintPath>
+    </Reference>
     <Reference Include="System.Transactions" />
     <Reference Include="System.ValueTuple, Version=4.0.3.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\..\packages\System.ValueTuple.4.5.0\lib\net461\System.ValueTuple.dll</HintPath>
@@ -280,6 +313,7 @@
   <ItemGroup>
     <Compile Include="ApiAuthorizeFilter.cs" />
     <Compile Include="Api\Controllers\AccountController.cs" />
+    <Compile Include="WebAbpAntiForgeryApiFilter.cs" />
     <Compile Include="WebApiModule.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
   </ItemGroup>
@@ -301,6 +335,9 @@
       <Name>ShwasherSys.ToolCommon</Name>
     </ProjectReference>
   </ItemGroup>
+  <ItemGroup>
+    <WCFMetadata Include="Connected Services\" />
+  </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <Import Project="$(SolutionDir)\.nuget\NuGet.targets" Condition="Exists('$(SolutionDir)\.nuget\NuGet.targets')" />
   <Import Project="..\..\packages\Microsoft.Bcl.Build.1.0.21\build\Microsoft.Bcl.Build.targets" Condition="Exists('..\..\packages\Microsoft.Bcl.Build.1.0.21\build\Microsoft.Bcl.Build.targets')" />

src_0nline/ShwasherSys/ShwasherSys.WebApi/WebAbpAntiForgeryApiFilter.cs

@@ -0,0 +1,86 @@
+using System;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Net.Http.Headers;
+using System.Threading;
+using System.Threading.Tasks;
+using System.Web.Http.Controllers;
+using System.Web.Http.Filters;
+using Abp.Dependency;
+using Abp.Web.Security.AntiForgery;
+using Abp.WebApi.Configuration;
+using Abp.WebApi.Controllers.Dynamic.Selectors;
+using Abp.WebApi.Validation;
+using Castle.Core.Logging;
+using Castle.DynamicProxy.Generators.Emitters.SimpleAST;
+
+namespace ShwasherSys
+{
+    public class IwbAbpAntiForgeryApiFilter : IAuthorizationFilter, ITransientDependency
+    {
+
+        public static string AntiForgeryHeaderName = "WASHER-XSRF-TOKEN";  
+        public ILogger Logger { get; set; }
+
+        public bool AllowMultiple => false;
+
+        private readonly IAbpAntiForgeryManager _abpAntiForgeryManager;
+        private readonly IAbpWebApiConfiguration _webApiConfiguration;
+        private readonly IAbpAntiForgeryWebConfiguration _antiForgeryWebConfiguration;
+
+        public IwbAbpAntiForgeryApiFilter(
+            IAbpAntiForgeryManager abpAntiForgeryManager,
+            IAbpWebApiConfiguration webApiConfiguration,
+            IAbpAntiForgeryWebConfiguration antiForgeryWebConfiguration)
+        {
+            _abpAntiForgeryManager = abpAntiForgeryManager;
+            _webApiConfiguration = webApiConfiguration;
+            _antiForgeryWebConfiguration = antiForgeryWebConfiguration;
+            Logger = NullLogger.Instance;
+        }
+
+        public async Task<HttpResponseMessage> ExecuteAuthorizationFilterAsync(
+            HttpActionContext actionContext,
+            CancellationToken cancellationToken,
+            Func<Task<HttpResponseMessage>> continuation)
+        {
+            var methodInfo = actionContext.ActionDescriptor.GetMethodInfoOrNull();
+            if (methodInfo == null)
+            {
+                return await continuation();
+            }
+
+            if (!_abpAntiForgeryManager.ShouldValidate(_antiForgeryWebConfiguration, methodInfo, actionContext.Request.Method.ToHttpVerb(), _webApiConfiguration.IsAutomaticAntiForgeryValidationEnabled))
+            {
+                return await continuation();
+            }
+            if (!_abpAntiForgeryManager.IsValid(actionContext.Request.Headers))
+            {
+                return CreateErrorResponse(actionContext, "Empty or invalid anti forgery header token.");
+            }
+            // if (!CheckHeaderToken(actionContext.Request.Headers))
+            // {
+            //    return CreateErrorResponse(actionContext, "Empty or invalid anti forgery header token!");
+            // }
+            return await continuation();
+        }
+
+        // public bool CheckHeaderToken(HttpRequestHeaders headers)
+        // {
+        //     if (headers.TryGetValues(AntiForgeryHeaderName, out var token))
+        //     {
+        //         return token.First() == "WASHER";
+        //     }
+        //
+        //     return false;
+        // }   
+
+        protected virtual HttpResponseMessage CreateErrorResponse(HttpActionContext actionContext, string reason)
+        {
+            Logger.Warn(reason);
+            Logger.Warn("Requested URI: " + actionContext.Request.RequestUri);
+            return new HttpResponseMessage(HttpStatusCode.BadRequest) { ReasonPhrase = reason };
+        }
+    }
+}

src_0nline/ShwasherSys/ShwasherSys.WebApi/WebApiModule.cs

@@ -9,6 +9,7 @@ using Abp.Timing;
 using Abp.WebApi;
 using Abp.WebApi.Authorization;
 using Abp.WebApi.Configuration;
+using Abp.WebApi.Security.AntiForgery;
 using Newtonsoft.Json.Serialization;
 
 namespace ShwasherSys
@@ -40,7 +41,9 @@ namespace ShwasherSys
             var httpConfiguration = IocManager.Resolve<IAbpWebApiConfiguration>().HttpConfiguration;
             //httpConfiguration.Services.Replace(typeof(AbpApiAuthorizeFilter), IocManager.Resolve<IwbApiAuthorizeFilter>());
             httpConfiguration.Filters.Remove(IocManager.Resolve<AbpApiAuthorizeFilter>());
-            httpConfiguration.Filters.Add(IocManager.Resolve<ShwasherApiAuthorizeFilter>());
+            httpConfiguration.Filters.Add(IocManager.Resolve<ShwasherApiAuthorizeFilter>()); 
+            //httpConfiguration.Filters.Remove(IocManager.Resolve<AbpAntiForgeryApiFilter>());
+            //httpConfiguration.Filters.Add(IocManager.Resolve<IwbAbpAntiForgeryApiFilter>());
         }
     }
 

src_0nline/ShwasherSys/ShwasherSys.WebApi/app.config

@@ -64,7 +64,7 @@
       </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="System.Runtime.CompilerServices.Unsafe" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-4.0.4.1" newVersion="4.0.4.1" />
+        <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
       </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="ICSharpCode.SharpZipLib" publicKeyToken="1b03e6acf1164f73" culture="neutral" />
@@ -90,6 +90,14 @@
         <assemblyIdentity name="Microsoft.Owin.Security.Cookies" publicKeyToken="31bf3856ad364e35" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-4.0.0.0" newVersion="4.0.0.0" />
       </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Memory" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.0.1.2" newVersion="4.0.1.2" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Security.Cryptography.Cng" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-4.3.1.0" newVersion="4.3.1.0" />
+      </dependentAssembly>
     </assemblyBinding>
   </runtime>
 <startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" /></startup></configuration>

src_0nline/ShwasherSys/ShwasherSys.WebApi/packages.config

@@ -24,12 +24,19 @@
   <package id="Microsoft.AspNet.WebPages" version="3.2.7" targetFramework="net461" />
   <package id="Microsoft.Bcl" version="1.1.10" targetFramework="net452" />
   <package id="Microsoft.Bcl.Async" version="1.0.168" targetFramework="net452" />
+  <package id="Microsoft.Bcl.AsyncInterfaces" version="8.0.0" targetFramework="net461" />
   <package id="Microsoft.Bcl.Build" version="1.0.21" targetFramework="net452" />
+  <package id="Microsoft.Bcl.TimeProvider" version="8.0.1" targetFramework="net461" />
+  <package id="Microsoft.CSharp" version="4.5.0" targetFramework="net461" />
   <package id="Microsoft.Extensions.Caching.Abstractions" version="2.2.0" targetFramework="net461" />
   <package id="Microsoft.Extensions.Caching.Memory" version="2.2.0" targetFramework="net461" />
   <package id="Microsoft.Extensions.DependencyInjection.Abstractions" version="2.2.0" targetFramework="net461" />
   <package id="Microsoft.Extensions.Options" version="2.2.0" targetFramework="net461" />
   <package id="Microsoft.Extensions.Primitives" version="2.2.0" targetFramework="net461" />
+  <package id="Microsoft.IdentityModel.Abstractions" version="8.3.0" targetFramework="net461" />
+  <package id="Microsoft.IdentityModel.JsonWebTokens" version="8.3.0" targetFramework="net461" />
+  <package id="Microsoft.IdentityModel.Logging" version="8.3.0" targetFramework="net461" />
+  <package id="Microsoft.IdentityModel.Tokens" version="8.3.0" targetFramework="net461" />
   <package id="Microsoft.Owin" version="4.0.1" targetFramework="net461" />
   <package id="Microsoft.Owin.Host.SystemWeb" version="4.0.1" targetFramework="net461" />
   <package id="Microsoft.Owin.Security" version="4.0.1" targetFramework="net461" />
@@ -44,24 +51,29 @@
   <package id="Nito.Collections.Deque" version="1.0.4" targetFramework="net461" />
   <package id="Nito.Disposables" version="2.0.0" targetFramework="net461" />
   <package id="Owin" version="1.0" targetFramework="net461" />
-  <package id="System.Buffers" version="4.5.0" targetFramework="net461" />
+  <package id="System.Buffers" version="4.5.1" targetFramework="net461" />
   <package id="System.Collections.Immutable" version="1.5.0" targetFramework="net461" />
   <package id="System.ComponentModel.Annotations" version="4.5.0" targetFramework="net461" />
   <package id="System.Configuration.ConfigurationManager" version="4.5.0" targetFramework="net461" />
   <package id="System.Data.Common" version="4.3.0" targetFramework="net461" />
+  <package id="System.IdentityModel.Tokens.Jwt" version="8.3.0" targetFramework="net461" />
   <package id="System.Linq.Dynamic.Core" version="1.0.10" targetFramework="net461" />
   <package id="System.Linq.Queryable" version="4.3.0" targetFramework="net461" />
-  <package id="System.Memory" version="4.5.2" targetFramework="net461" />
+  <package id="System.Memory" version="4.5.5" targetFramework="net461" />
   <package id="System.Numerics.Vectors" version="4.5.0" targetFramework="net461" />
-  <package id="System.Runtime.CompilerServices.Unsafe" version="4.5.2" targetFramework="net461" />
+  <package id="System.Runtime.CompilerServices.Unsafe" version="6.0.0" targetFramework="net461" />
   <package id="System.Runtime.InteropServices.RuntimeInformation" version="4.3.0" targetFramework="net461" />
   <package id="System.Runtime.Serialization.Formatters" version="4.3.0" targetFramework="net461" />
   <package id="System.Runtime.Serialization.Primitives" version="4.3.0" targetFramework="net461" />
   <package id="System.Security.AccessControl" version="4.5.0" targetFramework="net461" />
   <package id="System.Security.Claims" version="4.3.0" targetFramework="net461" />
+  <package id="System.Security.Cryptography.Cng" version="4.5.0" targetFramework="net461" />
   <package id="System.Security.Permissions" version="4.5.0" targetFramework="net461" />
   <package id="System.Security.Principal.Windows" version="4.5.1" targetFramework="net461" />
+  <package id="System.Text.Encodings.Web" version="8.0.0" targetFramework="net461" />
+  <package id="System.Text.Json" version="8.0.5" targetFramework="net461" />
   <package id="System.Threading" version="4.3.0" targetFramework="net461" />
+  <package id="System.Threading.Tasks.Extensions" version="4.5.4" targetFramework="net461" />
   <package id="System.ValueTuple" version="4.5.0" targetFramework="net461" />
   <package id="System.Xml.XmlDocument" version="4.3.0" targetFramework="net461" />
   <package id="System.Xml.XPath" version="4.3.0" targetFramework="net461" />