public async Task <IActionResult> Post(LoginModel userDto)
{
Check.NotNull(userDto, nameof(userDto));
//获取用户信息
var userModel = await _userService.GetUserByPhone(userDto.UserName);
//检查是否为空或禁用
if (userModel == null || !userModel.Enabled)
{
throw new ArgumentNullException("用户名不存在或该账号已被禁用");
}
//获取加密的密码
var md5Password = _encryptions.CreateMd5(userDto.Password + userModel.PasswordSalt);
//判断是否一致
if (md5Password != userModel.Password)
{
throw new ArgumentNullException("帐号密码错误");
}
//创建claim
var claims = new Claim[]
{
new Claim(ClaimTypes.Name, userModel.UserName),
new Claim(ClaimTypes.MobilePhone, userModel.PhoneNum),
new Claim(ClaimTypes.PrimarySid, userModel.Id.ToString()),
new Claim(ClaimTypes.Email, userModel.Email)
};
//创建Key
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.SecretKey));
//创建creds
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
//创建Token
var token = new JwtSecurityToken(
_jwtSettings.Issuer,
_jwtSettings.Audience,
claims, DateTime.Now,
DateTime.Now.AddDays(1),
creds);
////////未写入数据库Token
return(new JsonResult(new ResultModel(0, "获取成功", new JwtSecurityTokenHandler().WriteToken(token))));
}
/// <summary>
///
/// </summary>
/// <param name="userDto"></param>
/// <returns></returns>
public async Task CreateUserAsync(CreateUserDto userDto)
{
Check.NotNull(userDto, nameof(userDto));
var anyUserPhone = _userRepository
.GetExpression(e => e.PhoneNum == userDto.PhoneNum)
.AsNoTracking()
.Any();
if (anyUserPhone)
{
throw new WsBaseException("已经存在的手机号");
}
var userModel = _userRepository.MapTo(userDto);
userModel.PasswordSalt = StrHelper.CreateStr(6);
userModel.Password = _encryptions.CreateMd5(userDto.Password + userModel.PasswordSalt);
var createResult = await _userRepository.CreateAsync(userModel);
}
