/// <summary> /// 检查TOKEN合法性并刷新 /// <para>作 者:蔡亚康</para> /// <para>创建时间:2019-03-07</para> /// </summary> /// <param name="user">当前要刷新的用户</param> /// <param name="ipAddress">当前登陆的IP地址</param> /// <exception> /// 异常ID:2->手机号码在系统不存在 /// 异常ID:5->用户登陆已失效 /// </exception> /// <returns></returns> public StudentLoginResponse RefreshToken(HssUserPrincipal user, string ipAddress) { long userId = long.Parse(user.UserId); TblHssPassport passport = _repository.Value.Load(userId); StudentLoginResponse result = new StudentLoginResponse(); //1、验证账户是否存在 ValidateUserExist(passport); if (passport.OpenId != user.OpenId) { throw new BussinessException(ModelType.Hss, 5); } //2、更新最新登陆信息 UpdateLastLoginInfo(passport, ipAddress); //3、记录登陆日记 AddOperationLog(passport); //4、重新刷新token JwtTokenService tokenService = new JwtTokenService(); result.Token = tokenService.CreateToken(passport); return(result); }
public async Task <ActionResult> Login([FromBody] UserForLogin userForLoginDto) { var user = await _authRepository.Login(userForLoginDto.UserName, userForLoginDto.Password); if (user == null) { return(Unauthorized()); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_configuration.GetSection("AppSettings:Token").Value); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.NameIdentifier, user.id.ToString()), new Claim(ClaimTypes.Name, user.Username) }), Expires = DateTime.Now.AddYears(10), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key) , SecurityAlgorithms.HmacSha512Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); var student = _appRepository.getStudent(user.userId); var userReturn = new StudentLoginResponse() { tokenString = tokenString, Username = user.Username, Student = student, Id = user.id }; return(Ok(userReturn)); }
/// <summary> /// 描述:家校登陆 /// <para>作 者:蔡亚康</para> /// <para>创建时间:2019-03-06</para> /// </summary> /// <param name="request">用户登陆的手机号和验证码等信息</param> /// <exception> /// 异常ID:2->手机号码在系统不存在 /// 异常ID:1->验证码有误 /// 异常ID:6->微信号已被其他手机号绑定 /// 异常ID:7->用户信息数据解密失败 /// </exception> /// <returns>登陆结果</returns> public StudentLoginResponse SignIn(StudentLoginRequest request) { TblHssPassport passport = _repository.Value.GetByUserCode(request.Mobile); StudentLoginResponse result = new StudentLoginResponse(); //1、验证账户是否存在 this.ValidateUserExist(passport); //2、短信验证码校验 this.ValidateSmsCode(request.Mobile, request.SmsCode); //3、获取openid Code2SessionService wxService = new Code2SessionService(); OpenIdResponse openid = wxService.GetOpenId(request.WxCode); //4、检查openid是否已经被其他手机号绑定 TblHssPassport passport2 = _repository.Value.GetByOpenId(openid.OpenId); if (passport2 != null && passport2.OpenId == openid.OpenId && passport2.UserCode != request.Mobile) { throw new BussinessException(ModelType.Hss, 6); } //5、用户数据解密 try { string data = AESHelper.AESDecrypt(request.EncryptedData, openid.Session_Key, request.Iv); JObject wxUserInfo = (JObject)JsonConvert.DeserializeObject(data); //检查返回值是否包含unionID,防止出现异常。 JToken jtoke = null; if (wxUserInfo.TryGetValue("unionId", out jtoke)) { passport.UnionId = jtoke.ToString(); } else { LogWriter.Write(this, "解密数据没有unionID,原数据如下:" + GetDecryptData(request, openid), LoggerType.Warn); } } catch (Exception ex) { LogWriter.Write(this, "小程序解密失败,原数据如下:" + GetDecryptData(request, openid), LoggerType.Error); throw new BussinessException(ModelType.Hss, 7); } //获取到的unionID为空,有可能是用户未允许访问授权 if (string.IsNullOrEmpty(passport.UnionId)) { throw new BussinessException(ModelType.Hss, 8); } //6、绑定openid 并更新最新登陆信息,包括最新的openid passport.OpenId = openid.OpenId;//openid.OpenId; //如果在另外一个微信上登陆将会被新的替换 passport.LastLoginIp = passport.CurrentLoginIp; passport.LastLoginDate = passport.CurrentLoginDate; passport.CurrentLoginIp = request.IpAddress; passport.CurrentLoginDate = DateTime.Now; passport.LoginTimes = passport.LoginTimes + 1; _repository.Value.Update(passport); //6、记录登陆日记 AddOperationLog(passport); //7、返回登陆结果 JwtTokenService tokenService = new JwtTokenService(); result.Token = tokenService.CreateToken(passport); return(result); }