mirror of
http://git.coreshop.cn/jianweie/coreshoppro.git
synced 2025-12-06 15:43:27 +08:00
【新增】jwt授权认证方式,增加AES加密解密处理,防止前端进行渗透解密伪造Token可能存在。
This commit is contained in:
jianweie
@@ -31,6 +31,7 @@ using CoreCms.Net.Utility.Helper;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using NETCore.Encrypt;
|
||||
using SqlSugar;
|
||||
using static SKIT.FlurlHttpClient.Wechat.Api.Models.CgibinUserInfoBatchGetRequest.Types;
|
||||
|
||||
@@ -62,6 +63,7 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
|
||||
private readonly ICoreCmsPromotionServices _coreCmsPromotionServices;
|
||||
private readonly ICoreCmsCouponServices _coreCmsCouponServices;
|
||||
private readonly ICoreCmsAliPayUserInfoServices _aliPayUserInfoServices;
|
||||
|
||||
|
||||
public CoreCmsUserServices(IUnitOfWork unitOfWork
|
||||
@@ -72,7 +74,7 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
ICoreCmsUserWeChatInfoServices userWeChatInfoServices, ICoreCmsUserGradeServices userGradeServices,
|
||||
PermissionRequirement permissionRequirement, IHttpContextAccessor httpContextAccessor,
|
||||
ICoreCmsUserLogServices userLogServices, IServiceProvider serviceProvider,
|
||||
ICoreCmsBillPaymentsServices billPaymentsServices, ICoreCmsDistributionGradeRepository distributionGradeRepository, ICoreCmsDistributionRepository distributionRepository, ICoreCmsPromotionServices coreCmsPromotionServices, ICoreCmsCouponServices coreCmsCouponServices)
|
||||
ICoreCmsBillPaymentsServices billPaymentsServices, ICoreCmsDistributionGradeRepository distributionGradeRepository, ICoreCmsDistributionRepository distributionRepository, ICoreCmsPromotionServices coreCmsPromotionServices, ICoreCmsCouponServices coreCmsCouponServices, ICoreCmsAliPayUserInfoServices aliPayUserInfoServices)
|
||||
{
|
||||
_dal = dal;
|
||||
BaseDal = dal;
|
||||
@@ -92,6 +94,7 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
_distributionRepository = distributionRepository;
|
||||
_coreCmsPromotionServices = coreCmsPromotionServices;
|
||||
_coreCmsCouponServices = coreCmsCouponServices;
|
||||
_aliPayUserInfoServices = aliPayUserInfoServices;
|
||||
}
|
||||
|
||||
|
||||
@@ -568,7 +571,7 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
/// 手机短信验证码登陆,同时兼有手机短信注册的功能,还有第三方账户绑定的功能
|
||||
/// </summary>
|
||||
/// <param name="entity">实体数据</param>
|
||||
/// <param name="loginType">登录方式(1普通,2短信,3微信小程序拉取手机号)</param>
|
||||
/// <param name="loginType">登录方式(1普通,2短信,3微信小程序拉取手机号,4支付宝小程序拉取手机号)</param>
|
||||
/// <param name="platform"></param>
|
||||
/// <returns></returns>
|
||||
public async Task<WebApiCallBack> SmsLogin(FMComAccountCreate entity,
|
||||
@@ -621,10 +624,9 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
userInfo.createTime = DateTime.Now;
|
||||
|
||||
//没有此用户,创建此用户
|
||||
if (!string.IsNullOrEmpty(entity.sessionAuthId))
|
||||
if (!string.IsNullOrEmpty(entity.sessionAuthId) && loginType == (int)GlobalEnumVars.LoginType.WeChatPhoneNumber)
|
||||
{
|
||||
var wxUserInfo =
|
||||
await _userWeChatInfoServices.QueryByClauseAsync(p => p.openid == entity.sessionAuthId);
|
||||
var wxUserInfo = await _userWeChatInfoServices.QueryByClauseAsync(p => p.openid == entity.sessionAuthId);
|
||||
if (wxUserInfo != null)
|
||||
{
|
||||
if (string.IsNullOrEmpty(entity.avatar)) entity.avatar = wxUserInfo.avatar;
|
||||
@@ -633,6 +635,17 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
userInfo.userWx = wxUserInfo?.id ?? 0;
|
||||
}
|
||||
}
|
||||
//else if (!string.IsNullOrEmpty(entity.sessionAuthId) && loginType == (int)GlobalEnumVars.LoginType.AliPhoneNumber)
|
||||
//{
|
||||
// var aliUserInfo = await _aliPayUserInfoServices.QueryByClauseAsync(p => p.userId == entity.sessionAuthId || p.openId== entity.sessionAuthId);
|
||||
// if (aliUserInfo != null)
|
||||
// {
|
||||
// //if (string.IsNullOrEmpty(entity.avatar)) entity.avatar = AliUserInfo.avatar;
|
||||
// //if (string.IsNullOrEmpty(entity.nickname)) entity.nickname = wxUserInfo.nickName;
|
||||
// //userInfo.sex = AliUserInfo?.gender ?? 3;
|
||||
// userInfo.userWx = aliUserInfo?.id ?? 0;
|
||||
// }
|
||||
//}
|
||||
|
||||
var allConfigs = await _settingServices.GetConfigDictionaries();
|
||||
|
||||
@@ -643,28 +656,17 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
}
|
||||
else
|
||||
{
|
||||
var defaultImage =
|
||||
CommonHelper.GetConfigDictionary(allConfigs, SystemSettingConstVars.ShopDefaultImage);
|
||||
var defaultImage = CommonHelper.GetConfigDictionary(allConfigs, SystemSettingConstVars.ShopDefaultImage);
|
||||
userInfo.avatarImage = defaultImage;
|
||||
}
|
||||
|
||||
userInfo.nickName = !string.IsNullOrEmpty(entity.nickname)
|
||||
? entity.nickname
|
||||
: UserHelper.FormatMobile(entity.mobile);
|
||||
userInfo.nickName = !string.IsNullOrEmpty(entity.nickname) ? entity.nickname : UserHelper.FormatMobile(entity.mobile);
|
||||
|
||||
if (entity.invitecode > 0)
|
||||
{
|
||||
var pid = UserHelper.GetUserIdByShareCode(entity.invitecode);
|
||||
var pInfo = await _dal.QueryByClauseAsync(p => p.id == pid);
|
||||
if (pInfo != null)
|
||||
{
|
||||
userInfo.parentId = pid;
|
||||
}
|
||||
//else
|
||||
//{
|
||||
// jm.msg = GlobalErrorCodeVars.Code10014;
|
||||
// return jm;
|
||||
//}
|
||||
userInfo.parentId = pInfo != null ? pid : 0;
|
||||
}
|
||||
|
||||
if (!string.IsNullOrEmpty(entity.password))
|
||||
@@ -675,7 +677,6 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
jm.msg = GlobalErrorCodeVars.Code11009;
|
||||
return jm;
|
||||
}
|
||||
|
||||
userInfo.passWord = CommonHelper.EnPassword(entity.password, userInfo.createTime);
|
||||
}
|
||||
else
|
||||
@@ -688,22 +689,14 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
userInfo.grade = userGradeInfo?.id ?? 0;
|
||||
|
||||
var userId = await _dal.InsertAsync(userInfo);
|
||||
if (userId == 0)
|
||||
{
|
||||
jm.msg = GlobalErrorCodeVars.Code10000;
|
||||
return jm;
|
||||
}
|
||||
|
||||
if (userId > 0)
|
||||
{
|
||||
if (entity.invitecode > 0 && userInfo.parentId > 0)
|
||||
{
|
||||
var inviterUserIntegral = CommonHelper
|
||||
.GetConfigDictionary(allConfigs, SystemSettingConstVars.InviterUserIntegral)
|
||||
.ObjectToInt(); //是否开启积分功能
|
||||
var inviterUserIntegral = CommonHelper.GetConfigDictionary(allConfigs, SystemSettingConstVars.InviterUserIntegral).ObjectToInt(); //是否开启积分功能
|
||||
if (inviterUserIntegral > 0)
|
||||
await _userPointLogServices.SetPoint(userInfo.parentId, inviterUserIntegral,
|
||||
(int)GlobalEnumVars.UserPointSourceTypes.PointTypeInviterUser, "发展用户:" + userId + "赠送积分");
|
||||
await _userPointLogServices.SetPoint(userInfo.parentId, inviterUserIntegral, (int)GlobalEnumVars.UserPointSourceTypes.PointTypeInviterUser, "发展用户:" + userId + "赠送积分");
|
||||
}
|
||||
|
||||
//是否默认注册分销商
|
||||
@@ -727,6 +720,11 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
await _distributionRepository.InsertAsync(iData);
|
||||
}
|
||||
}
|
||||
else if (userId == 0)
|
||||
{
|
||||
jm.msg = GlobalErrorCodeVars.Code10000;
|
||||
return jm;
|
||||
}
|
||||
|
||||
userInfo = await _dal.QueryByIdAsync(userId);
|
||||
|
||||
@@ -756,7 +754,7 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
}
|
||||
|
||||
//判断是否是小程序里的微信登陆,如果是,就给他绑定微信账号
|
||||
if (!string.IsNullOrEmpty(entity.sessionAuthId))
|
||||
if (!string.IsNullOrEmpty(entity.sessionAuthId) && loginType == (int)GlobalEnumVars.LoginType.WeChatPhoneNumber)
|
||||
{
|
||||
var updateAsync = await _userWeChatInfoServices.UpdateAsync(p => new CoreCmsUserWeChatInfo() { userId = userInfo.id }, p => p.openid == entity.sessionAuthId);
|
||||
if (updateAsync)
|
||||
@@ -768,7 +766,6 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
//会导致微信数据报错()
|
||||
|
||||
//2023-05-05 屏蔽此代码,是为了让公众号,小程序实现多openid指向同一个账号,但是也存在问题,就是多了之后的解绑问题,应该做个登录设备管理。
|
||||
|
||||
//await _userWeChatInfoServices.UpdateAsync(p => new CoreCmsUserWeChatInfo() { userId = 0 }, p => p.openid != entity.sessionAuthId && p.userId == userInfo.id);
|
||||
}
|
||||
|
||||
@@ -780,6 +777,10 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
}
|
||||
|
||||
}
|
||||
else if (!string.IsNullOrEmpty(entity.sessionAuthId) && loginType == (int)GlobalEnumVars.LoginType.AliPhoneNumber)
|
||||
{
|
||||
await _aliPayUserInfoServices.UpdateAsync(p => new CoreCmsAliPayUserInfo() { userInfoId = userInfo.id }, p => p.openId == entity.sessionAuthId || p.userId == entity.sessionAuthId);
|
||||
}
|
||||
|
||||
if (userInfo.status == (int)GlobalEnumVars.UserStatus.正常)
|
||||
{
|
||||
@@ -799,7 +800,13 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
//用户标识
|
||||
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
|
||||
identity.AddClaims(claims);
|
||||
jm.data = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
|
||||
//返回处理结果集
|
||||
var auth = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
//对token进行非对称加密
|
||||
auth.token = EncryptProvider.AESEncrypt(auth.token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
|
||||
jm.data = auth;
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -875,7 +882,6 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
|
||||
#endregion
|
||||
|
||||
|
||||
#region 当关闭分销和代理的时候走个人邀请好友分佣
|
||||
|
||||
/// <summary>
|
||||
|
||||
Reference in New Issue
Block a user