mirror of
http://git.coreshop.cn/jianweie/coreshoppro.git
synced 2025-12-06 16:13:26 +08:00
【新增】jwt授权认证方式,增加AES加密解密处理,防止前端进行渗透解密伪造Token可能存在。
This commit is contained in:
jianweie
@@ -24,6 +24,7 @@ using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using NETCore.Encrypt;
|
||||
|
||||
namespace CoreCms.Net.Auth
|
||||
{
|
||||
@@ -100,6 +101,19 @@ namespace CoreCms.Net.Auth
|
||||
o.TokenValidationParameters = tokenValidationParameters;
|
||||
o.Events = new JwtBearerEvents
|
||||
{
|
||||
OnMessageReceived = context =>
|
||||
{
|
||||
var token = context.Request.Headers["Authorization"].ObjectToString().Replace("Bearer ", "");
|
||||
if (string.IsNullOrEmpty(token))
|
||||
{
|
||||
context.Response.Headers.Append("Token-Error-Token", "authorization decryption failure!");
|
||||
}
|
||||
else
|
||||
{
|
||||
context.Token = EncryptProvider.AESDecrypt(token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
}
|
||||
return Task.CompletedTask;
|
||||
},
|
||||
OnChallenge = context =>
|
||||
{
|
||||
context.Response.Headers.Append("Token-Error", context.ErrorDescription);
|
||||
@@ -108,7 +122,19 @@ namespace CoreCms.Net.Auth
|
||||
OnAuthenticationFailed = context =>
|
||||
{
|
||||
var token = context.Request.Headers["Authorization"].ObjectToString().Replace("Bearer ", "");
|
||||
var jwtToken = (new JwtSecurityTokenHandler()).ReadJwtToken(token);
|
||||
if (string.IsNullOrEmpty(token))
|
||||
{
|
||||
context.Response.Headers.Append("Token-Error-Token", "token is wrong!");
|
||||
}
|
||||
|
||||
//进行aes解密
|
||||
var decodeToken = EncryptProvider.AESDecrypt(token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
if (string.IsNullOrEmpty(decodeToken))
|
||||
{
|
||||
context.Response.Headers.Append("Token-Error-Token", "token decryption failure!");
|
||||
}
|
||||
|
||||
var jwtToken = (new JwtSecurityTokenHandler()).ReadJwtToken(decodeToken);
|
||||
|
||||
if (jwtToken.Issuer != issuer)
|
||||
{
|
||||
@@ -205,6 +231,19 @@ namespace CoreCms.Net.Auth
|
||||
o.TokenValidationParameters = tokenValidationParameters;
|
||||
o.Events = new JwtBearerEvents
|
||||
{
|
||||
OnMessageReceived = context =>
|
||||
{
|
||||
var token = context.Request.Headers["Authorization"].ObjectToString().Replace("Bearer ", "");
|
||||
if (string.IsNullOrEmpty(token))
|
||||
{
|
||||
context.Response.Headers.Append("Token-Error-Token", "authorization decryption failure!");
|
||||
}
|
||||
else
|
||||
{
|
||||
context.Token = EncryptProvider.AESDecrypt(token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
}
|
||||
return Task.CompletedTask;
|
||||
},
|
||||
OnChallenge = context =>
|
||||
{
|
||||
context.Response.Headers.Append("Token-Error", context.ErrorDescription);
|
||||
@@ -213,7 +252,19 @@ namespace CoreCms.Net.Auth
|
||||
OnAuthenticationFailed = context =>
|
||||
{
|
||||
var token = context.Request.Headers["Authorization"].ObjectToString().Replace("Bearer ", "");
|
||||
var jwtToken = (new JwtSecurityTokenHandler()).ReadJwtToken(token);
|
||||
if (string.IsNullOrEmpty(token))
|
||||
{
|
||||
context.Response.Headers.Append("Token-Error-Token", "token is wrong!");
|
||||
}
|
||||
|
||||
//进行aes解密
|
||||
var decodeToken = EncryptProvider.AESDecrypt(token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
if (string.IsNullOrEmpty(decodeToken))
|
||||
{
|
||||
context.Response.Headers.Append("Token-Error-Token", "token decryption failure!");
|
||||
}
|
||||
|
||||
var jwtToken = (new JwtSecurityTokenHandler()).ReadJwtToken(decodeToken);
|
||||
|
||||
if (jwtToken.Issuer != issuer)
|
||||
{
|
||||
|
||||
@@ -7,6 +7,7 @@
|
||||
<ItemGroup>
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.0" />
|
||||
<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="8.0.0" />
|
||||
<PackageReference Include="NETCore.Encrypt" Version="2.1.1" />
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
|
||||
@@ -19,7 +19,7 @@ namespace CoreCms.Net.Auth.Policys
|
||||
/// <summary>
|
||||
/// JWTToken生成类
|
||||
/// </summary>
|
||||
public class JwtToken
|
||||
public static class JwtToken
|
||||
{
|
||||
/// <summary>
|
||||
/// 获取基于JWT的Token
|
||||
@@ -27,7 +27,7 @@ namespace CoreCms.Net.Auth.Policys
|
||||
/// <param name="claims">需要在登陆的时候配置</param>
|
||||
/// <param name="permissionRequirement">在startup中定义的参数</param>
|
||||
/// <returns></returns>
|
||||
public static dynamic BuildJwtToken(Claim[] claims, PermissionRequirement permissionRequirement)
|
||||
public static JwtTokenResponseJson BuildJwtToken(Claim[] claims, PermissionRequirement permissionRequirement)
|
||||
{
|
||||
var now = DateTime.Now;
|
||||
// 实例化JwtSecurityToken
|
||||
|
||||
@@ -31,6 +31,7 @@ using CoreCms.Net.Utility.Helper;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using NETCore.Encrypt;
|
||||
using SqlSugar;
|
||||
using static SKIT.FlurlHttpClient.Wechat.Api.Models.CgibinUserInfoBatchGetRequest.Types;
|
||||
|
||||
@@ -62,6 +63,7 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
|
||||
private readonly ICoreCmsPromotionServices _coreCmsPromotionServices;
|
||||
private readonly ICoreCmsCouponServices _coreCmsCouponServices;
|
||||
private readonly ICoreCmsAliPayUserInfoServices _aliPayUserInfoServices;
|
||||
|
||||
|
||||
public CoreCmsUserServices(IUnitOfWork unitOfWork
|
||||
@@ -72,7 +74,7 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
ICoreCmsUserWeChatInfoServices userWeChatInfoServices, ICoreCmsUserGradeServices userGradeServices,
|
||||
PermissionRequirement permissionRequirement, IHttpContextAccessor httpContextAccessor,
|
||||
ICoreCmsUserLogServices userLogServices, IServiceProvider serviceProvider,
|
||||
ICoreCmsBillPaymentsServices billPaymentsServices, ICoreCmsDistributionGradeRepository distributionGradeRepository, ICoreCmsDistributionRepository distributionRepository, ICoreCmsPromotionServices coreCmsPromotionServices, ICoreCmsCouponServices coreCmsCouponServices)
|
||||
ICoreCmsBillPaymentsServices billPaymentsServices, ICoreCmsDistributionGradeRepository distributionGradeRepository, ICoreCmsDistributionRepository distributionRepository, ICoreCmsPromotionServices coreCmsPromotionServices, ICoreCmsCouponServices coreCmsCouponServices, ICoreCmsAliPayUserInfoServices aliPayUserInfoServices)
|
||||
{
|
||||
_dal = dal;
|
||||
BaseDal = dal;
|
||||
@@ -92,6 +94,7 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
_distributionRepository = distributionRepository;
|
||||
_coreCmsPromotionServices = coreCmsPromotionServices;
|
||||
_coreCmsCouponServices = coreCmsCouponServices;
|
||||
_aliPayUserInfoServices = aliPayUserInfoServices;
|
||||
}
|
||||
|
||||
|
||||
@@ -568,7 +571,7 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
/// 手机短信验证码登陆,同时兼有手机短信注册的功能,还有第三方账户绑定的功能
|
||||
/// </summary>
|
||||
/// <param name="entity">实体数据</param>
|
||||
/// <param name="loginType">登录方式(1普通,2短信,3微信小程序拉取手机号)</param>
|
||||
/// <param name="loginType">登录方式(1普通,2短信,3微信小程序拉取手机号,4支付宝小程序拉取手机号)</param>
|
||||
/// <param name="platform"></param>
|
||||
/// <returns></returns>
|
||||
public async Task<WebApiCallBack> SmsLogin(FMComAccountCreate entity,
|
||||
@@ -621,10 +624,9 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
userInfo.createTime = DateTime.Now;
|
||||
|
||||
//没有此用户,创建此用户
|
||||
if (!string.IsNullOrEmpty(entity.sessionAuthId))
|
||||
if (!string.IsNullOrEmpty(entity.sessionAuthId) && loginType == (int)GlobalEnumVars.LoginType.WeChatPhoneNumber)
|
||||
{
|
||||
var wxUserInfo =
|
||||
await _userWeChatInfoServices.QueryByClauseAsync(p => p.openid == entity.sessionAuthId);
|
||||
var wxUserInfo = await _userWeChatInfoServices.QueryByClauseAsync(p => p.openid == entity.sessionAuthId);
|
||||
if (wxUserInfo != null)
|
||||
{
|
||||
if (string.IsNullOrEmpty(entity.avatar)) entity.avatar = wxUserInfo.avatar;
|
||||
@@ -633,6 +635,17 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
userInfo.userWx = wxUserInfo?.id ?? 0;
|
||||
}
|
||||
}
|
||||
//else if (!string.IsNullOrEmpty(entity.sessionAuthId) && loginType == (int)GlobalEnumVars.LoginType.AliPhoneNumber)
|
||||
//{
|
||||
// var aliUserInfo = await _aliPayUserInfoServices.QueryByClauseAsync(p => p.userId == entity.sessionAuthId || p.openId== entity.sessionAuthId);
|
||||
// if (aliUserInfo != null)
|
||||
// {
|
||||
// //if (string.IsNullOrEmpty(entity.avatar)) entity.avatar = AliUserInfo.avatar;
|
||||
// //if (string.IsNullOrEmpty(entity.nickname)) entity.nickname = wxUserInfo.nickName;
|
||||
// //userInfo.sex = AliUserInfo?.gender ?? 3;
|
||||
// userInfo.userWx = aliUserInfo?.id ?? 0;
|
||||
// }
|
||||
//}
|
||||
|
||||
var allConfigs = await _settingServices.GetConfigDictionaries();
|
||||
|
||||
@@ -643,28 +656,17 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
}
|
||||
else
|
||||
{
|
||||
var defaultImage =
|
||||
CommonHelper.GetConfigDictionary(allConfigs, SystemSettingConstVars.ShopDefaultImage);
|
||||
var defaultImage = CommonHelper.GetConfigDictionary(allConfigs, SystemSettingConstVars.ShopDefaultImage);
|
||||
userInfo.avatarImage = defaultImage;
|
||||
}
|
||||
|
||||
userInfo.nickName = !string.IsNullOrEmpty(entity.nickname)
|
||||
? entity.nickname
|
||||
: UserHelper.FormatMobile(entity.mobile);
|
||||
userInfo.nickName = !string.IsNullOrEmpty(entity.nickname) ? entity.nickname : UserHelper.FormatMobile(entity.mobile);
|
||||
|
||||
if (entity.invitecode > 0)
|
||||
{
|
||||
var pid = UserHelper.GetUserIdByShareCode(entity.invitecode);
|
||||
var pInfo = await _dal.QueryByClauseAsync(p => p.id == pid);
|
||||
if (pInfo != null)
|
||||
{
|
||||
userInfo.parentId = pid;
|
||||
}
|
||||
//else
|
||||
//{
|
||||
// jm.msg = GlobalErrorCodeVars.Code10014;
|
||||
// return jm;
|
||||
//}
|
||||
userInfo.parentId = pInfo != null ? pid : 0;
|
||||
}
|
||||
|
||||
if (!string.IsNullOrEmpty(entity.password))
|
||||
@@ -675,7 +677,6 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
jm.msg = GlobalErrorCodeVars.Code11009;
|
||||
return jm;
|
||||
}
|
||||
|
||||
userInfo.passWord = CommonHelper.EnPassword(entity.password, userInfo.createTime);
|
||||
}
|
||||
else
|
||||
@@ -688,22 +689,14 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
userInfo.grade = userGradeInfo?.id ?? 0;
|
||||
|
||||
var userId = await _dal.InsertAsync(userInfo);
|
||||
if (userId == 0)
|
||||
{
|
||||
jm.msg = GlobalErrorCodeVars.Code10000;
|
||||
return jm;
|
||||
}
|
||||
|
||||
if (userId > 0)
|
||||
{
|
||||
if (entity.invitecode > 0 && userInfo.parentId > 0)
|
||||
{
|
||||
var inviterUserIntegral = CommonHelper
|
||||
.GetConfigDictionary(allConfigs, SystemSettingConstVars.InviterUserIntegral)
|
||||
.ObjectToInt(); //是否开启积分功能
|
||||
var inviterUserIntegral = CommonHelper.GetConfigDictionary(allConfigs, SystemSettingConstVars.InviterUserIntegral).ObjectToInt(); //是否开启积分功能
|
||||
if (inviterUserIntegral > 0)
|
||||
await _userPointLogServices.SetPoint(userInfo.parentId, inviterUserIntegral,
|
||||
(int)GlobalEnumVars.UserPointSourceTypes.PointTypeInviterUser, "发展用户:" + userId + "赠送积分");
|
||||
await _userPointLogServices.SetPoint(userInfo.parentId, inviterUserIntegral, (int)GlobalEnumVars.UserPointSourceTypes.PointTypeInviterUser, "发展用户:" + userId + "赠送积分");
|
||||
}
|
||||
|
||||
//是否默认注册分销商
|
||||
@@ -727,6 +720,11 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
await _distributionRepository.InsertAsync(iData);
|
||||
}
|
||||
}
|
||||
else if (userId == 0)
|
||||
{
|
||||
jm.msg = GlobalErrorCodeVars.Code10000;
|
||||
return jm;
|
||||
}
|
||||
|
||||
userInfo = await _dal.QueryByIdAsync(userId);
|
||||
|
||||
@@ -756,7 +754,7 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
}
|
||||
|
||||
//判断是否是小程序里的微信登陆,如果是,就给他绑定微信账号
|
||||
if (!string.IsNullOrEmpty(entity.sessionAuthId))
|
||||
if (!string.IsNullOrEmpty(entity.sessionAuthId) && loginType == (int)GlobalEnumVars.LoginType.WeChatPhoneNumber)
|
||||
{
|
||||
var updateAsync = await _userWeChatInfoServices.UpdateAsync(p => new CoreCmsUserWeChatInfo() { userId = userInfo.id }, p => p.openid == entity.sessionAuthId);
|
||||
if (updateAsync)
|
||||
@@ -768,7 +766,6 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
//会导致微信数据报错()
|
||||
|
||||
//2023-05-05 屏蔽此代码,是为了让公众号,小程序实现多openid指向同一个账号,但是也存在问题,就是多了之后的解绑问题,应该做个登录设备管理。
|
||||
|
||||
//await _userWeChatInfoServices.UpdateAsync(p => new CoreCmsUserWeChatInfo() { userId = 0 }, p => p.openid != entity.sessionAuthId && p.userId == userInfo.id);
|
||||
}
|
||||
|
||||
@@ -780,6 +777,10 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
}
|
||||
|
||||
}
|
||||
else if (!string.IsNullOrEmpty(entity.sessionAuthId) && loginType == (int)GlobalEnumVars.LoginType.AliPhoneNumber)
|
||||
{
|
||||
await _aliPayUserInfoServices.UpdateAsync(p => new CoreCmsAliPayUserInfo() { userInfoId = userInfo.id }, p => p.openId == entity.sessionAuthId || p.userId == entity.sessionAuthId);
|
||||
}
|
||||
|
||||
if (userInfo.status == (int)GlobalEnumVars.UserStatus.正常)
|
||||
{
|
||||
@@ -799,7 +800,13 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
//用户标识
|
||||
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
|
||||
identity.AddClaims(claims);
|
||||
jm.data = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
|
||||
//返回处理结果集
|
||||
var auth = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
//对token进行非对称加密
|
||||
auth.token = EncryptProvider.AESEncrypt(auth.token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
|
||||
jm.data = auth;
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -875,7 +882,6 @@ public class CoreCmsUserServices : BaseServices<CoreCmsUser>, ICoreCmsUserServic
|
||||
|
||||
#endregion
|
||||
|
||||
|
||||
#region 当关闭分销和代理的时候走个人邀请好友分佣
|
||||
|
||||
/// <summary>
|
||||
|
||||
@@ -31,6 +31,7 @@ using Microsoft.AspNetCore.Cors;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Net.Http.Headers;
|
||||
using NETCore.Encrypt;
|
||||
|
||||
namespace CoreCms.Net.Web.Admin.Controllers
|
||||
{
|
||||
@@ -124,13 +125,16 @@ namespace CoreCms.Net.Web.Admin.Controllers
|
||||
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
|
||||
identity.AddClaims(claims);
|
||||
|
||||
var token = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
//返回处理结果集
|
||||
var auth = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
//对token进行非对称加密
|
||||
auth.token = EncryptProvider.AESEncrypt(auth.token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
|
||||
jm.code = 0;
|
||||
jm.msg = "认证成功";
|
||||
jm.data = new
|
||||
{
|
||||
token,
|
||||
token = auth,
|
||||
loginUrl = "Panel.html"
|
||||
};
|
||||
|
||||
|
||||
@@ -61,6 +61,7 @@
|
||||
<PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.19.5" />
|
||||
<PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="8.0.0" />
|
||||
<PackageReference Include="MySql.Data" Version="8.2.0" />
|
||||
<PackageReference Include="NETCore.Encrypt" Version="2.1.1" />
|
||||
<PackageReference Include="NLog" Version="5.2.7" />
|
||||
<PackageReference Include="NLog.Database" Version="5.2.7" />
|
||||
<PackageReference Include="NLog.Web.AspNetCore" Version="5.3.7" />
|
||||
|
||||
@@ -16,6 +16,7 @@ using CoreCms.Net.Model.Entities;
|
||||
using CoreCms.Net.Model.FromBody;
|
||||
using CoreCms.Net.Configuration;
|
||||
using static SKIT.FlurlHttpClient.Wechat.Api.Models.WeDataQueryBindListResponse.Types;
|
||||
using NETCore.Encrypt;
|
||||
|
||||
namespace CoreCms.Net.Web.WebApi.Controllers.AliPayOAuth
|
||||
{
|
||||
@@ -137,10 +138,16 @@ namespace CoreCms.Net.Web.WebApi.Controllers.AliPayOAuth
|
||||
//用户标识
|
||||
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
|
||||
identity.AddClaims(claims);
|
||||
|
||||
//返回处理结果集
|
||||
var auth = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
//对token进行非对称加密
|
||||
auth.token = EncryptProvider.AESEncrypt(auth.token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
|
||||
jm.status = true;
|
||||
jm.data = new
|
||||
{
|
||||
auth = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement),
|
||||
auth,
|
||||
user
|
||||
};
|
||||
jm.otherData = result.UserId;
|
||||
|
||||
@@ -48,6 +48,7 @@ using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Extensions.Options;
|
||||
using NETCore.Encrypt;
|
||||
using Newtonsoft.Json;
|
||||
using Nito.AsyncEx;
|
||||
using NLog;
|
||||
@@ -252,10 +253,16 @@ namespace CoreCms.Net.Web.WebApi.Controllers
|
||||
//用户标识
|
||||
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
|
||||
identity.AddClaims(claims);
|
||||
|
||||
//返回处理结果集
|
||||
var auth = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
//对token进行非对称加密
|
||||
auth.token = EncryptProvider.AESEncrypt(auth.token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
|
||||
jm.status = true;
|
||||
jm.data = new
|
||||
{
|
||||
auth = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement),
|
||||
auth,
|
||||
user
|
||||
};
|
||||
jm.otherData = response.OpenId;
|
||||
@@ -355,10 +362,16 @@ namespace CoreCms.Net.Web.WebApi.Controllers
|
||||
//用户标识
|
||||
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
|
||||
identity.AddClaims(claims);
|
||||
|
||||
//返回处理结果集
|
||||
var auth = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
//对token进行非对称加密
|
||||
auth.token = EncryptProvider.AESEncrypt(auth.token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
|
||||
jm.status = true;
|
||||
jm.data = new
|
||||
{
|
||||
auth = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement),
|
||||
auth,
|
||||
user
|
||||
};
|
||||
jm.otherData = response.OpenId;
|
||||
@@ -468,8 +481,14 @@ namespace CoreCms.Net.Web.WebApi.Controllers
|
||||
//用户标识
|
||||
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
|
||||
identity.AddClaims(claims);
|
||||
|
||||
//返回处理结果集
|
||||
var auth = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
//对token进行非对称加密
|
||||
auth.token = EncryptProvider.AESEncrypt(auth.token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
|
||||
jm.status = true;
|
||||
jm.data = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
jm.data = auth;
|
||||
|
||||
//录入登录日志
|
||||
var log = new CoreCmsUserLog();
|
||||
@@ -801,9 +820,15 @@ namespace CoreCms.Net.Web.WebApi.Controllers
|
||||
//用户标识
|
||||
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
|
||||
identity.AddClaims(claims);
|
||||
|
||||
//返回处理结果集
|
||||
var auth = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
//对token进行非对称加密
|
||||
auth.token = EncryptProvider.AESEncrypt(auth.token, AppSettingsConstVars.JwtConfigSecretKey);
|
||||
|
||||
jm.status = true;
|
||||
jm.msg = "注册成功";
|
||||
jm.data = JwtToken.BuildJwtToken(claims.ToArray(), _permissionRequirement);
|
||||
jm.data = auth;
|
||||
//录入登录日志
|
||||
var log = new CoreCmsUserLog();
|
||||
log.userId = id;
|
||||
|
||||
@@ -67,6 +67,7 @@
|
||||
<PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.19.5" />
|
||||
<PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="8.0.0" />
|
||||
<PackageReference Include="MySql.Data" Version="8.2.0" />
|
||||
<PackageReference Include="NETCore.Encrypt" Version="2.1.1" />
|
||||
<PackageReference Include="Nito.AsyncEx" Version="5.1.2" />
|
||||
<PackageReference Include="NLog" Version="5.2.7" />
|
||||
<PackageReference Include="NLog.Database" Version="5.2.7" />
|
||||
|
||||
@@ -1081,7 +1081,7 @@
|
||||
用户操作事件
|
||||
</summary>
|
||||
</member>
|
||||
<member name="M:CoreCms.Net.Web.WebApi.Controllers.UserController.#ctor(CoreCms.Net.Auth.HttpContextUser.IHttpContextUser,CoreCms.Net.IServices.ICoreCmsUserWeChatInfoServices,CoreCms.Net.IServices.ICoreCmsUserServices,CoreCms.Net.Auth.Policys.PermissionRequirement,CoreCms.Net.IServices.ICoreCmsSmsServices,CoreCms.Net.IServices.ICoreCmsUserGradeServices,CoreCms.Net.IServices.ICoreCmsUserLogServices,Microsoft.AspNetCore.Http.IHttpContextAccessor,CoreCms.Net.IServices.ICoreCmsGoodsServices,CoreCms.Net.IServices.ICoreCmsGoodsBrowsingServices,CoreCms.Net.IServices.ICoreCmsCartServices,CoreCms.Net.IServices.ICoreCmsGoodsCollectionServices,CoreCms.Net.IServices.ICoreCmsUserShipServices,CoreCms.Net.IServices.ICoreCmsAreaServices,CoreCms.Net.IServices.ICoreCmsBillPaymentsServices,CoreCms.Net.IServices.ICoreCmsGoodsCommentServices,CoreCms.Net.IServices.ICoreCmsUserBankCardServices,CoreCms.Net.IServices.ICoreCmsUserTocashServices,CoreCms.Net.IServices.ICoreCmsUserBalanceServices,CoreCms.Net.IServices.ICoreCmsInvoiceServices,CoreCms.Net.IServices.ICoreCmsUserPointLogServices,CoreCms.Net.IServices.ICoreCmsShareServices,CoreCms.Net.IServices.ICoreCmsSettingServices,CoreCms.Net.IServices.ICoreCmsServicesServices,Microsoft.Extensions.Options.IOptions{CoreCms.Net.WeChat.Service.Options.WeChatOptions},CoreCms.Net.IServices.ICoreCmsUserServicesOrderServices,CoreCms.Net.IServices.ICoreCmsUserServicesTicketServices,CoreCms.Net.IServices.ICoreCmsStoreServices,CoreCms.Net.IServices.ICoreCmsCouponServices,CoreCms.Net.IServices.ICoreCmsOrderServices,CoreCms.Net.WeChat.Service.HttpClients.IWeChatApiHttpClientFactory,CoreCms.Net.Caching.AutoMate.RedisCache.IRedisOperationRepository)">
|
||||
<member name="M:CoreCms.Net.Web.WebApi.Controllers.UserController.#ctor(CoreCms.Net.Auth.HttpContextUser.IHttpContextUser,CoreCms.Net.IServices.ICoreCmsUserWeChatInfoServices,CoreCms.Net.IServices.ICoreCmsUserServices,CoreCms.Net.Auth.Policys.PermissionRequirement,CoreCms.Net.IServices.ICoreCmsSmsServices,CoreCms.Net.IServices.ICoreCmsUserGradeServices,CoreCms.Net.IServices.ICoreCmsUserLogServices,Microsoft.AspNetCore.Http.IHttpContextAccessor,CoreCms.Net.IServices.ICoreCmsGoodsServices,CoreCms.Net.IServices.ICoreCmsGoodsBrowsingServices,CoreCms.Net.IServices.ICoreCmsCartServices,CoreCms.Net.IServices.ICoreCmsGoodsCollectionServices,CoreCms.Net.IServices.ICoreCmsUserShipServices,CoreCms.Net.IServices.ICoreCmsAreaServices,CoreCms.Net.IServices.ICoreCmsBillPaymentsServices,CoreCms.Net.IServices.ICoreCmsGoodsCommentServices,CoreCms.Net.IServices.ICoreCmsUserBankCardServices,CoreCms.Net.IServices.ICoreCmsUserTocashServices,CoreCms.Net.IServices.ICoreCmsUserBalanceServices,CoreCms.Net.IServices.ICoreCmsInvoiceServices,CoreCms.Net.IServices.ICoreCmsUserPointLogServices,CoreCms.Net.IServices.ICoreCmsShareServices,CoreCms.Net.IServices.ICoreCmsSettingServices,CoreCms.Net.IServices.ICoreCmsServicesServices,Microsoft.Extensions.Options.IOptions{CoreCms.Net.WeChat.Service.Options.WeChatOptions},CoreCms.Net.IServices.ICoreCmsUserServicesOrderServices,CoreCms.Net.IServices.ICoreCmsUserServicesTicketServices,CoreCms.Net.IServices.ICoreCmsStoreServices,CoreCms.Net.IServices.ICoreCmsCouponServices,CoreCms.Net.IServices.ICoreCmsOrderServices,CoreCms.Net.WeChat.Service.HttpClients.IWeChatApiHttpClientFactory,CoreCms.Net.Caching.AutoMate.RedisCache.IRedisOperationRepository,CoreCms.Net.IServices.ICoreCmsAliPayUserInfoServices,Microsoft.Extensions.Options.IOptions{CoreCms.Net.Model.Options.AliPayOptions})">
|
||||
<summary>
|
||||
构造函数
|
||||
</summary>
|
||||
@@ -1107,7 +1107,7 @@
|
||||
<param name="entity"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:CoreCms.Net.Web.WebApi.Controllers.UserController.SmsLogin(CoreCms.Net.Model.FromBody.FMWxAccountCreate)">
|
||||
<member name="M:CoreCms.Net.Web.WebApi.Controllers.UserController.SmsLogin(CoreCms.Net.Model.FromBody.FMComAccountCreate)">
|
||||
<summary>
|
||||
手机短信验证码登陆,同时兼有手机短信注册的功能,还有第三方账户绑定的功能
|
||||
</summary>
|
||||
@@ -1121,7 +1121,14 @@
|
||||
<param name="entity"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:CoreCms.Net.Web.WebApi.Controllers.UserController.SmsLogin2(CoreCms.Net.Model.FromBody.FMWxAccountCreate)">
|
||||
<member name="M:CoreCms.Net.Web.WebApi.Controllers.UserController.DecryptPhoneNumberByAli(CoreCms.Net.Model.FromBody.FMAliLoginDecryptPhoneNumber)">
|
||||
<summary>
|
||||
支付宝小程序授权拉取手机号码
|
||||
</summary>
|
||||
<param name="entity"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:CoreCms.Net.Web.WebApi.Controllers.UserController.SmsLogin2(CoreCms.Net.Model.FromBody.FMComAccountCreate)">
|
||||
<summary>
|
||||
用户短信注册并返回jwt token(弃用)
|
||||
</summary>
|
||||
|
||||
Reference in New Issue
Block a user