public async Task <object> RefreshToken(string token = "")
{
var jm = new AdminUiCallBack();
if (string.IsNullOrEmpty(token))
{
jm.code = 1001;
jm.msg = "token无效,请重新登录!";
return(new JsonResult(jm));
}
var tokenModel = JwtHelper.SerializeJwt(token);
if (tokenModel != null && tokenModel.Uid > 0)
{
var user = await _sysUserServices.QueryByIdAsync(tokenModel.Uid);
if (user != null)
{
var userRoles = await _sysUserServices.GetUserRoleNameStr(user.userName, user.passWord);
//如果是基于用户的授权策略,这里要添加用户;如果是基于角色的授权策略,这里要添加角色
var claims = new List <Claim> {
new Claim(ClaimTypes.Name, user.userName),
new Claim(JwtRegisteredClaimNames.Jti, tokenModel.Uid.ObjectToString()),
new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_permissionRequirement.Expiration.TotalSeconds).ToString())
};
claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s)));
//用户标识
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
identity.AddClaims(claims);
var refreshToken = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
jm.code = 0;
jm.msg = "认证成功";
jm.data = refreshToken;
//插入登录日志
var log = new SysLoginRecord();
log.username = user.userName;
log.ip = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString();
log.os = RuntimeInformation.OSDescription;
log.browser = _httpContextAccessor.HttpContext.Request.Headers[HeaderNames.UserAgent];
log.operType = (int)GlobalEnumVars.LoginRecordType.刷新Token;
log.createTime = DateTime.Now;
await _sysLoginRecordRepository.InsertAsync(log);
return(new JsonResult(jm));
}
}
jm.code = 1001;
jm.msg = "token无效,请重新登录!";
return(new JsonResult(jm));
}
public async Task UpdateLogin(LoginEventData data)
{
var user = await _userRep.GetAsync(data.UserId.Value);
if (user == null)
{
return;
}
user.LastLoginTime = data.LoginTime;
user.LastLoginIP = data.LoginIP;
await _userRep.UpdateAsync(user, user => new { user.LastLoginTime, user.LastLoginIP });
var record = new SysLoginRecord();
record.UserId = user.Id;
record.IP = user.LastLoginIP;
record.Time = user.LastLoginTime;
record.JwtExpireTime = data.JwtExpireTime;
record.JwtJti = data.JwtJti;
await _recordRep.InsertAsync(record);
}
public async Task <object> GetJwtToken([FromBody] FMLogin model)
{
var jm = new AdminUiCallBack();
if (string.IsNullOrEmpty(model.userName) || string.IsNullOrEmpty(model.password))
{
jm.msg = "用户名或密码不能为空";
return(new JsonResult(jm));
}
model.password = CommonHelper.Md5For32(model.password);
var user = await _sysUserServices.QueryByClauseAsync(p => p.userName == model.userName && p.passWord == model.password);
if (user != null)
{
if (user.state == 1)
{
jm.msg = "您的账户已经被冻结,请联系管理员解锁";
return(new JsonResult(jm));
}
var userRoles = await _sysUserServices.GetUserRoleNameStr(model.userName, model.password);
//如果是基于用户的授权策略,这里要添加用户;如果是基于角色的授权策略,这里要添加角色
var claims = new List <Claim> {
new Claim(ClaimTypes.Name, user.userName),
new Claim(JwtRegisteredClaimNames.Jti, user.id.ToString()),
new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_permissionRequirement.Expiration.TotalSeconds).ToString())
};
claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s)));
// ids4和jwt切换
// jwt
if (!Permissions.IsUseIds4)
{
var data = await _sysRoleMenuServices.RoleModuleMaps();
var list = (from item in data
orderby item.id
select new PermissionItem
{
Url = item.menu?.component,
RouteUrl = item.menu?.path,
Authority = item.menu?.authority,
Role = item.role?.roleCode,
}).ToList();
_permissionRequirement.Permissions = list;
}
//用户标识
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
identity.AddClaims(claims);
var token = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
jm.code = 0;
jm.msg = "认证成功";
jm.data = new
{
token,
loginUrl = "Panel.html"
};
//插入登录日志
var log = new SysLoginRecord();
log.username = model.userName;
log.ip = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString();
log.os = RuntimeInformation.OSDescription;
log.browser = _httpContextAccessor.HttpContext.Request.Headers[HeaderNames.UserAgent];
log.operType = (int)GlobalEnumVars.LoginRecordType.登录成功;
log.createTime = DateTime.Now;
await _sysLoginRecordRepository.InsertAsync(log);
return(new JsonResult(jm));
}
else
{
//插入登录日志
var log = new SysLoginRecord();
log.username = model.userName;
log.ip = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString();
log.os = RuntimeInformation.OSDescription;
log.browser = _httpContextAccessor.HttpContext.Request.Headers[HeaderNames.UserAgent];
log.operType = (int)GlobalEnumVars.LoginRecordType.登录失败;
log.createTime = DateTime.Now;
await _sysLoginRecordRepository.InsertAsync(log);
jm.msg = "账户密码错误";
return(new JsonResult(jm));
}
}
