/// <summary> /// 作为注册用户登录 /// </summary> /// <param name="userDto">用户信息</param> /// <returns>异步获取Token的任务,发生错误时返回错误信息</returns> public async Task <(AccessTokenResponseDto, Dictionary <string, string> error)> LoginAsRegisteredUserAsync(UserLoginRequestDto userDto) { User user = await _dbContext.User .FirstOrDefaultAsync(u => u.Username == userDto.Username); if (user != null && ValidatePassword(userDto.Password, user.Salt, user.PasswordHash)) { AccessTokenResponseDto tokenDto = new AccessTokenResponseDto { AccessToken = await _tokenAuthService.GenerateAccessTokenAsync(user), RefreshToken = await _tokenAuthService.GenerateRefreshTokenAsync(user) }; return(tokenDto, null); } else { // 用户名或密码错误 var error = new Dictionary <string, string> { ["username"] = _msg.GetMessage("E001", "用户名或密码") }; return(null, error); } }
private void UpdateAppState(AccessTokenResponseDto accessTokenDto) { _appState.AccessToken = accessTokenDto.access_token; _appState.TokenType = accessTokenDto.token_type; _appState.ExpiresIn = accessTokenDto.expires_in; _appState.ApiEndpoint = accessTokenDto.api_endpoint; _appState.Orgkey = accessTokenDto.orgkey; _appState.RefreshToken = accessTokenDto.refresh_token; }
/// <summary> /// 用户注册 /// </summary> /// <param name="userDto">用于注册的用户信息</param> /// <returns>异步获取Token的任务,如果发生异常则会返回错误信息</returns> public async Task <(AccessTokenResponseDto, Dictionary <string, string>)> RegisterAsync(UserRegisterRequestDto userDto) { // 如果用户不是通过浏览器在请求接口,失去焦点时验证用户名的动作就没意义 var error = await ValidateUsernameAsync(userDto.Username); if (!string.IsNullOrEmpty(error)) { return(null, new Dictionary <string, string> { ["username"] = error }); } // 验证验证码 error = await ValidateCaptchaAsync(userDto.CaptchaId, userDto.CaptchaText); if (!string.IsNullOrEmpty(error)) { return(null, new Dictionary <string, string> { ["captcha"] = error }); } try { Guid salt = Guid.NewGuid(); var user = new User { Username = userDto.Username, PasswordHash = GeneratePasswordHash(userDto.Password, salt.ToString()), Salt = salt.ToString(), // 默认为普通用户 RoleId = (int)Roles.User }; _dbContext.User.Add(user); await _dbContext.SaveChangesAsync(); var token = new AccessTokenResponseDto { AccessToken = await _tokenAuthService.GenerateAccessTokenAsync(user), RefreshToken = await _tokenAuthService.GenerateRefreshTokenAsync(user) }; return(token, null); } catch { // 因为是多线程,依旧可能用户名重复 // 用户名重复会导致异常 return(null, new Dictionary <string, string> { ["username"] = _msg.GetMessage("E003", "用户名") }); } }