/// <summary>
/// User List 视图保存按钮调用
/// </summary>
/// <param name="id"></param>
/// <param name="password"></param>
/// <param name="displayName"></param>
/// <returns></returns>
public virtual bool Update(string id, string password, string displayName)
{
var passSalt = LgbCryptography.GenerateSalt();
var newPassword = LgbCryptography.ComputeHash(password, passSalt);
return(DbManager.Create().Update <User>("set Password = @1, PassSalt = @2, DisplayName = @3 where ID = @0", id, newPassword, passSalt, displayName) == 1);
}
/// <summary>
///
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns></returns>
public virtual bool ResetPassword(string userName, string password)
{
var ret = false;
var resetUser = UserHelper.RetrieveResetUserByUserName(userName);
if (resetUser == null)
{
return(ret);
}
string sql = "set Password = @0, PassSalt = @1 where UserName = @2";
var passSalt = LgbCryptography.GenerateSalt();
var newPassword = LgbCryptography.ComputeHash(password, passSalt);
var db = DbManager.Create();
try
{
db.BeginTransaction();
ret = db.Update <User>(sql, newPassword, passSalt, userName) == 1;
if (ret)
{
db.Execute("delete from ResetUsers where UserName = @0", userName);
}
db.CompleteTransaction();
}
catch (Exception ex)
{
db.AbortTransaction();
throw ex;
}
return(ret);
}
/// <summary>
/// 登录
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public async Task <AdminLoginDto> LoginAsync(LoginAdminDto input)
{
AdminUser user;
if (input.Type == LoginType.Account)
{
user = await _userRepository
.Where(a => a.LoginName == input.Identifer)
.ToOneAsync();
ThrowIf(user == null, new AdminUserNotExistsException(input.Identifer));
var password = LgbCryptography.ComputeHash(input.Credential, user.PasswordSalt);
ThrowIf(user.Password != password, new PasswordWrongException());
}
else
{
user = await _userRepository
.Where(a => a.Phone == input.Identifer)
.FirstAsync();
ThrowIf(user == null, new AdminUserNotExistsException(input.Identifer));
var cacheKey = SystemCacheKeyPrefixDefinition.LoginCaptcha + input.Identifer;
var captcha = await Cache.GetAsync(cacheKey);
ThrowIf(captcha.IsNullOrWhiteSpace(), new UnGetCaptchaException());
ThrowIf(captcha != input.Credential, new CaptchaWrongException());
}
return(Mapper.Map <AdminLoginDto>(user));
}
public async Task <AdminUser> CreateAsync(
[NotNull] string loginName,
[CanBeNull] string password,
[NotNull] string name,
[NotNull] string phone
)
{
Check.NotNullOrWhiteSpace(loginName, nameof(loginName));
var loginNameExist = await _repository
.Where(a => a.LoginName == loginName)
.AnyAsync();
ThrowIf(loginNameExist, new AdminUserAlreadyExistsException(loginName));
Check.NotNullOrWhiteSpace(phone, nameof(phone));
var phoneExist = await _repository.Where(a => a.Phone == phone).AnyAsync();
ThrowIf(phoneExist, new AdminUserAlreadyExistsException(phone));
var passwordSalt = LgbCryptography.GenerateSalt(); //生成密码盐
return(new AdminUser
{
LoginName = loginName,
PasswordSalt = passwordSalt,
Password = LgbCryptography.ComputeHash(password ?? loginName, passwordSalt), //创建用户时,密码跟用户名一致
Name = name,
Phone = phone,
IsEnable = true
});
}
/// <summary>
///
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public override bool Save(DataAccess.User user)
{
// 已经存在或者已经在新用户中了
if (UserHelper.RetrieveUserByUserName(user.UserName) != null || UserHelper.RetrieveNewUsers().Any(u => u.UserName == user.UserName))
{
return(false);
}
DbManager.Users.InsertOne(new User()
{
UserName = user.UserName,
DisplayName = user.DisplayName,
PassSalt = LgbCryptography.GenerateSalt(),
Password = LgbCryptography.ComputeHash(user.Password, user.PassSalt),
RegisterTime = DateTime.Now,
ApprovedTime = user.ApprovedTime,
ApprovedBy = user.ApprovedBy,
Roles = new List <string>(),
Groups = new List <string>(),
Icon = user.Icon,
Description = user.Description,
IsReset = 0
});
user.Id = DbManager.Users.Find(r => r.UserName == user.UserName).FirstOrDefault().Id;
return(true);
}
/// <summary>
/// 新建前台User View调用/注册用户调用
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public virtual bool Save(User user)
{
user.PassSalt = LgbCryptography.GenerateSalt();
user.Password = LgbCryptography.ComputeHash(user.Password, user.PassSalt);
user.RegisterTime = DateTime.Now;
var db = DbManager.Create();
bool ret;
try
{
db.BeginTransaction();
if (!db.Exists <User>("UserName = @0", user.UserName))
{
db.Insert(user);
db.Execute("insert into UserRole (UserID, RoleID) select ID, (select ID from Roles where RoleName = 'Default') RoleId from Users where UserName = @0", user.UserName);
}
db.CompleteTransaction();
ret = true;
}
catch (Exception ex)
{
db.AbortTransaction();
throw ex;
}
return(ret);
}
/// <summary>
///
/// </summary>
/// <param name="id"></param>
/// <param name="password"></param>
/// <param name="displayName"></param>
/// <returns></returns>
public override bool Update(string id, string password, string displayName)
{
var passSalt = LgbCryptography.GenerateSalt();
var newPassword = LgbCryptography.ComputeHash(password, passSalt);
var update = Builders <User> .Update.Set(u => u.Password, newPassword).Set(u => u.PassSalt, passSalt).Set(u => u.DisplayName, displayName);
DbManager.Users.FindOneAndUpdate(u => u.Id == id, update);
return(true);
}
/// <summary>
///
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns></returns>
public override bool Authenticate(string userName, string password)
{
if (string.IsNullOrEmpty(userName) && string.IsNullOrEmpty(password))
{
return(false);
}
var u = DbManager.Users.Find(user => user.UserName.ToLowerInvariant() == userName.ToLowerInvariant()).FirstOrDefault();
return(u != null && !string.IsNullOrEmpty(u.PassSalt) && u.Password == LgbCryptography.ComputeHash(password, u.PassSalt));
}
/// <summary>
/// 重置用户密码
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public async Task ResetPasswordAsync(ResetPasswordDto input)
{
var user = await Repository.Where(a => a.Id == input.Id).FirstAsync();
ThrowIf(user == null, new AdminUserNotExistsException(input.Id.ToString()));
user.PasswordSalt = LgbCryptography.GenerateSalt(); //生成密码盐
user.Password = LgbCryptography.ComputeHash(input.Password, user.PasswordSalt);
await Repository.UpdateAsync(user);
}
/// <summary>
/// 设置 系统是否为演示系统 默认为 false 不是演示系统
/// </summary>
/// <returns></returns>
public static bool UpdateSystemModel(bool isDemo, string authKey)
{
var ret = false;
// 检查授权码
// 请求者提供 秘钥与结果 服务器端通过算法比对结果
if (LgbCryptography.ComputeHash(authKey, RetrieveAuthorSalt()) == RetrieveAuthorHash())
{
ret = DbContextManager.Create <Dict>()?.UpdateSystemModel(isDemo) ?? false;
}
return(ret);
}
/// <summary>
///
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="newPass"></param>
/// <returns></returns>
public virtual bool ChangePassword(string userName, string password, string newPass)
{
bool ret = false;
if (Authenticate(userName, password))
{
string sql = "set Password = @0, PassSalt = @1 where UserName = @2";
var passSalt = LgbCryptography.GenerateSalt();
var newPassword = LgbCryptography.ComputeHash(newPass, passSalt);
ret = DbManager.Create().Update <User>(sql, newPassword, passSalt, userName) == 1;
}
return(ret);
}
/// <summary>
/// 插入 Gitee 授权用户到数据库中
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
private static User ParseUser(OAuthCreatingTicketContext context)
{
var user = context.User.ToObject <OAuthUser>();
return(new User()
{
ApprovedBy = "OAuth",
ApprovedTime = DateTime.Now,
DisplayName = user?.Name ?? "",
UserName = user?.Login ?? "",
Password = LgbCryptography.GenerateSalt(),
Icon = user?.Avatar_Url ?? "",
Description = $"{context.Scheme.Name}({user?.Id})"
});
}
/// <summary>
/// 插入 Gitee 授权用户到数据库中
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
private static User ParseUser(OAuthCreatingTicketContext context)
{
var user = context.User.ToObject <WeChatUser>();
return(new User()
{
ApprovedBy = "OAuth",
ApprovedTime = DateTime.Now,
DisplayName = user.NickName,
UserName = user.UnionId,
Password = LgbCryptography.GenerateSalt(),
Icon = user.HeadImgUrl,
Description = $"{context.Scheme.Name}"
});
}
/// <summary>
///
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="newPass"></param>
/// <returns></returns>
public override bool ChangePassword(string userName, string password, string newPass)
{
bool ret = false;
if (Authenticate(userName, password))
{
var passSalt = LgbCryptography.GenerateSalt();
var newPassword = LgbCryptography.ComputeHash(newPass, passSalt);
var update = Builders <User> .Update.Set(u => u.Password, newPassword).Set(u => u.PassSalt, passSalt);
DbManager.Users.FindOneAndUpdate(u => u.UserName.ToLowerInvariant() == userName.ToLowerInvariant(), update);
ret = true;
}
return(ret);
}
/// <summary>
///
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns></returns>
public override bool ResetPassword(string userName, string password)
{
var ret = false;
var resetUser = UserHelper.RetrieveResetUserByUserName(userName);
if (resetUser == null)
{
return(ret);
}
var passSalt = LgbCryptography.GenerateSalt();
var newPassword = LgbCryptography.ComputeHash(password, passSalt);
DbManager.Users.UpdateOne(User => User.UserName.ToLowerInvariant() == userName.ToLowerInvariant(), Builders <User> .Update.Set(md => md.Password, newPassword).Set(md => md.PassSalt, passSalt).Set(md => md.IsReset, 0));
DbManager.ResetUsers.DeleteMany(user => user.UserName.ToLowerInvariant() == userName.ToLowerInvariant());
return(true);
}
/// <summary>
/// 插入 Gitee 授权用户到数据库中
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
private static User ParseUser(OAuthCreatingTicketContext context)
{
var user = context.Scheme.DisplayName switch
{
WeChatDefaults.DisplayName => context.User.ToWeChatUser(),
TencentDefaults.DisplayName => context.User.ToTencentUser(),
AlipayDefaults.DisplayName => context.User.ToAlipayUser(),
_ => context.User.ToAuthUser()
};
return(new User()
{
ApprovedBy = "OAuth",
ApprovedTime = DateTime.Now,
DisplayName = user?.Name ?? "",
UserName = user?.Login ?? "",
Password = LgbCryptography.GenerateSalt(),
Icon = user?.Avatar_Url ?? "",
Description = $"{context.Scheme.Name}({user?.Id})"
});
}
/// <summary>
///
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public override bool Save(DataAccess.User user)
{
user.PassSalt = LgbCryptography.GenerateSalt();
user.Password = LgbCryptography.ComputeHash(user.Password, user.PassSalt);
var newUser = new User()
{
UserName = user.UserName,
DisplayName = user.DisplayName,
PassSalt = user.PassSalt,
Password = user.Password,
RegisterTime = DateTime.Now,
ApprovedTime = user.ApprovedTime,
ApprovedBy = user.ApprovedBy,
Icon = user.Icon,
Description = user.Description,
IsReset = 0
};
DbManager.Users.InsertOne(newUser);
user.Id = DbManager.Users.Find(r => r.UserName.ToLowerInvariant() == user.UserName.ToLowerInvariant()).FirstOrDefault().Id;
return(true);
}
public IActionResult Salt()
{
return(new JsonResult(LgbCryptography.GenerateSalt()));
}
/// <summary>
/// 验证用户登录账号与密码正确
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns></returns>
public virtual bool Authenticate(string userName, string password)
{
var user = DbManager.Create().SingleOrDefault <User>("select Password, PassSalt from Users where ApprovedTime is not null and UserName = @0", userName);
return(user != null && !string.IsNullOrEmpty(user.PassSalt) && user.Password == LgbCryptography.ComputeHash(password, user.PassSalt));
}
public IActionResult Hash([FromBody] EncrptyPostData data)
{
return(new JsonResult(LgbCryptography.ComputeHash(data.Password, data.Salt)));
}
