public async Task <AppSrvResult <UserValidateDto> > LoginAsync(UserLoginDto input) { var bloomFilterAccount = _bloomFilterFactory.GetBloomFilter(nameof(BloomFilterAccount)); var exists = await bloomFilterAccount.ExistsAsync(input.Account.ToLower()); if (!exists) { return(Problem(HttpStatusCode.BadRequest, "用户名或密码错误")); } var user = await _userRepository.FetchAsync(x => new { x.Id, x.Account, x.Password, x.Salt, x.Status, x.Email, x.Name, x.RoleIds }, x => x.Account == input.Account); if (user == null) { return(Problem(HttpStatusCode.BadRequest, "用户名或密码错误")); } var httpContext = HttpContextUtility.GetCurrentHttpContext(); var channelWriter = ChannelHelper <LoginLog> .Instance.Writer; var log = new LoginLog { Account = input.Account, Succeed = false, UserId = user.Id, UserName = user.Name, CreateTime = DateTime.Now, Device = httpContext.Request.Headers["device"].FirstOrDefault() ?? "web", RemoteIpAddress = httpContext.Connection.RemoteIpAddress.MapToIPv4().ToString() }; if (user.Status != 1) { var problem = Problem(HttpStatusCode.TooManyRequests, "账号已锁定"); log.Message = problem.Detail; log.StatusCode = problem.Status.Value; await channelWriter.WriteAsync(log); return(problem); } //var logins = await _loginLogRepository.SelectAsync(5, x => new { x.Id, x.Succeed,x.CreateTime }, x => x.UserId == user.Id, x => x.Id, false); //var failLoginCount = logins.Count(x => x.Succeed == false); var failLoginCount = 2; if (failLoginCount == 5) { var problem = Problem(HttpStatusCode.TooManyRequests, "连续登录失败次数超过5次,账号已锁定"); log.Message = problem.Detail; log.StatusCode = problem.Status.Value; await channelWriter.WriteAsync(log); await _cacheService.RemoveCachesAsync(async (cancellToken) => { await _userRepository.UpdateAsync(new SysUser() { Id = user.Id, Status = 1 }, UpdatingProps <SysUser>(x => x.Status), cancellToken); }, _cacheService.ConcatCacheKey(CachingConsts.UserValidateInfoKeyPrefix, user.Id.ToString())); return(problem); } if (HashHelper.GetHashedString(HashType.MD5, input.Password, user.Salt) != user.Password) { var problem = Problem(HttpStatusCode.BadRequest, "用户名或密码错误"); log.Message = problem.Detail; log.StatusCode = problem.Status.Value; await channelWriter.WriteAsync(log); return(problem); } if (user.RoleIds.IsNullOrEmpty()) { var problem = Problem(HttpStatusCode.Forbidden, "未分配任务角色,请联系管理员"); log.Message = problem.Detail; log.StatusCode = problem.Status.Value; await channelWriter.WriteAsync(log); return(problem); } log.Message = "登录成功"; log.StatusCode = (int)HttpStatusCode.Created; log.Succeed = true; await channelWriter.WriteAsync(log); var userValidteInfo = new UserValidateDto { Id = user.Id, Account = user.Account, RoleIds = user.RoleIds, Status = user.Status, Name = user.Name, ValidationVersion = HashHelper.GetHashedString(HashType.MD5, user.Account + user.Password) }; return(userValidteInfo); }
public async Task <AppSrvResult <UserValidateDto> > LoginAsync(UserLoginDto inputDto) { var user = await _userRepository.FetchAsync(x => new UserValidateDto() { Id = x.Id , Account = x.Account , Password = x.Password , Salt = x.Salt , Status = x.Status , Email = x.Email , Name = x.Name , RoleIds = x.RoleIds }, x => x.Account == inputDto.Account); if (user == null) { return(Problem(HttpStatusCode.NotFound, "用户名或密码错误")); } dynamic log = new ExpandoObject(); log.Account = inputDto.Account; log.CreateTime = DateTime.Now; var httpContext = HttpContextUtility.GetCurrentHttpContext(); log.Device = httpContext.Request.Headers["device"].FirstOrDefault() ?? "web"; log.RemoteIpAddress = httpContext.Connection.RemoteIpAddress.MapToIPv4().ToString(); log.Succeed = false; log.UserId = user.Id; log.UserName = user.Name; if (user.Status != 1) { var problem = Problem(HttpStatusCode.TooManyRequests, "账号已锁定"); log.Message = problem.Detail; log.StatusCode = problem.Status; _mqProducer.BasicPublish(MqExchanges.Logs, MqRoutingKeys.Loginlog, log); return(problem); } //var logins = await _loginLogRepository.SelectAsync(5, x => new { x.Id, x.Succeed,x.CreateTime }, x => x.UserId == user.Id, x => x.Id, false); //var failLoginCount = logins.Count(x => x.Succeed == false); var failLoginCount = 2; if (failLoginCount == 5) { var problem = Problem(HttpStatusCode.TooManyRequests, "连续登录失败次数超过5次,账号已锁定"); log.Message = problem.Detail; log.StatusCode = problem.Status; await _cacheService.RemoveCachesAsync(async() => { await _userRepository.UpdateAsync(new SysUser() { Id = user.Id, Status = 2 }, UpdatingProps <SysUser>(x => x.Status)); }, _cacheService.ConcatCacheKey(CachingConsts.UserLoginInfoKeyPrefix, user.Id.ToString())); _mqProducer.BasicPublish(MqExchanges.Logs, MqRoutingKeys.Loginlog, log); return(problem); } if (HashHelper.GetHashedString(HashType.MD5, inputDto.Password, user.Salt) != user.Password) { var problem = Problem(HttpStatusCode.BadRequest, "用户名或密码错误"); log.Message = problem.Detail; log.StatusCode = problem.Status; _mqProducer.BasicPublish(MqExchanges.Logs, MqRoutingKeys.Loginlog, log); return(problem); } if (user.RoleIds.IsNullOrEmpty()) { var problem = Problem(HttpStatusCode.Forbidden, "未分配任务角色,请联系管理员"); log.Message = problem.Detail; log.StatusCode = problem.Status; _mqProducer.BasicPublish(MqExchanges.Logs, MqRoutingKeys.Loginlog, log); return(problem); } await _cacheService.SetValidateInfoToCacheAsync(user); log.Message = "登录成功"; log.StatusCode = (int)HttpStatusCode.Created; log.Succeed = true; _mqProducer.BasicPublish(MqExchanges.Logs, MqRoutingKeys.Loginlog, log); return(user); }