orga0063
/
BootstrapAdmin
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: OAuth 认证增加登陆日志

This commit is contained in:
Argo Zhang 2019-09-17 10:36:25 +08:00
parent 736279b7f6
commit 80850165a6
No known key found for this signature in database
GPG Key ID: 152E398953DDF19F
6 changed files with 48 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
src/admin/Bootstrap.Admin/Controllers/AccountController.cs
View File

@ -2,7 +2,6 @@
using Bootstrap.DataAccess;
using Longbow.GiteeAuth;
using Longbow.GitHubAuth;
using Longbow.Security.Cryptography;
using Longbow.Web;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
@ -11,11 +10,9 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Security.Claims;
using System.Security.Principal;
using System.Threading.Tasks;
namespace Bootstrap.Admin.Controllers
@ -47,13 +44,16 @@ namespace Bootstrap.Admin.Controllers
/// <summary>
/// 系统锁屏界面
/// </summary>
/// <param name="ipLocator"></param>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns></returns>
[HttpPost]
[IgnoreAntiforgeryToken]
public Task<IActionResult> Lock([FromServices]IIPLocatorProvider ipLocator, string userName, string password) => Login(ipLocator, userName, password, string.Empty);
public Task<IActionResult> Lock(string userName, string password)
{
// 根据不同的登陆方式
return Login(userName, password, string.Empty);
}
/// <summary>
/// 系统登录方法
@ -79,10 +79,12 @@ namespace Bootstrap.Admin.Controllers
/// <param name="code"></param>
/// <returns></returns>
[HttpPost()]
public async Task<IActionResult> Mobile([FromServices]IIPLocatorProvider ipLocator, [FromServices]IConfiguration configuration, [FromQuery]string phone, [FromQuery]string code)
public async Task<IActionResult> Mobile([FromServices]IConfiguration configuration, [FromQuery]string phone, [FromQuery]string code)
{
var option = configuration.GetSection(nameof(SMSOptions)).Get<SMSOptions>();
if (SMSHelper.Validate(phone, code, option.MD5Key))
var auth = SMSHelper.Validate(phone, code, option.MD5Key);
HttpContext.Log(phone, auth);
if (auth)
{
var user = UserHelper.Retrieves().FirstOrDefault(u => u.UserName == phone);
if (user == null)
@ -104,25 +106,24 @@ namespace Bootstrap.Admin.Controllers
var roles = RoleHelper.Retrieves().Where(r => option.Roles.Any(rl => rl.Equals(r.RoleName, StringComparison.OrdinalIgnoreCase))).Select(r => r.Id);
RoleHelper.SaveByUserId(user.Id, roles);
}
else
{
// update password
UserHelper.Update(user.Id, code, user.DisplayName);
}
}
return await Login(ipLocator, phone, code, "true");
return auth ? await SignInAsync(phone, true) : View("Login", new LoginModel() { AuthFailed = true });
}
/// <summary>
/// Login the specified userName, password and remember.
/// </summary>
/// <returns>The login.</returns>
/// <param name="ipLocator"></param>
/// <param name="userName">User name.</param>
/// <param name="password">Password.</param>
/// <param name="remember">Remember.</param>
[HttpPost]
public async Task<IActionResult> Login([FromServices]IIPLocatorProvider ipLocator, string userName, string password, string remember) => UserHelper.Authenticate(userName, password, loginUser => CreateLoginUser(ipLocator, HttpContext, loginUser)) ? await SignInAsync(userName, remember == "true") : View("Login", new LoginModel() { AuthFailed = true });
public async Task<IActionResult> Login(string userName, string password, string remember)
{
var auth = UserHelper.Authenticate(userName, password);
HttpContext.Log(userName, auth);
return auth ? await SignInAsync(userName, remember == "true") : View("Login", new LoginModel() { AuthFailed = true });
}
private async Task<IActionResult> SignInAsync(string userName, bool persistent)
{

7
src/admin/Bootstrap.Admin/Controllers/Api/LoginController.cs
View File

@ -1,7 +1,6 @@
using Bootstrap.Admin.Query;
using Bootstrap.DataAccess;
using Bootstrap.Security;
using Longbow.Web;
using Longbow.Web.Mvc;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
@ -30,21 +29,21 @@ namespace Bootstrap.Admin.Controllers.Api
/// <summary>
/// JWT 登陆认证接口
/// </summary>
/// <param name="ipLocator"></param>
/// <param name="value"></param>
/// <returns></returns>
[AllowAnonymous]
[HttpPost]
public string Post([FromServices]IIPLocatorProvider ipLocator, [FromBody]JObject value)
public string Post([FromBody]JObject value)
{
string token = null;
dynamic user = value;
string userName = user.userName;
string password = user.password;
if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(password) && UserHelper.Authenticate(userName, password, loginUser => AccountController.CreateLoginUser(ipLocator, HttpContext, loginUser)))
if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(password) && UserHelper.Authenticate(userName, password))
{
token = BootstrapAdminJwtTokenHandler.CreateToken(userName);
}
HttpContext.Log(userName, token != null);
return token;
}

1
src/admin/Bootstrap.Admin/Startup.cs
View File

@ -1,5 +1,4 @@
using Bootstrap.DataAccess;
using Longbow.GiteeAuth;
using Longbow.Web;
using Longbow.Web.SignalR;
using Microsoft.AspNetCore.Builder;

30
src/admin/Bootstrap.DataAccess/Helper/LoginHelper.cs
View File

@ -1,7 +1,11 @@
using Longbow.Web.Mvc;
using Longbow.Web;
using Longbow.Web.Mvc;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
using PetaPoco;
using System;
using System.Collections.Generic;
using System.Net;
namespace Bootstrap.DataAccess
{
@ -13,12 +17,28 @@ namespace Bootstrap.DataAccess
/// <summary>
/// 记录登陆日志方法
/// </summary>
/// <param name="user"></param>
/// <param name="userName"></param>
/// <returns></returns>
public static bool Log(LoginUser user)
public static bool Log(this HttpContext context, string userName, bool auth)
{
if (string.IsNullOrEmpty(user.UserName)) user.UserName = user.Ip;
return DbContextManager.Create<LoginUser>().Log(user);
var ipLocator = context.RequestServices.GetRequiredService<IIPLocatorProvider>();
var ip = context.Connection.RemoteIpAddress.ToIPv4String();
var userAgent = context.Request.Headers["User-Agent"];
var agent = new UserAgent(userAgent);
if (string.IsNullOrEmpty(userName)) userName = ip;
var loginUser = new LoginUser
{
UserName = userName,
LoginTime = DateTime.Now,
UserAgent = userAgent,
Ip = ip,
City = ipLocator.Locate(ip),
Browser = $"{agent.Browser?.Name} {agent.Browser?.Version}",
OS = $"{agent.OS?.Name} {agent.OS?.Version}",
Result = auth ? "登陆成功" : "登录失败"
};
return DbContextManager.Create<LoginUser>().Log(loginUser);
}
/// <summary>

3
src/admin/Bootstrap.DataAccess/Helper/OAuthHelper.cs
View File

@ -47,6 +47,9 @@ namespace Bootstrap.DataAccess
requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
await context.Backchannel.SendAsync(requestMessage, context.HttpContext.RequestAborted);
}
// 记录登陆日志
context.HttpContext.Log(user.Name, true);
};
}

17
src/admin/Bootstrap.DataAccess/Helper/UserHelper.cs
View File

@ -58,23 +58,8 @@ namespace Bootstrap.DataAccess
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="configure"></param>
/// <returns>返回真表示认证通过</returns>
public static bool Authenticate(string userName, string password, Action<LoginUser> configure)
{
if (!UserChecker(new User { UserName = userName, Password = password })) return false;
var loginUser = new LoginUser
{
UserName = userName,
LoginTime = DateTime.Now,
Result = "登录失败"
};
configure(loginUser);
var ret = string.IsNullOrEmpty(userName) ? false : DbContextManager.Create<User>().Authenticate(userName, password);
if (ret) loginUser.Result = "登录成功";
LoginHelper.Log(loginUser);
return ret;
}
public static bool Authenticate(string userName, string password) => DbContextManager.Create<User>().Authenticate(userName, password);
/// <summary>
/// 查询所有的新注册用户