feat: OAuth 认证增加登陆日志
This commit is contained in:
parent
736279b7f6
commit
80850165a6
|
@ -2,7 +2,6 @@
|
||||||
using Bootstrap.DataAccess;
|
using Bootstrap.DataAccess;
|
||||||
using Longbow.GiteeAuth;
|
using Longbow.GiteeAuth;
|
||||||
using Longbow.GitHubAuth;
|
using Longbow.GitHubAuth;
|
||||||
using Longbow.Security.Cryptography;
|
|
||||||
using Longbow.Web;
|
using Longbow.Web;
|
||||||
using Microsoft.AspNetCore.Authentication;
|
using Microsoft.AspNetCore.Authentication;
|
||||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||||
|
@ -11,11 +10,9 @@ using Microsoft.AspNetCore.Http;
|
||||||
using Microsoft.AspNetCore.Mvc;
|
using Microsoft.AspNetCore.Mvc;
|
||||||
using Microsoft.Extensions.Configuration;
|
using Microsoft.Extensions.Configuration;
|
||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Net;
|
using System.Net;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Security.Principal;
|
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
|
||||||
namespace Bootstrap.Admin.Controllers
|
namespace Bootstrap.Admin.Controllers
|
||||||
|
@ -47,13 +44,16 @@ namespace Bootstrap.Admin.Controllers
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// 系统锁屏界面
|
/// 系统锁屏界面
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="ipLocator"></param>
|
|
||||||
/// <param name="userName"></param>
|
/// <param name="userName"></param>
|
||||||
/// <param name="password"></param>
|
/// <param name="password"></param>
|
||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
[HttpPost]
|
[HttpPost]
|
||||||
[IgnoreAntiforgeryToken]
|
[IgnoreAntiforgeryToken]
|
||||||
public Task<IActionResult> Lock([FromServices]IIPLocatorProvider ipLocator, string userName, string password) => Login(ipLocator, userName, password, string.Empty);
|
public Task<IActionResult> Lock(string userName, string password)
|
||||||
|
{
|
||||||
|
// 根据不同的登陆方式
|
||||||
|
return Login(userName, password, string.Empty);
|
||||||
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// 系统登录方法
|
/// 系统登录方法
|
||||||
|
@ -79,10 +79,12 @@ namespace Bootstrap.Admin.Controllers
|
||||||
/// <param name="code"></param>
|
/// <param name="code"></param>
|
||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
[HttpPost()]
|
[HttpPost()]
|
||||||
public async Task<IActionResult> Mobile([FromServices]IIPLocatorProvider ipLocator, [FromServices]IConfiguration configuration, [FromQuery]string phone, [FromQuery]string code)
|
public async Task<IActionResult> Mobile([FromServices]IConfiguration configuration, [FromQuery]string phone, [FromQuery]string code)
|
||||||
{
|
{
|
||||||
var option = configuration.GetSection(nameof(SMSOptions)).Get<SMSOptions>();
|
var option = configuration.GetSection(nameof(SMSOptions)).Get<SMSOptions>();
|
||||||
if (SMSHelper.Validate(phone, code, option.MD5Key))
|
var auth = SMSHelper.Validate(phone, code, option.MD5Key);
|
||||||
|
HttpContext.Log(phone, auth);
|
||||||
|
if (auth)
|
||||||
{
|
{
|
||||||
var user = UserHelper.Retrieves().FirstOrDefault(u => u.UserName == phone);
|
var user = UserHelper.Retrieves().FirstOrDefault(u => u.UserName == phone);
|
||||||
if (user == null)
|
if (user == null)
|
||||||
|
@ -104,25 +106,24 @@ namespace Bootstrap.Admin.Controllers
|
||||||
var roles = RoleHelper.Retrieves().Where(r => option.Roles.Any(rl => rl.Equals(r.RoleName, StringComparison.OrdinalIgnoreCase))).Select(r => r.Id);
|
var roles = RoleHelper.Retrieves().Where(r => option.Roles.Any(rl => rl.Equals(r.RoleName, StringComparison.OrdinalIgnoreCase))).Select(r => r.Id);
|
||||||
RoleHelper.SaveByUserId(user.Id, roles);
|
RoleHelper.SaveByUserId(user.Id, roles);
|
||||||
}
|
}
|
||||||
else
|
|
||||||
{
|
|
||||||
// update password
|
|
||||||
UserHelper.Update(user.Id, code, user.DisplayName);
|
|
||||||
}
|
}
|
||||||
}
|
return auth ? await SignInAsync(phone, true) : View("Login", new LoginModel() { AuthFailed = true });
|
||||||
return await Login(ipLocator, phone, code, "true");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Login the specified userName, password and remember.
|
/// Login the specified userName, password and remember.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <returns>The login.</returns>
|
/// <returns>The login.</returns>
|
||||||
/// <param name="ipLocator"></param>
|
|
||||||
/// <param name="userName">User name.</param>
|
/// <param name="userName">User name.</param>
|
||||||
/// <param name="password">Password.</param>
|
/// <param name="password">Password.</param>
|
||||||
/// <param name="remember">Remember.</param>
|
/// <param name="remember">Remember.</param>
|
||||||
[HttpPost]
|
[HttpPost]
|
||||||
public async Task<IActionResult> Login([FromServices]IIPLocatorProvider ipLocator, string userName, string password, string remember) => UserHelper.Authenticate(userName, password, loginUser => CreateLoginUser(ipLocator, HttpContext, loginUser)) ? await SignInAsync(userName, remember == "true") : View("Login", new LoginModel() { AuthFailed = true });
|
public async Task<IActionResult> Login(string userName, string password, string remember)
|
||||||
|
{
|
||||||
|
var auth = UserHelper.Authenticate(userName, password);
|
||||||
|
HttpContext.Log(userName, auth);
|
||||||
|
return auth ? await SignInAsync(userName, remember == "true") : View("Login", new LoginModel() { AuthFailed = true });
|
||||||
|
}
|
||||||
|
|
||||||
private async Task<IActionResult> SignInAsync(string userName, bool persistent)
|
private async Task<IActionResult> SignInAsync(string userName, bool persistent)
|
||||||
{
|
{
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
using Bootstrap.Admin.Query;
|
using Bootstrap.Admin.Query;
|
||||||
using Bootstrap.DataAccess;
|
using Bootstrap.DataAccess;
|
||||||
using Bootstrap.Security;
|
using Bootstrap.Security;
|
||||||
using Longbow.Web;
|
|
||||||
using Longbow.Web.Mvc;
|
using Longbow.Web.Mvc;
|
||||||
using Microsoft.AspNetCore.Authorization;
|
using Microsoft.AspNetCore.Authorization;
|
||||||
using Microsoft.AspNetCore.Mvc;
|
using Microsoft.AspNetCore.Mvc;
|
||||||
|
@ -30,21 +29,21 @@ namespace Bootstrap.Admin.Controllers.Api
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// JWT 登陆认证接口
|
/// JWT 登陆认证接口
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="ipLocator"></param>
|
|
||||||
/// <param name="value"></param>
|
/// <param name="value"></param>
|
||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
[AllowAnonymous]
|
[AllowAnonymous]
|
||||||
[HttpPost]
|
[HttpPost]
|
||||||
public string Post([FromServices]IIPLocatorProvider ipLocator, [FromBody]JObject value)
|
public string Post([FromBody]JObject value)
|
||||||
{
|
{
|
||||||
string token = null;
|
string token = null;
|
||||||
dynamic user = value;
|
dynamic user = value;
|
||||||
string userName = user.userName;
|
string userName = user.userName;
|
||||||
string password = user.password;
|
string password = user.password;
|
||||||
if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(password) && UserHelper.Authenticate(userName, password, loginUser => AccountController.CreateLoginUser(ipLocator, HttpContext, loginUser)))
|
if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(password) && UserHelper.Authenticate(userName, password))
|
||||||
{
|
{
|
||||||
token = BootstrapAdminJwtTokenHandler.CreateToken(userName);
|
token = BootstrapAdminJwtTokenHandler.CreateToken(userName);
|
||||||
}
|
}
|
||||||
|
HttpContext.Log(userName, token != null);
|
||||||
return token;
|
return token;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
using Bootstrap.DataAccess;
|
using Bootstrap.DataAccess;
|
||||||
using Longbow.GiteeAuth;
|
|
||||||
using Longbow.Web;
|
using Longbow.Web;
|
||||||
using Longbow.Web.SignalR;
|
using Longbow.Web.SignalR;
|
||||||
using Microsoft.AspNetCore.Builder;
|
using Microsoft.AspNetCore.Builder;
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
using Longbow.Web.Mvc;
|
using Longbow.Web;
|
||||||
|
using Longbow.Web.Mvc;
|
||||||
|
using Microsoft.AspNetCore.Http;
|
||||||
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
using PetaPoco;
|
using PetaPoco;
|
||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
|
using System.Net;
|
||||||
|
|
||||||
namespace Bootstrap.DataAccess
|
namespace Bootstrap.DataAccess
|
||||||
{
|
{
|
||||||
|
@ -13,12 +17,28 @@ namespace Bootstrap.DataAccess
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// 记录登陆日志方法
|
/// 记录登陆日志方法
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="user"></param>
|
/// <param name="userName"></param>
|
||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
public static bool Log(LoginUser user)
|
public static bool Log(this HttpContext context, string userName, bool auth)
|
||||||
{
|
{
|
||||||
if (string.IsNullOrEmpty(user.UserName)) user.UserName = user.Ip;
|
var ipLocator = context.RequestServices.GetRequiredService<IIPLocatorProvider>();
|
||||||
return DbContextManager.Create<LoginUser>().Log(user);
|
var ip = context.Connection.RemoteIpAddress.ToIPv4String();
|
||||||
|
var userAgent = context.Request.Headers["User-Agent"];
|
||||||
|
var agent = new UserAgent(userAgent);
|
||||||
|
|
||||||
|
if (string.IsNullOrEmpty(userName)) userName = ip;
|
||||||
|
var loginUser = new LoginUser
|
||||||
|
{
|
||||||
|
UserName = userName,
|
||||||
|
LoginTime = DateTime.Now,
|
||||||
|
UserAgent = userAgent,
|
||||||
|
Ip = ip,
|
||||||
|
City = ipLocator.Locate(ip),
|
||||||
|
Browser = $"{agent.Browser?.Name} {agent.Browser?.Version}",
|
||||||
|
OS = $"{agent.OS?.Name} {agent.OS?.Version}",
|
||||||
|
Result = auth ? "登陆成功" : "登录失败"
|
||||||
|
};
|
||||||
|
return DbContextManager.Create<LoginUser>().Log(loginUser);
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
|
|
|
@ -47,6 +47,9 @@ namespace Bootstrap.DataAccess
|
||||||
requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
|
requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
|
||||||
await context.Backchannel.SendAsync(requestMessage, context.HttpContext.RequestAborted);
|
await context.Backchannel.SendAsync(requestMessage, context.HttpContext.RequestAborted);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// 记录登陆日志
|
||||||
|
context.HttpContext.Log(user.Name, true);
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -58,23 +58,8 @@ namespace Bootstrap.DataAccess
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="userName"></param>
|
/// <param name="userName"></param>
|
||||||
/// <param name="password"></param>
|
/// <param name="password"></param>
|
||||||
/// <param name="configure"></param>
|
|
||||||
/// <returns>返回真表示认证通过</returns>
|
/// <returns>返回真表示认证通过</returns>
|
||||||
public static bool Authenticate(string userName, string password, Action<LoginUser> configure)
|
public static bool Authenticate(string userName, string password) => DbContextManager.Create<User>().Authenticate(userName, password);
|
||||||
{
|
|
||||||
if (!UserChecker(new User { UserName = userName, Password = password })) return false;
|
|
||||||
var loginUser = new LoginUser
|
|
||||||
{
|
|
||||||
UserName = userName,
|
|
||||||
LoginTime = DateTime.Now,
|
|
||||||
Result = "登录失败"
|
|
||||||
};
|
|
||||||
configure(loginUser);
|
|
||||||
var ret = string.IsNullOrEmpty(userName) ? false : DbContextManager.Create<User>().Authenticate(userName, password);
|
|
||||||
if (ret) loginUser.Result = "登录成功";
|
|
||||||
LoginHelper.Log(loginUser);
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// 查询所有的新注册用户
|
/// 查询所有的新注册用户
|
||||||
|
|
Loading…
Reference in New Issue