|
|
|
|
@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Authentication.JwtBearer; |
|
|
|
|
using System.IdentityModel.Tokens.Jwt; |
|
|
|
|
using System.Security.Claims; |
|
|
|
|
using Tiobon.Core.Common.Swagger; |
|
|
|
|
using Tiobon.Core.Services; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
namespace Tiobon.Core.Controllers |
|
|
|
|
@ -16,7 +17,7 @@ namespace Tiobon.Core.Controllers |
|
|
|
|
[AllowAnonymous] |
|
|
|
|
public class LoginController : BaseApiController |
|
|
|
|
{ |
|
|
|
|
readonly ISysUserInfoServices _sysUserInfoServices; |
|
|
|
|
readonly IGhrs_UserServices _ghrs_UserServices; |
|
|
|
|
readonly IUserRoleServices _userRoleServices; |
|
|
|
|
readonly IRoleServices _roleServices; |
|
|
|
|
readonly PermissionRequirement _requirement; |
|
|
|
|
@ -26,15 +27,15 @@ namespace Tiobon.Core.Controllers |
|
|
|
|
/// <summary> |
|
|
|
|
/// 构造函数注入 |
|
|
|
|
/// </summary> |
|
|
|
|
/// <param name="sysUserInfoServices"></param> |
|
|
|
|
/// <param name="ghrs_UserServices"></param> |
|
|
|
|
/// <param name="userRoleServices"></param> |
|
|
|
|
/// <param name="roleServices"></param> |
|
|
|
|
/// <param name="requirement"></param> |
|
|
|
|
/// <param name="roleModulePermissionServices"></param> |
|
|
|
|
/// <param name="logger"></param> |
|
|
|
|
public LoginController(ISysUserInfoServices sysUserInfoServices, IUserRoleServices userRoleServices, IRoleServices roleServices, PermissionRequirement requirement, IRoleModulePermissionServices roleModulePermissionServices, ILogger<LoginController> logger) |
|
|
|
|
public LoginController(IGhrs_UserServices ghrs_UserServices, IUserRoleServices userRoleServices, IRoleServices roleServices, PermissionRequirement requirement, IRoleModulePermissionServices roleModulePermissionServices, ILogger<LoginController> logger) |
|
|
|
|
{ |
|
|
|
|
this._sysUserInfoServices = sysUserInfoServices; |
|
|
|
|
this._ghrs_UserServices = ghrs_UserServices; |
|
|
|
|
this._userRoleServices = userRoleServices; |
|
|
|
|
this._roleServices = roleServices; |
|
|
|
|
_requirement = requirement; |
|
|
|
|
@ -59,16 +60,16 @@ namespace Tiobon.Core.Controllers |
|
|
|
|
bool suc = false; |
|
|
|
|
//这里就是用户登陆以后,通过数据库去调取数据,分配权限的操作 |
|
|
|
|
|
|
|
|
|
var user = await _sysUserInfoServices.GetUserRoleNameStr(name, MD5Helper.MD5Encrypt32(pass)); |
|
|
|
|
if (user != null) |
|
|
|
|
{ |
|
|
|
|
TokenModelJwt tokenModel = new TokenModelJwt { Uid = 1, Role = user }; |
|
|
|
|
//var user = await _sysUserInfoServices.GetUserRoleNameStr(name, MD5Helper.MD5Encrypt32(pass)); |
|
|
|
|
//if (user != null) |
|
|
|
|
//{ |
|
|
|
|
// TokenModelJwt tokenModel = new TokenModelJwt { Uid = 1, Role = user }; |
|
|
|
|
|
|
|
|
|
jwtStr = JwtHelper.IssueJwt(tokenModel); |
|
|
|
|
suc = true; |
|
|
|
|
} |
|
|
|
|
else |
|
|
|
|
jwtStr = "login fail!!!"; |
|
|
|
|
// jwtStr = JwtHelper.IssueJwt(tokenModel); |
|
|
|
|
// suc = true; |
|
|
|
|
//} |
|
|
|
|
//else |
|
|
|
|
// jwtStr = "login fail!!!"; |
|
|
|
|
|
|
|
|
|
return new ServiceResult<string>() |
|
|
|
|
{ |
|
|
|
|
@ -137,42 +138,43 @@ namespace Tiobon.Core.Controllers |
|
|
|
|
|
|
|
|
|
if (string.IsNullOrEmpty(name) || string.IsNullOrEmpty(pass)) |
|
|
|
|
return Failed<TokenInfoViewModel>("用户名或密码不能为空"); |
|
|
|
|
if (name != "Tiobonadmin" || pass != "Tiobonadmin") |
|
|
|
|
return Failed<TokenInfoViewModel>("用户名或密码不能为空"); |
|
|
|
|
|
|
|
|
|
pass = MD5Helper.MD5Encrypt32(pass); |
|
|
|
|
|
|
|
|
|
var user = await _sysUserInfoServices.Query(d => |
|
|
|
|
d.LoginName == name && d.LoginPWD == pass && d.IsDeleted == false); |
|
|
|
|
name = "A1314"; |
|
|
|
|
var user = await _ghrs_UserServices.Query(d => d.UserNo == name && d.IsEnable == 1); |
|
|
|
|
if (user.Count > 0) |
|
|
|
|
{ |
|
|
|
|
var userRoles = await _sysUserInfoServices.GetUserRoleNameStr(name, pass); |
|
|
|
|
//var userRoles = await _sysUserInfoServices.GetUserRoleNameStr(name, pass); |
|
|
|
|
//如果是基于用户的授权策略,这里要添加用户;如果是基于角色的授权策略,这里要添加角色 |
|
|
|
|
var claims = new List<Claim> |
|
|
|
|
{ |
|
|
|
|
new Claim(ClaimTypes.Name, user.FirstOrDefault().Id.ToString()), |
|
|
|
|
new Claim(JwtRegisteredClaimNames.Jti, user.FirstOrDefault().Id.ToString()), |
|
|
|
|
new Claim("TenantId", user.FirstOrDefault().TenantId.ToString()), |
|
|
|
|
new Claim(ClaimTypes.Name, user.FirstOrDefault().UserId.ToString()), |
|
|
|
|
new Claim(JwtRegisteredClaimNames.Jti, user.FirstOrDefault().UserId.ToString()), |
|
|
|
|
new Claim("TenantId", "0"), |
|
|
|
|
new Claim(JwtRegisteredClaimNames.Iat, DateTime.Now.DateToTimeStamp()), |
|
|
|
|
new Claim(ClaimTypes.Expiration, |
|
|
|
|
DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) |
|
|
|
|
}; |
|
|
|
|
claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s))); |
|
|
|
|
//claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s))); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// ids4和jwt切换 |
|
|
|
|
// jwt |
|
|
|
|
if (!Permissions.IsUseIds4) |
|
|
|
|
{ |
|
|
|
|
var data = await _roleModulePermissionServices.RoleModuleMaps(); |
|
|
|
|
var list = (from item in data |
|
|
|
|
where item.IsDeleted == false |
|
|
|
|
orderby item.Id |
|
|
|
|
select new PermissionItem |
|
|
|
|
{ |
|
|
|
|
Url = item.Module?.LinkUrl, |
|
|
|
|
Role = item.Role?.Name.ObjToString(), |
|
|
|
|
}).ToList(); |
|
|
|
|
|
|
|
|
|
_requirement.Permissions = list; |
|
|
|
|
//var data = await _roleModulePermissionServices.RoleModuleMaps(); |
|
|
|
|
//var list = (from item in data |
|
|
|
|
// where item.IsDeleted == false |
|
|
|
|
// orderby item.Id |
|
|
|
|
// select new PermissionItem |
|
|
|
|
// { |
|
|
|
|
// Url = item.Module?.LinkUrl, |
|
|
|
|
// Role = item.Role?.Name.ObjToString(), |
|
|
|
|
// }).ToList(); |
|
|
|
|
|
|
|
|
|
//_requirement.Permissions = list; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
var token = JwtToken.BuildJwtToken(claims.ToArray(), _requirement); |
|
|
|
|
@ -206,24 +208,32 @@ namespace Tiobon.Core.Controllers |
|
|
|
|
var tokenModel = JwtHelper.SerializeJwt(token); |
|
|
|
|
if (tokenModel != null && JwtHelper.customSafeVerify(token) && tokenModel.Uid > 0) |
|
|
|
|
{ |
|
|
|
|
var user = await _sysUserInfoServices.QueryById(tokenModel.Uid); |
|
|
|
|
var user = await _ghrs_UserServices.QueryById(tokenModel.Uid); |
|
|
|
|
var value = User.Claims.SingleOrDefault(s => s.Type == JwtRegisteredClaimNames.Iat)?.Value; |
|
|
|
|
if (value != null && user.CriticalModifyTime > value.ObjToDate()) |
|
|
|
|
return Failed<TokenInfoViewModel>("很抱歉,授权已失效,请重新授权!"); |
|
|
|
|
//if (value != null && user.CriticalModifyTime > value.ObjToDate()) |
|
|
|
|
// return Failed<TokenInfoViewModel>("很抱歉,授权已失效,请重新授权!"); |
|
|
|
|
|
|
|
|
|
if (user != null && !(value != null && user.CriticalModifyTime > value.ObjToDate())) |
|
|
|
|
//if (user != null && !(value != null && user.CriticalModifyTime > value.ObjToDate())) |
|
|
|
|
if (user != null) |
|
|
|
|
{ |
|
|
|
|
var userRoles = await _sysUserInfoServices.GetUserRoleNameStr(user.LoginName, user.LoginPWD); |
|
|
|
|
//var userRoles = await _ghrs_UserServices.GetUserRoleNameStr(user.LoginName, user.LoginPWD); |
|
|
|
|
//如果是基于用户的授权策略,这里要添加用户;如果是基于角色的授权策略,这里要添加角色 |
|
|
|
|
var claims = new List<Claim> |
|
|
|
|
{ |
|
|
|
|
new Claim(ClaimTypes.Name, user.LoginName), |
|
|
|
|
new Claim(JwtRegisteredClaimNames.Jti, tokenModel.Uid.ObjToString()), |
|
|
|
|
//var claims = new List<Claim> |
|
|
|
|
//{ |
|
|
|
|
// new Claim(ClaimTypes.Name, user.LoginName), |
|
|
|
|
// new Claim(JwtRegisteredClaimNames.Jti, tokenModel.Uid.ObjToString()), |
|
|
|
|
// new Claim(JwtRegisteredClaimNames.Iat, DateTime.Now.DateToTimeStamp()), |
|
|
|
|
// new Claim(ClaimTypes.Expiration, |
|
|
|
|
// DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) |
|
|
|
|
//}; |
|
|
|
|
var claims = new List<Claim>{ |
|
|
|
|
new Claim(ClaimTypes.Name, user.UserId.ToString()), |
|
|
|
|
new Claim(JwtRegisteredClaimNames.Jti, user.UserId.ToString()), |
|
|
|
|
new Claim("TenantId", "0"), |
|
|
|
|
new Claim(JwtRegisteredClaimNames.Iat, DateTime.Now.DateToTimeStamp()), |
|
|
|
|
new Claim(ClaimTypes.Expiration, |
|
|
|
|
DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) |
|
|
|
|
new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) |
|
|
|
|
}; |
|
|
|
|
claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s))); |
|
|
|
|
//claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s))); |
|
|
|
|
|
|
|
|
|
//用户标识 |
|
|
|
|
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme); |
|
|
|
|
|
xiaochanghai
1 year ago