public static string CreateUserToken(IUserIdentity user)
{
if (!IsSsoServer)
{
return(null);
}
var span = new TimeSpan(2, 0, 0);
var str = DateTime.Now.Ticks.ToString("X16");
var str2 = Guid.NewGuid().ToString("N").ToUpper();
var str3 = rnd.Next(0x989680, 0x7ffffffe).ToString("X");
var str4 = str + str2 + str3;
using (var scope = new TransactionScope(TransactionScopeOption.Suppress))
{
using (var context = new BizDataContext())
{
var token = new SysUserToken {
TokenKey = str4,
UserId = user.User_ID,
ExpireTime = DateTime.Now.Add(span)
};
context.Insert(token);
}
scope.Complete();
}
user.SsoToken = str4;
return(str4);
}
/// <summary>
/// 通过当前登录用户的token 获取用户信息并缓存
/// </summary>
/// <param name="token"></param>
/// <returns></returns>
public Entities.SysUser getLogged(string token)
{
SysUserToken userToken = null;
Entities.SysUser sysUser = null;
_memoryCache.TryGetValue <SysUserToken>(token, out userToken);
Guid tokenId = Guid.Empty;
if (userToken != null)
{
_memoryCache.TryGetValue(string.Format(MODEL_KEY, userToken.SysUserId), out sysUser);
}
if (sysUser != null)
{
return(sysUser);
}
if (Guid.TryParse(token, out tokenId))
{
var tokenItem = _sysUserTokenRepository.Table.Include(x => x.SysUser).FirstOrDefault(o => o.Id == tokenId);
if (tokenItem != null)
{
_memoryCache.Set(token, tokenItem, DateTimeOffset.Now.AddHours(4));
//缓存
_memoryCache.Set(string.Format(MODEL_KEY, tokenItem.SysUserId), tokenItem.SysUser, DateTimeOffset.Now.AddHours(4));
return(tokenItem.SysUser);
}
}
return(null);
}
public SysUser GetLogined(string token)
{
SysUser user = null;
SysUserToken userToken = null;
_memoryCache.TryGetValue <SysUserToken>(token, out userToken);
if (userToken != null)
{
_memoryCache.TryGetValue($"{MODEL_KEY}{userToken.SysUserId}", out user);
}
if (user != null)
{
return(user);
}
Guid tokenId = Guid.Empty;
if (Guid.TryParse(token, out tokenId))
{
var tokenItem = _tokenRepository.Table.Include(t => t.SysUser).FirstOrDefault(u => u.Id == tokenId);
if (tokenItem != null)
{
_memoryCache.Set($"{MODEL_KEY}{tokenItem.SysUserId}", tokenItem.SysUser, DateTime.Now.AddHours(4));
return(tokenItem.SysUser);
}
}
return(null);
}
/// <summary>
/// 通过token获取登录用户的信息
/// (缓存)
/// </summary>
/// <param name="token">用户token</param>
/// <returns></returns>
public SysUser GetLogged(string token)
{
//return new SysUser { Name = "张三" };
SysUserToken sysUserToken = null;
SysUser sysUser = null;
_memoryCache.TryGetValue(token, out sysUserToken);
if (sysUserToken != null)
{
_memoryCache.TryGetValue(string.Format(MODEL_KEY, sysUserToken.Id.ToString()), out sysUser);
}
if (sysUser != null)
{
return(sysUser);
}
Guid tokenId = Guid.Empty;
if (Guid.TryParse(token, out tokenId))
{
var tokenItem = _sysUserTokenRepository.Table.Include(x => x.SysUser).FirstOrDefault(o => o.Id == tokenId);
if (tokenItem != null)
{
_memoryCache.Set(token, tokenItem, DateTime.Now.AddHours(4));
_memoryCache.Set(string.Format(MODEL_KEY, tokenItem.Id.ToString()), tokenItem.SysUser, DateTime.Now.AddHours(4));
return(tokenItem.SysUser);
}
}
return(null);
}
public RestResponse ExpireToken(string token)
{
SysUserToken sysUserToken = sysUserTokenService.GetEntity(new { Token = token });
if (sysUserToken == null)
{
return(RestResponse.validate("未找到token"));
}
sysUserToken.ExpireTime = DateTime.Now;
int flag = sysUserTokenService.Update(sysUserToken);
return(flag > 0 ? RestResponse.success() : RestResponse.error("操作失败"));
}
public RestResponse ExpireToken(int sysUserAccountId)
{
SysUserToken sysUserToken = sysUserTokenService.GetEntity(new { SysUserAccountId = sysUserAccountId });
if (sysUserToken == null)
{
return(RestResponse.validate("未找到帐号"));
}
sysUserToken.ExpireTime = DateTime.Now;
int flag = sysUserTokenService.Update(sysUserToken);
return(flag > 0 ? RestResponse.success() : RestResponse.error("操作失败"));
}
public void OnActionExecuted(ActionExecutedContext context)
{
//写日志
string Operation = GetCustomerData(((Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor).MethodInfo);
if (!string.IsNullOrEmpty(Operation))
{
SysLogOperation log = new SysLogOperation();
log.Id = System.Guid.NewGuid().ToString("N");
//获取方法
log.Method = ((Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor).DisplayName;
log.Method = log.Method.Replace("(Permission.API)", "()");
log.SysUserAccountId = "";
//获取用户信息
string token = GlobalAuthorizationFilter.GetRequestToken(context.HttpContext.Request);
if (!string.IsNullOrEmpty(token))
{
SysUserToken sysUserToken = _SysUserTokenService.SysUserTokenRepository.GetEntity(new { Token = token, ExpireTime = DateTime.Now });
if (sysUserToken != null)
{
log.SysUserAccountId = sysUserToken.SysUserAccountId;
}
}
//获取参数
log.Params = Params;
if (Params.Length > 1000)
{
log.Params = log.Params.Substring(0, 1000);
}
//获取ip信息
log.Ip = _accessor.HttpContext.Request.Headers["X-Forwarded-For"].ToString();
//获取执行时间
var renderTimer = GetTimer(context.HttpContext, "render");
renderTimer.Stop();
log.Time = (int)renderTimer.ElapsedMilliseconds;
//当前时间
log.CreateTime = DateTime.Now;
//内容
log.Operation = Operation;
_SysLogService.Insert(log);
}
}
public (bool status, string message, string token, SysUser user) AvailableDataUser(string account, string password, string R)
{
var user = GetByAccount(account);
if (user == null)
{
return(false, "用户不存在", null, null);
}
if (user.LoginLock)
{
if (user.AllowLoginTime > DateTime.Now)
{
return(false, $"账号已被锁定,{(int)(user.AllowLoginTime - DateTime.Now).Value.TotalSeconds + 1}", null, null);
}
}
bool isPasswordCorect = Password.VerifyMd5Hash(user.Salt, password, user.Password);
if (isPasswordCorect)
{
user.LoginLock = false;
user.LoginFailedNum = 0;
user.LastLoginTime = DateTime.Now;
user.AllowLoginTime = null;
var userToken = new SysUserToken()
{
Id = Guid.NewGuid(),
ExpireTime = DateTime.Now.AddDays(15),
};
user.SysUserTokens.Add(userToken);
_userRepository.DbContext.SaveChanges();
return(true, "登录成功", userToken.Id.ToString(), user);
}
else
{
user.LoginFailedNum++;
if (user.LoginFailedNum > 3)
{
user.LoginLock = true;
user.AllowLoginTime = DateTime.Now.AddMinutes(5);
}
_userRepository.DbContext.SaveChanges();
return(false, "密码出错", null, null);
}
}
/// <summary>
/// 授权检测
/// </summary>
/// <param name="context"></param>
public void OnAuthorization(AuthorizationFilterContext context)
{
//判断是否跳过授权过滤器
var endpoint = context.HttpContext.GetEndpoint();
if (endpoint?.Metadata?.GetMetadata <IAllowAnonymous>() != null)
{
return;
}
if (context.Filters.Any(item => item is IAllowAnonymousFilter))
{
return;
}
//获取请求token,如果token不存在,直接返回401
string token = GetRequestToken(context.HttpContext.Request);
if (string.IsNullOrEmpty(token))
{
context.HttpContext.Response.Headers["Access-Control-Allow-Credentials"] = "true";
context.Result = new JsonResult(RestResponse.error(HttpStatus.UNAUTHORIZED, "invalid token"));
return;
}
//验证token的有效性
SysUserToken sysUserToken = _SysUserTokenService.SysUserTokenRepository.GetEntity(new { Token = token });
if (sysUserToken == null || sysUserToken.ExpireTime <= DateTime.Now)
{
context.HttpContext.Response.Headers["Access-Control-Allow-Credentials"] = "true";
context.Result = new JsonResult(RestResponse.error(HttpStatus.UNAUTHORIZED, "invalid token"));
return;
}
//验证当前用户是否有权限访问该方法
string apiUrl = context.HttpContext.Request.RouteValues.FirstOrDefault().ToString();
}
/// <summary>
/// 验证登录状态
/// </summary>
/// <param name="account">登录账号</param>
/// <param name="password">登录密码</param>
/// <param name="r">登录随机数</param>
/// <returns></returns>
public (bool Status, string Message, string Token, Entities.SysUser User) validateUser(string account, string password, string r)
{
var user = getByAccount(account);
if (user == null)
{
return(false, "用户名或密码错误", null, null);
}
if (!user.Enabled)
{
return(false, "你的账号已被冻结", null, null);
}
if (user.LoginLock)
{
if (user.AllowLoginTime > DateTime.Now)
{
return(false, "账号已被锁定" + ((int)(user.AllowLoginTime - DateTime.Now).Value.TotalMinutes + 1) + "分钟。", null, null);
}
}
var md5Password = EncryptorHelper.GetMD5(user.Password + r);
//匹配密码
if (password.Equals(md5Password, StringComparison.InvariantCultureIgnoreCase))
{
user.LoginLock = false;
user.LoginFailedNum = 0;
user.AllowLoginTime = null;
user.LastLoginTime = DateTime.Now;
user.LastIpAddress = "";
// _sysUserRepository.DbContext.SaveChanges();
//登录日志
var userLoginLog = new SysUserLoginLog()
{
Id = Guid.NewGuid(),
IpAddress = "",
UserId = user.Id,
LoginTime = DateTime.Now,
Message = "登录:成功"
};
// user.SysUserLoginLogs.Add(userLoginLog);
_sysUserLogRepository.insert(userLoginLog);
// _sysUserLogRepository.SaveChanges();
//单点登录,移除旧的登录token
var userToken = new SysUserToken()
{
Id = Guid.NewGuid(),
SysUserId = user.Id,
ExpireTime = DateTime.Now.AddDays(15)
};
// user.SysUserTokens.Add(userToken);
_sysUserTokenRepository.insert(userToken);
_sysUserRepository.DbContext.SaveChanges();
return(true, "登录成功", userToken.Id.ToString(), user);
}
else
{
//登录日志
user.SysUserLoginLogs.Add(new SysUserLoginLog()
{
Id = Guid.NewGuid(),
IpAddress = "",
LoginTime = DateTime.Now,
Message = "登录:密码错误"
});
user.LoginFailedNum++;
if (user.LoginFailedNum > 5)
{
user.LoginLock = true;
user.AllowLoginTime = DateTime.Now.AddHours(2);
}
_sysUserRepository.DbContext.SaveChanges();
}
return(false, "用户名或密码错误", null, null);
}
/// <summary>
/// 验证用户登录状态
/// </summary>
/// <param name="account">账户</param>
/// <param name="password">密码</param>
/// <param name="r">随机值</param>
/// <returns></returns>
public (bool Status, string Message, string Token, SysUser User) ValidateUser(string account, string password, string r)
{
var user = GetByAccount(account);
if (user == null)
{
return(false, "用户名或密码错误", null, null);
}
if (!user.Enabled)
{
return(false, "您的账号已被冻结", null, null);
}
if (user.LoginLock)
{
if (user.AllowLoginTime > DateTime.Now)
{
return(false, $"您的账号已被锁定{(int)((user.AllowLoginTime - DateTime.Now).Value.TotalMinutes) + 1}分钟", null, null);
}
}
var md5Password = EncryptorHelper.GetMD5(user.Password + r);
//匹配密码
if (password.Equals(md5Password, StringComparison.InvariantCultureIgnoreCase))
{
user.LoginLock = false;
user.LoginFailedNum = 0;
user.AllowLoginTime = null;
user.LastLoginTime = DateTime.Now;
user.LastIpAddress = IPHelper.GetIPContent(this._httpContextAccessor);
//登录日志
user.SysUserLoginLogs.Add(new SysUserLoginLog
{
Id = Guid.NewGuid(),
IpAddress = IPHelper.GetIPContent(this._httpContextAccessor),
LoginTime = DateTime.Now,
Message = "登录:成功"
});
//单点登录,移除旧的登录token
var userToken = new SysUserToken
{
Id = Guid.NewGuid(),
ExpireTime = DateTime.Now.AddDays(15)
};
user.SysUserTokens.Add(userToken);
_sysUserRepository.DbContext.SaveChanges();
return(true, "登录成功", userToken.Id.ToString(), user);
}
else//密码不匹配
{
//登录日志
user.SysUserLoginLogs.Add(new SysUserLoginLog
{
Id = Guid.NewGuid(),
IpAddress = IPHelper.GetIPContent(this._httpContextAccessor),
LoginTime = DateTime.Now,
Message = "登录:密码错误"
});
user.LoginFailedNum++;
if (user.LoginFailedNum > 5)
{
user.LoginLock = true;
user.AllowLoginTime = DateTime.Now.AddHours(5);
}
_sysUserRepository.DbContext.SaveChanges();
return(false, "用户名或密码错误", null, null);
}
}
public RestResponse Login([FromBody] LoginModel login)
{
//校验 验证码
HttpContext.Session.TryGetValue("captcha", out var captch);
if (captch == null)
{
return(RestResponse.validate("验证码错误,请刷新验证码重试"));
}
string Captcha = System.Text.Encoding.Default.GetString(captch);
if (string.IsNullOrEmpty(Captcha) || !login.Code.Equals(Captcha))
{
return(RestResponse.validate("验证码错误"));
}
//验证 用户名、密码
SysUserAccount account = sysUserAccountService.GetEntity(new
{
LoginAccount = login.Account
});
if (account == null)
{
return(RestResponse.validate("帐号/密码错误"));
}
//比较密码
string password = Common.EncryptionDecryption.Md5Unit.MD532(login.Password + account.Salt);
if (!password.Equals(account.Password))
{
return(RestResponse.validate("帐号/密码错误"));
}
//查询是否被禁用
if (account.Status == (int)CommonEnum.STATUS.DISABLE)
{
return(RestResponse.error("您的帐号已被禁止使用,请联系客服"));
}
//生成token
string token = TokenGenerator.generateValue();
SysUserToken userToken = sysUserTokenService.GetEntity(new
{
SysUserAccountId = account.Id
});
userToken = userToken == null ? new SysUserToken() : userToken;
userToken.SysUserAccountId = account.Id;
userToken.Token = token;
//查询配置 令牌时效
double h = Convert.ToDouble(Startup.Configuration["Token:TimeHourExpire"]);
userToken.ExpireTime = DateTime.Now.AddHours(h);
userToken.UpdateTime = DateTime.Now;
int flag = string.IsNullOrEmpty(userToken.Id) ? sysUserTokenService.Insert(userToken) : sysUserTokenService.Update(userToken);
//写入登录日志
SysLogLogin log = new SysLogLogin();
log.SysUserAccountId = account.Id;
log.Ip = accessor.HttpContext.Request.Headers["X-Forwarded-For"].ToString();
sysLogLoginService.Insert(log);
//清空验证码
HttpContext.Session.Remove("captcha");
return(RestResponse.success().put("token", token));
}
//------------------------------------------------------
public (bool Status, string Message, string Token, Entities.SysUser User) validateUser(string account, string password, string r)
{
//return (false,"密码错误",null,null);
var user = getByAccount(account);
if (user == null)
{
return(false, "用户名或密码错误", null, null);
}
if (!user.Enabled)
{
return(false, "你的账号已被冻结", null, null);
}
if (user.LoginLock)
{
if (user.AllowLoginTime > DateTime.Now)
{
return(false, "账号已被锁定" + ((int)(user.AllowLoginTime - DateTime.Now).Value.TotalMinutes + 1) + "分钟。", null, null);
}
}
//password = 161e7675716c353c9673322b423acccd
//e065630e2e15d080fb6e72e0c1a2144e
var md5Password = EncryptorHelper.GetMD5(user.Password + r);
if (password.Equals(md5Password, StringComparison.InvariantCultureIgnoreCase))
{
user.LoginLock = false;
user.LoginFailedNum = 0;
user.AllowLoginTime = null;
user.LastLoginTime = DateTime.Now;
user.LastIpAddress = "";
//登录日志
user.SysUserLoginLogs.Add(new Entities.SysUserLoginLog()
{
Id = Guid.NewGuid(),
IpAddress = "",
LoginTime = DateTime.Now,
Message = "登录:成功"
});
//如果需要单点登录,需要溢出下面的旧的登录信息token
var userToken = new SysUserToken()
{
Id = Guid.NewGuid(),
ExpireTime = DateTime.Now.AddDays(15)
};
user.SysUserTokens.Add(userToken);
return(true, "登录成功", userToken.Id.ToString(), user);
}
else
{
//登录日志
user.SysUserLoginLogs.Add(new Entities.SysUserLoginLog()
{
Id = Guid.NewGuid(),
IpAddress = "",
LoginTime = DateTime.Now,
Message = "登录:密码错误"
});
user.LoginFailedNum++;
if (user.LoginFailedNum > 5)
{
user.LoginLock = true;
user.AllowLoginTime = DateTime.Now.AddHours(1); //锁一小时
}
_sysUserRepository.DbContext.SaveChanges();
}
//return (false, "用户名或密码错误", "aaaa1111", new Entities.SysUser.SysUser() { Id=Guid.NewGuid(),Name="李四"});
return(false, "用户名或密码错误", null, null);
}
/// <summary>
/// 验证登录状态
/// </summary>
/// <param name="account">登录账号</param>
/// <param name="password">登录密码</param>
/// <param name="r">登录随机数</param>
/// <returns></returns>
public (bool Status, string Message, string Token, Entities.SysUser User) ValidateUser(string account, string password, string r)
{
var user = GetByAccount(account);
if (user == null)
{
return(false, "用户名或密码错误", null, null);
}
if (!user.Enabled)
{
return(false, "该账号已被冻结", null, null);
}
if (user.LoginLock)
{
if (user.AllowLoginTime.HasValue && user.AllowLoginTime > DateTime.Now)
{
var waitMin = (user.AllowLoginTime - DateTime.Now).Value.Minutes + 1;
return(false, "您的账号已被锁定,请您" + waitMin + "分钟后再使用", null, null);
}
}
var md5Password = EncryptorHelper.Md5(user.Password + r);
if (password.Equals(md5Password, StringComparison.InvariantCultureIgnoreCase))
{
user.LoginLock = false;
user.LoginFailedNum = 0;
user.AllowLoginTime = null;
user.LastLoginTime = DateTime.Now;
user.LastIpAddress = "";
//登陆日志
user.SysUserLoginLogs.Add(new SysUserLoginLog
{
Id = Guid.NewGuid(),
IpAddress = "",
LoginTime = DateTime.Now,
Message = "登陆成功"
});
//TODO单点登录移除旧的Token
var userToken = new SysUserToken
{
Id = Guid.NewGuid(),
ExpireTime = DateTime.Now.AddDays(15)
};
user.SysUserTokens.Add(userToken);
_sysUserRepository.DbContext.SaveChanges();
return(true, "登录成功", userToken.Id.ToString(), user);
}
else
{
//登陆日志
user.SysUserLoginLogs.Add(new SysUserLoginLog
{
Id = Guid.NewGuid(),
IpAddress = "",
LoginTime = DateTime.Now,
Message = "登陆密码错误"
});
user.LoginFailedNum++;
if (user.LoginFailedNum > 5)
{
user.LoginLock = true;
user.AllowLoginTime = DateTime.Now.AddMinutes(15);
}
_sysUserRepository.DbContext.SaveChanges();
}
return(false, "用户名或密码错误", null, null);
}
/// <summary>
/// <see cref="ISysUserService.ValidateUser(string,string,string)"/>
/// </summary>
public (bool success, string message, string token, Entity.User.SysUser user) ValidateUser(string account, string password, string r)
{
var user = GetByAccount(account);
if (user == null)
{
return(false, "用户名或密码错误", null, null);
}
if (user.Enable)
{
return(false, "账号已被冻结", null, null);
}
if (user.LoginLock)
{
if (user.AllowLoginTime != null && user.AllowLoginTime > DateTime.Now)
{
return(false, "账号已被锁定" + ((user.AllowLoginTime.Value - DateTime.Now).TotalMinutes + 1).ToString("F0") + "分钟", null, null);
}
}
var md5password = EncryptorHelper.GetMd5(user.Password + r);
if (password.Equals(md5password, StringComparison.InvariantCultureIgnoreCase))
{
user.LoginLock = false;
user.LoginFailedNum = 0;
user.AllowLoginTime = null;
user.Enable = false;
user.LastLoginTime = DateTime.Now;
//登录日志记录
user.SysUserLoginLogs.Add(new SysUserLoginLog()
{
Id = Guid.NewGuid(),
IpAddress = "",
LoginTime = DateTime.Now,
Message = "登录成功",
UserId = user.UserGuid
});
//单点登录,移除旧的登录token
var userToken = new SysUserToken()
{
Id = Guid.NewGuid(),
ExpireTime = DateTime.Now.AddHours(1),
SysUserId = user.UserGuid
};
user.SysUserToken.Add(userToken);
_repository.DbContext.SaveChanges();
return(true, "登录成功", userToken.Id.ToString(), user);
}
//登录日志记录
user.SysUserLoginLogs.Add(new SysUserLoginLog()
{
Id = Guid.NewGuid(),
IpAddress = "",
LoginTime = DateTime.Now,
Message = "登录密码错误",
UserId = user.UserGuid
});
user.LoginFailedNum++;
if (user.LoginFailedNum > 5)
{
user.LoginLock = true;
user.AllowLoginTime = DateTime.Now.AddHours(2);
}
_repository.DbContext.SaveChanges();
return(false, "用户名或密码错误", null, null);
}
