public async Task <IActionResult> Post(LoginModel userDto) { Check.NotNull(userDto, nameof(userDto)); //获取用户信息 var userModel = await _userService.GetUserByPhone(userDto.UserName); //检查是否为空或禁用 if (userModel == null || !userModel.Enabled) { throw new ArgumentNullException("用户名不存在或该账号已被禁用"); } //获取加密的密码 var md5Password = _encryptions.CreateMd5(userDto.Password + userModel.PasswordSalt); //判断是否一致 if (md5Password != userModel.Password) { throw new ArgumentNullException("帐号密码错误"); } //创建claim var claims = new Claim[] { new Claim(ClaimTypes.Name, userModel.UserName), new Claim(ClaimTypes.MobilePhone, userModel.PhoneNum), new Claim(ClaimTypes.PrimarySid, userModel.Id.ToString()), new Claim(ClaimTypes.Email, userModel.Email) }; //创建Key var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.SecretKey)); //创建creds var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); //创建Token var token = new JwtSecurityToken( _jwtSettings.Issuer, _jwtSettings.Audience, claims, DateTime.Now, DateTime.Now.AddDays(1), creds); ////////未写入数据库Token return(new JsonResult(new ResultModel(0, "获取成功", new JwtSecurityTokenHandler().WriteToken(token)))); }
/// <summary> /// /// </summary> /// <param name="userDto"></param> /// <returns></returns> public async Task CreateUserAsync(CreateUserDto userDto) { Check.NotNull(userDto, nameof(userDto)); var anyUserPhone = _userRepository .GetExpression(e => e.PhoneNum == userDto.PhoneNum) .AsNoTracking() .Any(); if (anyUserPhone) { throw new WsBaseException("已经存在的手机号"); } var userModel = _userRepository.MapTo(userDto); userModel.PasswordSalt = StrHelper.CreateStr(6); userModel.Password = _encryptions.CreateMd5(userDto.Password + userModel.PasswordSalt); var createResult = await _userRepository.CreateAsync(userModel); }