feat: OAuth 认证增加登陆日志

This commit is contained in:
Argo Zhang 2019-09-17 10:36:25 +08:00
parent 736279b7f6
commit 80850165a6
No known key found for this signature in database
GPG Key ID: 152E398953DDF19F
6 changed files with 48 additions and 41 deletions

View File

@ -2,7 +2,6 @@
using Bootstrap.DataAccess; using Bootstrap.DataAccess;
using Longbow.GiteeAuth; using Longbow.GiteeAuth;
using Longbow.GitHubAuth; using Longbow.GitHubAuth;
using Longbow.Security.Cryptography;
using Longbow.Web; using Longbow.Web;
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authentication.Cookies;
@ -11,11 +10,9 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Configuration;
using System; using System;
using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Net; using System.Net;
using System.Security.Claims; using System.Security.Claims;
using System.Security.Principal;
using System.Threading.Tasks; using System.Threading.Tasks;
namespace Bootstrap.Admin.Controllers namespace Bootstrap.Admin.Controllers
@ -47,13 +44,16 @@ namespace Bootstrap.Admin.Controllers
/// <summary> /// <summary>
/// 系统锁屏界面 /// 系统锁屏界面
/// </summary> /// </summary>
/// <param name="ipLocator"></param>
/// <param name="userName"></param> /// <param name="userName"></param>
/// <param name="password"></param> /// <param name="password"></param>
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
[IgnoreAntiforgeryToken] [IgnoreAntiforgeryToken]
public Task<IActionResult> Lock([FromServices]IIPLocatorProvider ipLocator, string userName, string password) => Login(ipLocator, userName, password, string.Empty); public Task<IActionResult> Lock(string userName, string password)
{
// 根据不同的登陆方式
return Login(userName, password, string.Empty);
}
/// <summary> /// <summary>
/// 系统登录方法 /// 系统登录方法
@ -79,10 +79,12 @@ namespace Bootstrap.Admin.Controllers
/// <param name="code"></param> /// <param name="code"></param>
/// <returns></returns> /// <returns></returns>
[HttpPost()] [HttpPost()]
public async Task<IActionResult> Mobile([FromServices]IIPLocatorProvider ipLocator, [FromServices]IConfiguration configuration, [FromQuery]string phone, [FromQuery]string code) public async Task<IActionResult> Mobile([FromServices]IConfiguration configuration, [FromQuery]string phone, [FromQuery]string code)
{ {
var option = configuration.GetSection(nameof(SMSOptions)).Get<SMSOptions>(); var option = configuration.GetSection(nameof(SMSOptions)).Get<SMSOptions>();
if (SMSHelper.Validate(phone, code, option.MD5Key)) var auth = SMSHelper.Validate(phone, code, option.MD5Key);
HttpContext.Log(phone, auth);
if (auth)
{ {
var user = UserHelper.Retrieves().FirstOrDefault(u => u.UserName == phone); var user = UserHelper.Retrieves().FirstOrDefault(u => u.UserName == phone);
if (user == null) if (user == null)
@ -104,25 +106,24 @@ namespace Bootstrap.Admin.Controllers
var roles = RoleHelper.Retrieves().Where(r => option.Roles.Any(rl => rl.Equals(r.RoleName, StringComparison.OrdinalIgnoreCase))).Select(r => r.Id); var roles = RoleHelper.Retrieves().Where(r => option.Roles.Any(rl => rl.Equals(r.RoleName, StringComparison.OrdinalIgnoreCase))).Select(r => r.Id);
RoleHelper.SaveByUserId(user.Id, roles); RoleHelper.SaveByUserId(user.Id, roles);
} }
else
{
// update password
UserHelper.Update(user.Id, code, user.DisplayName);
} }
} return auth ? await SignInAsync(phone, true) : View("Login", new LoginModel() { AuthFailed = true });
return await Login(ipLocator, phone, code, "true");
} }
/// <summary> /// <summary>
/// Login the specified userName, password and remember. /// Login the specified userName, password and remember.
/// </summary> /// </summary>
/// <returns>The login.</returns> /// <returns>The login.</returns>
/// <param name="ipLocator"></param>
/// <param name="userName">User name.</param> /// <param name="userName">User name.</param>
/// <param name="password">Password.</param> /// <param name="password">Password.</param>
/// <param name="remember">Remember.</param> /// <param name="remember">Remember.</param>
[HttpPost] [HttpPost]
public async Task<IActionResult> Login([FromServices]IIPLocatorProvider ipLocator, string userName, string password, string remember) => UserHelper.Authenticate(userName, password, loginUser => CreateLoginUser(ipLocator, HttpContext, loginUser)) ? await SignInAsync(userName, remember == "true") : View("Login", new LoginModel() { AuthFailed = true }); public async Task<IActionResult> Login(string userName, string password, string remember)
{
var auth = UserHelper.Authenticate(userName, password);
HttpContext.Log(userName, auth);
return auth ? await SignInAsync(userName, remember == "true") : View("Login", new LoginModel() { AuthFailed = true });
}
private async Task<IActionResult> SignInAsync(string userName, bool persistent) private async Task<IActionResult> SignInAsync(string userName, bool persistent)
{ {

View File

@ -1,7 +1,6 @@
using Bootstrap.Admin.Query; using Bootstrap.Admin.Query;
using Bootstrap.DataAccess; using Bootstrap.DataAccess;
using Bootstrap.Security; using Bootstrap.Security;
using Longbow.Web;
using Longbow.Web.Mvc; using Longbow.Web.Mvc;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
@ -30,21 +29,21 @@ namespace Bootstrap.Admin.Controllers.Api
/// <summary> /// <summary>
/// JWT 登陆认证接口 /// JWT 登陆认证接口
/// </summary> /// </summary>
/// <param name="ipLocator"></param>
/// <param name="value"></param> /// <param name="value"></param>
/// <returns></returns> /// <returns></returns>
[AllowAnonymous] [AllowAnonymous]
[HttpPost] [HttpPost]
public string Post([FromServices]IIPLocatorProvider ipLocator, [FromBody]JObject value) public string Post([FromBody]JObject value)
{ {
string token = null; string token = null;
dynamic user = value; dynamic user = value;
string userName = user.userName; string userName = user.userName;
string password = user.password; string password = user.password;
if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(password) && UserHelper.Authenticate(userName, password, loginUser => AccountController.CreateLoginUser(ipLocator, HttpContext, loginUser))) if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(password) && UserHelper.Authenticate(userName, password))
{ {
token = BootstrapAdminJwtTokenHandler.CreateToken(userName); token = BootstrapAdminJwtTokenHandler.CreateToken(userName);
} }
HttpContext.Log(userName, token != null);
return token; return token;
} }

View File

@ -1,5 +1,4 @@
using Bootstrap.DataAccess; using Bootstrap.DataAccess;
using Longbow.GiteeAuth;
using Longbow.Web; using Longbow.Web;
using Longbow.Web.SignalR; using Longbow.Web.SignalR;
using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Builder;

View File

@ -1,7 +1,11 @@
using Longbow.Web.Mvc; using Longbow.Web;
using Longbow.Web.Mvc;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
using PetaPoco; using PetaPoco;
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Net;
namespace Bootstrap.DataAccess namespace Bootstrap.DataAccess
{ {
@ -13,12 +17,28 @@ namespace Bootstrap.DataAccess
/// <summary> /// <summary>
/// 记录登陆日志方法 /// 记录登陆日志方法
/// </summary> /// </summary>
/// <param name="user"></param> /// <param name="userName"></param>
/// <returns></returns> /// <returns></returns>
public static bool Log(LoginUser user) public static bool Log(this HttpContext context, string userName, bool auth)
{ {
if (string.IsNullOrEmpty(user.UserName)) user.UserName = user.Ip; var ipLocator = context.RequestServices.GetRequiredService<IIPLocatorProvider>();
return DbContextManager.Create<LoginUser>().Log(user); var ip = context.Connection.RemoteIpAddress.ToIPv4String();
var userAgent = context.Request.Headers["User-Agent"];
var agent = new UserAgent(userAgent);
if (string.IsNullOrEmpty(userName)) userName = ip;
var loginUser = new LoginUser
{
UserName = userName,
LoginTime = DateTime.Now,
UserAgent = userAgent,
Ip = ip,
City = ipLocator.Locate(ip),
Browser = $"{agent.Browser?.Name} {agent.Browser?.Version}",
OS = $"{agent.OS?.Name} {agent.OS?.Version}",
Result = auth ? "登陆成功" : "登录失败"
};
return DbContextManager.Create<LoginUser>().Log(loginUser);
} }
/// <summary> /// <summary>

View File

@ -47,6 +47,9 @@ namespace Bootstrap.DataAccess
requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
await context.Backchannel.SendAsync(requestMessage, context.HttpContext.RequestAborted); await context.Backchannel.SendAsync(requestMessage, context.HttpContext.RequestAborted);
} }
// 记录登陆日志
context.HttpContext.Log(user.Name, true);
}; };
} }

View File

@ -58,23 +58,8 @@ namespace Bootstrap.DataAccess
/// </summary> /// </summary>
/// <param name="userName"></param> /// <param name="userName"></param>
/// <param name="password"></param> /// <param name="password"></param>
/// <param name="configure"></param>
/// <returns>返回真表示认证通过</returns> /// <returns>返回真表示认证通过</returns>
public static bool Authenticate(string userName, string password, Action<LoginUser> configure) public static bool Authenticate(string userName, string password) => DbContextManager.Create<User>().Authenticate(userName, password);
{
if (!UserChecker(new User { UserName = userName, Password = password })) return false;
var loginUser = new LoginUser
{
UserName = userName,
LoginTime = DateTime.Now,
Result = "登录失败"
};
configure(loginUser);
var ret = string.IsNullOrEmpty(userName) ? false : DbContextManager.Create<User>().Authenticate(userName, password);
if (ret) loginUser.Result = "登录成功";
LoginHelper.Log(loginUser);
return ret;
}
/// <summary> /// <summary>
/// 查询所有的新注册用户 /// 查询所有的新注册用户