public async Task <AppSrvResult <UserValidateDto> > LoginAsync(UserLoginDto input)
{
var bloomFilterAccount = _bloomFilterFactory.GetBloomFilter(nameof(BloomFilterAccount));
var exists = await bloomFilterAccount.ExistsAsync(input.Account.ToLower());
if (!exists)
{
return(Problem(HttpStatusCode.BadRequest, "用户名或密码错误"));
}
var user = await _userRepository.FetchAsync(x => new
{
x.Id,
x.Account,
x.Password,
x.Salt,
x.Status,
x.Email,
x.Name,
x.RoleIds
}, x => x.Account == input.Account);
if (user == null)
{
return(Problem(HttpStatusCode.BadRequest, "用户名或密码错误"));
}
var httpContext = HttpContextUtility.GetCurrentHttpContext();
var channelWriter = ChannelHelper <LoginLog> .Instance.Writer;
var log = new LoginLog
{
Account = input.Account,
Succeed = false,
UserId = user.Id,
UserName = user.Name,
CreateTime = DateTime.Now,
Device = httpContext.Request.Headers["device"].FirstOrDefault() ?? "web",
RemoteIpAddress = httpContext.Connection.RemoteIpAddress.MapToIPv4().ToString()
};
if (user.Status != 1)
{
var problem = Problem(HttpStatusCode.TooManyRequests, "账号已锁定");
log.Message = problem.Detail;
log.StatusCode = problem.Status.Value;
await channelWriter.WriteAsync(log);
return(problem);
}
//var logins = await _loginLogRepository.SelectAsync(5, x => new { x.Id, x.Succeed,x.CreateTime }, x => x.UserId == user.Id, x => x.Id, false);
//var failLoginCount = logins.Count(x => x.Succeed == false);
var failLoginCount = 2;
if (failLoginCount == 5)
{
var problem = Problem(HttpStatusCode.TooManyRequests, "连续登录失败次数超过5次,账号已锁定");
log.Message = problem.Detail;
log.StatusCode = problem.Status.Value;
await channelWriter.WriteAsync(log);
await _cacheService.RemoveCachesAsync(async (cancellToken) =>
{
await _userRepository.UpdateAsync(new SysUser()
{
Id = user.Id, Status = 1
}, UpdatingProps <SysUser>(x => x.Status), cancellToken);
}, _cacheService.ConcatCacheKey(CachingConsts.UserValidateInfoKeyPrefix, user.Id.ToString()));
return(problem);
}
if (HashHelper.GetHashedString(HashType.MD5, input.Password, user.Salt) != user.Password)
{
var problem = Problem(HttpStatusCode.BadRequest, "用户名或密码错误");
log.Message = problem.Detail;
log.StatusCode = problem.Status.Value;
await channelWriter.WriteAsync(log);
return(problem);
}
if (user.RoleIds.IsNullOrEmpty())
{
var problem = Problem(HttpStatusCode.Forbidden, "未分配任务角色,请联系管理员");
log.Message = problem.Detail;
log.StatusCode = problem.Status.Value;
await channelWriter.WriteAsync(log);
return(problem);
}
log.Message = "登录成功";
log.StatusCode = (int)HttpStatusCode.Created;
log.Succeed = true;
await channelWriter.WriteAsync(log);
var userValidteInfo = new UserValidateDto
{
Id = user.Id,
Account = user.Account,
RoleIds = user.RoleIds,
Status = user.Status,
Name = user.Name,
ValidationVersion = HashHelper.GetHashedString(HashType.MD5, user.Account + user.Password)
};
return(userValidteInfo);
}
public async Task <AppSrvResult <UserValidateDto> > LoginAsync(UserLoginDto inputDto)
{
var user = await _userRepository.FetchAsync(x => new UserValidateDto()
{
Id = x.Id
,
Account = x.Account
,
Password = x.Password
,
Salt = x.Salt
,
Status = x.Status
,
Email = x.Email
,
Name = x.Name
,
RoleIds = x.RoleIds
}, x => x.Account == inputDto.Account);
if (user == null)
{
return(Problem(HttpStatusCode.NotFound, "用户名或密码错误"));
}
dynamic log = new ExpandoObject();
log.Account = inputDto.Account;
log.CreateTime = DateTime.Now;
var httpContext = HttpContextUtility.GetCurrentHttpContext();
log.Device = httpContext.Request.Headers["device"].FirstOrDefault() ?? "web";
log.RemoteIpAddress = httpContext.Connection.RemoteIpAddress.MapToIPv4().ToString();
log.Succeed = false;
log.UserId = user.Id;
log.UserName = user.Name;
if (user.Status != 1)
{
var problem = Problem(HttpStatusCode.TooManyRequests, "账号已锁定");
log.Message = problem.Detail;
log.StatusCode = problem.Status;
_mqProducer.BasicPublish(MqExchanges.Logs, MqRoutingKeys.Loginlog, log);
return(problem);
}
//var logins = await _loginLogRepository.SelectAsync(5, x => new { x.Id, x.Succeed,x.CreateTime }, x => x.UserId == user.Id, x => x.Id, false);
//var failLoginCount = logins.Count(x => x.Succeed == false);
var failLoginCount = 2;
if (failLoginCount == 5)
{
var problem = Problem(HttpStatusCode.TooManyRequests, "连续登录失败次数超过5次,账号已锁定");
log.Message = problem.Detail;
log.StatusCode = problem.Status;
await _cacheService.RemoveCachesAsync(async() =>
{
await _userRepository.UpdateAsync(new SysUser()
{
Id = user.Id, Status = 2
}, UpdatingProps <SysUser>(x => x.Status));
}, _cacheService.ConcatCacheKey(CachingConsts.UserLoginInfoKeyPrefix, user.Id.ToString()));
_mqProducer.BasicPublish(MqExchanges.Logs, MqRoutingKeys.Loginlog, log);
return(problem);
}
if (HashHelper.GetHashedString(HashType.MD5, inputDto.Password, user.Salt) != user.Password)
{
var problem = Problem(HttpStatusCode.BadRequest, "用户名或密码错误");
log.Message = problem.Detail;
log.StatusCode = problem.Status;
_mqProducer.BasicPublish(MqExchanges.Logs, MqRoutingKeys.Loginlog, log);
return(problem);
}
if (user.RoleIds.IsNullOrEmpty())
{
var problem = Problem(HttpStatusCode.Forbidden, "未分配任务角色,请联系管理员");
log.Message = problem.Detail;
log.StatusCode = problem.Status;
_mqProducer.BasicPublish(MqExchanges.Logs, MqRoutingKeys.Loginlog, log);
return(problem);
}
await _cacheService.SetValidateInfoToCacheAsync(user);
log.Message = "登录成功";
log.StatusCode = (int)HttpStatusCode.Created;
log.Succeed = true;
_mqProducer.BasicPublish(MqExchanges.Logs, MqRoutingKeys.Loginlog, log);
return(user);
}
