コード例 #1
0
ファイル: UserService.cs プロジェクト: radtek/XuHos 
        /// <summary>
        /// 绑定手机号
        /// </summary>
        /// <param name="model"></param>
        /// <returns></returns>
        public ApiResult BindMobile(RequestBingdMobileDTO model)
        {
            //并发检查  ,retrycount=0
            if (!$"BindMobile{model.Mobile}".Lock($"BindMobile{model.Mobile}", TimeSpan.FromSeconds(10), 200, 3))
            {
                throw new Exception("并发冲突");
            }

            var userid = GetUserIDByMobile(model.Mobile, EnumUserType.User);

            if (string.IsNullOrEmpty(userid))
            {
                var user = new Entity.User()
                {
                    Mobile   = model.Mobile,
                    UserType = EnumUserType.User
                };
                string reason;
                RegisterUser(user, out reason, model.OpenID, model.AppID);
                userid = user.UserID;
            }
            else
            {
                using (var db = new DBEntities())
                {
                    var map = db.UserWechatMaps.Where(t => t.OpenID == model.OpenID && t.AppID == model.AppID).FirstOrDefault();

                    if (map == null || map.IsDeleted)
                    {
                        if (map == null)
                        {
                            map = new UserWechatMap()
                            {
                                UserID = userid,
                                OpenID = model.OpenID,
                                AppID  = model.AppID,
                            };
                            db.UserWechatMaps.Add(map);
                        }
                        else
                        {
                            map.IsDeleted = false;
                        }
                        db.SaveChanges();

                        UserLoginServerTicketDTO serverTicket = new UserLoginServerTicketDTO()
                        {
                            OpenID = model.OpenID,
                            UserID = userid,
                        };
                        ApiSecurityService.SetUserTicket(serverTicket, model.UserToken);
                    }
                }
            }

            return(userid.ToApiResultForObject());
        }
コード例 #2
0
        public ApiMessageResult OnUserAuthorization(string nonceStr, string userToken,
                                                    UserAuthenticateAttribute userAuthenticateAttribute)
        {
            //返回结果
            var result = new ApiMessageResult()
            {
                Status = 0
            };

            if (!string.IsNullOrEmpty(userToken))
            {
                if (!BLL.Sys.Implements.ApiSecurityService.CheckNonceStr(nonceStr, userToken))
                {
                    result.Status = EnumApiStatus.ApiRepeatedAccess;
                    result.Msg    = "非法请求(重复请求)";
                    return(result);
                }
            }

            #region //通过API正常登录,有usertoken的验证方式
            //用户是否登录(根据userToken取用户信息)
            if (!BLL.Sys.Implements.ApiSecurityService.CheckUserTicket(userToken))
            {
                result = new ApiMessageResult()
                {
                    Status = EnumApiStatus.ApiUserNotLogin, Msg = "用户未登录"
                };
            }
            else
            {
                var loginUser = ApiSecurityService.GetUserTicket(userToken);

                //扩展 药店用户,权限等同 用户
                if (userAuthenticateAttribute != null &&
                    userAuthenticateAttribute.IsValidUserType &&
                    loginUser.UserType != userAuthenticateAttribute.UserType)
                {
                    result = new ApiMessageResult()
                    {
                        Status = EnumApiStatus.ApiUserUnauthorized, Msg = "用户无权限访问"
                    };
                }
                else
                {
                    //存入通过认证的登录用户信息
                    HttpContext.Current.Items["LoginUser"] = loginUser;
                }
            }
            #endregion
            return(result);
        }
コード例 #3
0
 public JwtBearerConfigureOptions(ApiSecurityService service)
 {
     _service = service;
 }
コード例 #4
0
 public JwtController(IdentityContext context, ApiSecurityService security)
 {
     _context     = context;
     _credentials = new SigningCredentials(security.SecurityKey, SecurityAlgorithms.HmacSha256Signature);
 }
コード例 #5
0
ファイル: UserService.cs プロジェクト: radtek/XuHos 
        /// <summary>
        /// 用户登录
        /// </summary>
        /// <param name="user"></param>
        public ApiResult Login(RequestUserLoginDTO dto)
        {
            //检查账号和密码时长正确
            var user = CheckLogin(dto);

            //账号和密码正确
            if (user != null && !string.IsNullOrEmpty(user.UserID))
            {
                // 如果指定用户角色,则验证用户角色是否正确
                if (dto.UserRole.HasValue)
                {
                    UserService         roleService = new UserService();
                    List <EnumRoleType> roles       = roleService.GetUserRoles(user.UserID);
                    if (!roles.Exists(x => x == dto.UserRole.Value))
                    {
                        return(EnumApiStatus.BizUserLoginAccountOrPwdFail.ToApiResultForApiStatus());
                    }
                }

                //获取服务端票据
                UserLoginServerTicketDTO serverTicket = new UserLoginServerTicketDTO()
                {
                    OpenID = dto.OpenID,
                    UserID = user.UserID,
                };

                if (serverTicket != null)
                {
                    var clientTicket = new ResponseUserTicketReturnDTO()
                    {
                        Identifier = user.Identifier,
                        Mobile     = user.Mobile,
                        UserID     = serverTicket.UserID,
                        UserToken  = string.IsNullOrEmpty(dto.UserToken) ? Guid.NewGuid().ToString("N") : dto.UserToken,
                        UserCNName = user.UserCNName,
                        PhotoUrl   = user.PhotoUrl,
                    };

                    ApiSecurityService.SetUserTicket(serverTicket, clientTicket.UserToken);

                    using (XuHos.EventBus.MQChannel channel = new EventBus.MQChannel())
                    {
                        channel.BeginTransaction();

                        channel.Publish <XuHos.EventBus.Events.UserLoginedEvent>(new EventBus.Events.UserLoginedEvent()
                        {
                            UserID    = clientTicket.UserID,
                            LoginTime = DateTime.Now,
                            UserType  = clientTicket.UserType,
                        });

                        channel.Publish <XuHos.EventBus.Events.UserOperatorLogEvent>(new EventBus.Events.UserOperatorLogEvent()
                        {
                            UserID       = clientTicket.UserID,
                            OperatorTime = DateTime.Now,
                            UserType     = clientTicket.UserType,
                            OperatorType = EnumUserOperationType.Login,
                            OperatorName = "",
                            OrgID        = CurrentOperatorOrgID,
                            Remark       = "",
                            ModuleName   = ""
                        });

                        channel.Commit();
                    }


                    AddUserLoginLog(serverTicket, dto.UserLoginType, dto.Mobile);

                    return(clientTicket.ToApiResultForObject());
                }
                else
                {
                    return(EnumApiStatus.BizError.ToApiResultForApiStatus("LoginTicket Is Null"));
                }
            }
            else
            {
                return(EnumApiStatus.BizUserLoginAccountOrPwdFail.ToApiResultForApiStatus());

                #endregion
            }
        }