/// <summary>
/// 检查TOKEN合法性并刷新
/// <para>作 者:蔡亚康</para>
/// <para>创建时间:2019-03-07</para>
/// </summary>
/// <param name="user">当前要刷新的用户</param>
/// <param name="ipAddress">当前登陆的IP地址</param>
/// <exception>
/// 异常ID:2->手机号码在系统不存在
/// 异常ID:5->用户登陆已失效
/// </exception>
/// <returns></returns>
public StudentLoginResponse RefreshToken(HssUserPrincipal user, string ipAddress)
{
long userId = long.Parse(user.UserId);
TblHssPassport passport = _repository.Value.Load(userId);
StudentLoginResponse result = new StudentLoginResponse();
//1、验证账户是否存在
ValidateUserExist(passport);
if (passport.OpenId != user.OpenId)
{
throw new BussinessException(ModelType.Hss, 5);
}
//2、更新最新登陆信息
UpdateLastLoginInfo(passport, ipAddress);
//3、记录登陆日记
AddOperationLog(passport);
//4、重新刷新token
JwtTokenService tokenService = new JwtTokenService();
result.Token = tokenService.CreateToken(passport);
return(result);
}
private void AddMobile(string mobile, TblHssPassportRepository repository)
{
try
{
TblHssPassport oldEntity = repository.GetByUserCode(mobile);
if (oldEntity == null)
{
TblHssPassport entity = new TblHssPassport()
{
CreateTime = DateTime.Now,
CurrentLoginIp = "",
LastLoginIp = "",
LoginTimes = 0,
OpenId = "",
PassporId = IdGenerator.NextId(),
UnionId = "",
UserCode = mobile
};
repository.Add(entity);
}
}
catch (Exception ex)
{
LogWriter.Write(this, "创建家校互联登陆账号出错:" + ex.Message, LoggerType.Error);
}
}
/// <summary>
/// 验证家长账号是否存在
/// <para>作 者:蔡亚康</para>
/// <para>创建时间:2019-03-06</para>
/// </summary>
/// <param name="passport">登陆账号的信息</param>
/// <exception>
/// 异常ID:2->手机号码在系统不存在
/// </exception>
private void ValidateUserExist(TblHssPassport passport)
{
if (passport == null)
{
LogWriter.Write("AuthenicationService.ValidateUserExist", "找不到用户", LoggerType.Error);
throw new BussinessException(ModelType.Hss, 2);
}
}
/// <summary>
/// 描述:更新最新登陆信息
/// <para>作 者:蔡亚康</para>
/// <para>创建时间:2019-03-07</para>
/// </summary>
/// <param name="passport">用户账号信息</param>
/// <param name="ipAddress">IP地址</param>
private void UpdateLastLoginInfo(TblHssPassport passport, string ipAddress)
{
passport.LastLoginIp = passport.CurrentLoginIp;
passport.LastLoginDate = passport.CurrentLoginDate;
passport.CurrentLoginIp = ipAddress;
passport.CurrentLoginDate = DateTime.Now;
passport.LoginTimes = passport.LoginTimes + 1;
_repository.Value.Update(passport);
}
/// <summary>
/// 发送短信
/// <para>作 者:蔡亚康</para>
/// <para>创建时间:2019-03-06</para>
/// </summary>
public void SendSignInCode(string mobile)
{
TblHssPassport passport = _repository.Value.GetByUserCode(mobile);
//1、验证账户是否存在
this.ValidateUserExist(passport);
//2、发送短信
UserLoginSmsService smsService = new UserLoginSmsService(mobile);
smsService.Send();
}
/// <summary>
/// 描述:添加操作日记
/// <para>作 者:蔡亚康</para>
/// <para>创建时间:2019-03-07</para>
/// </summary>
/// <param name="passport">用户账号信息</param>
private void AddOperationLog(TblHssPassport passport)
{
OperationLogService operationLogService = new OperationLogService();
TblDatOperationLog log = new TblDatOperationLog()
{
BusinessId = passport.PassporId,
BusinessType = (int)LogBusinessType.HssLogin,
FlowStatus = (int)OperationFlowStatus.Finish,
OperationLogId = IdGenerator.NextId(),
OperatorId = "",
OperatorName = "",
Remark = $"用户{passport.UserCode} 于 {DateTime.Now} 登陆了家校互联",
CreateTime = DateTime.Now,
SchoolId = ""
};
operationLogService.Add(log);
}
/// <summary>
/// 创建token
/// <para>作 者:蔡亚康</para>
/// <para>创建时间:2019-03-06</para>
/// </summary>
/// <param name="user">登陆的用户实体信息</param>
/// <returns>token值</returns>
internal String CreateToken(TblHssPassport user)
{
string privateKey = ClientConfigManager.HssConfig.TokenKey.PrivateKey; //使用私钥加密
int tokenTimestamp = ClientConfigManager.HssConfig.TokenTimestamp;
RSA rsa = RSAKeyHelper.CreateRsaProviderFromPrivateKey(privateKey);
//Claims(Payload)
// Claims 部分包含了一些跟这个 token 有关的重要信息。 JWT 标准规定了一些字段,下面节选一些字段:
//iss: The issuer of the token,token 是给谁的
// sub: The subject of the token,token 主题
// exp: Expiration Time。 token 过期时间,Unix 时间戳格式
// iat: Issued At。 token 创建时间, Unix 时间戳格式
// jti: JWT ID。针对当前 token 的唯一标识
// 除了规定的字段外,可以包含其他任何 JSON 兼容的字段。
var key = new RsaSecurityKey(rsa);
var creds = new SigningCredentials(key, SecurityAlgorithms.RsaSha256);
List <Claim> claims = new List <Claim>();
claims.Add(new Claim(JwtUserId, user.PassporId.ToString()));
claims.Add(new Claim(JwtUserName, user.UserCode));
claims.Add(new Claim(JwtOpenId, user.OpenId));
JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(
issuer: ISSUER,
audience: AUDIENCE,
claims: claims,
expires: DateTime.Now.AddHours(tokenTimestamp),
signingCredentials: creds);
string token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
return(token);
}
/// <summary>
/// 描述:家校登陆
/// <para>作 者:蔡亚康</para>
/// <para>创建时间:2019-03-06</para>
/// </summary>
/// <param name="request">用户登陆的手机号和验证码等信息</param>
/// <exception>
/// 异常ID:2->手机号码在系统不存在
/// 异常ID:1->验证码有误
/// 异常ID:6->微信号已被其他手机号绑定
/// 异常ID:7->用户信息数据解密失败
/// </exception>
/// <returns>登陆结果</returns>
public StudentLoginResponse SignIn(StudentLoginRequest request)
{
TblHssPassport passport = _repository.Value.GetByUserCode(request.Mobile);
StudentLoginResponse result = new StudentLoginResponse();
//1、验证账户是否存在
this.ValidateUserExist(passport);
//2、短信验证码校验
this.ValidateSmsCode(request.Mobile, request.SmsCode);
//3、获取openid
Code2SessionService wxService = new Code2SessionService();
OpenIdResponse openid = wxService.GetOpenId(request.WxCode);
//4、检查openid是否已经被其他手机号绑定
TblHssPassport passport2 = _repository.Value.GetByOpenId(openid.OpenId);
if (passport2 != null && passport2.OpenId == openid.OpenId && passport2.UserCode != request.Mobile)
{
throw new BussinessException(ModelType.Hss, 6);
}
//5、用户数据解密
try
{
string data = AESHelper.AESDecrypt(request.EncryptedData, openid.Session_Key, request.Iv);
JObject wxUserInfo = (JObject)JsonConvert.DeserializeObject(data);
//检查返回值是否包含unionID,防止出现异常。
JToken jtoke = null;
if (wxUserInfo.TryGetValue("unionId", out jtoke))
{
passport.UnionId = jtoke.ToString();
}
else
{
LogWriter.Write(this, "解密数据没有unionID,原数据如下:" + GetDecryptData(request, openid), LoggerType.Warn);
}
}
catch (Exception ex)
{
LogWriter.Write(this, "小程序解密失败,原数据如下:" + GetDecryptData(request, openid), LoggerType.Error);
throw new BussinessException(ModelType.Hss, 7);
}
//获取到的unionID为空,有可能是用户未允许访问授权
if (string.IsNullOrEmpty(passport.UnionId))
{
throw new BussinessException(ModelType.Hss, 8);
}
//6、绑定openid 并更新最新登陆信息,包括最新的openid
passport.OpenId = openid.OpenId;//openid.OpenId; //如果在另外一个微信上登陆将会被新的替换
passport.LastLoginIp = passport.CurrentLoginIp;
passport.LastLoginDate = passport.CurrentLoginDate;
passport.CurrentLoginIp = request.IpAddress;
passport.CurrentLoginDate = DateTime.Now;
passport.LoginTimes = passport.LoginTimes + 1;
_repository.Value.Update(passport);
//6、记录登陆日记
AddOperationLog(passport);
//7、返回登陆结果
JwtTokenService tokenService = new JwtTokenService();
result.Token = tokenService.CreateToken(passport);
return(result);
}
