Skip to content

Commit

Permalink
fix: 修复Identity锁定功能 #124
Browse files Browse the repository at this point in the history
  • Loading branch information
WangJunZzz committed Mar 10, 2024
1 parent 057b092 commit b17b90a
Show file tree
Hide file tree
Showing 6 changed files with 48 additions and 21 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -5,39 +5,53 @@
using Lion.AbpPro.BasicManagement.ConfigurationOptions;
using Lion.AbpPro.BasicManagement.Users.Dtos;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
using Microsoft.IdentityModel.Tokens;
using Volo.Abp.Identity.AspNetCore;
using Volo.Abp.Security.Claims;
using IdentityUser = Volo.Abp.Identity.IdentityUser;

namespace Lion.AbpPro.BasicManagement.Users
{
public class AccountAppService : BasicManagementAppService, IAccountAppService
{
private readonly IdentityUserManager _userManager;

private readonly JwtOptions _jwtOptions;

//private readonly Microsoft.AspNetCore.Identity.SignInManager<IdentityUser> _signInManager;
private readonly IdentitySecurityLogManager _identitySecurityLogManager;
private readonly IHttpContextAccessor _httpContextAccessor;
private readonly AbpSignInManager _signInManager;
protected IOptions<IdentityOptions> IdentityOptions { get; }

public AccountAppService(
IdentityUserManager userManager,
IOptionsSnapshot<JwtOptions> jwtOptions,
IdentitySecurityLogManager identitySecurityLogManager,
IHttpContextAccessor httpContextAccessor, AbpSignInManager signInManager)
IdentitySecurityLogManager identitySecurityLogManager,
IHttpContextAccessor httpContextAccessor, AbpSignInManager signInManager, ISettingProvider settingProvider, IOptions<IdentityOptions> identityOptions)
{
_userManager = userManager;
_jwtOptions = jwtOptions.Value;
_identitySecurityLogManager = identitySecurityLogManager;
_httpContextAccessor = httpContextAccessor;
_signInManager = signInManager;
IdentityOptions = identityOptions;
}


public virtual async Task<LoginOutput> LoginAsync(LoginInput input)
{
await IdentityOptions.SetAsync();

var result = await _signInManager.PasswordSignInAsync(input.Name, input.Password, false, true);

if (result.IsNotAllowed)
{
throw new BusinessException(BasicManagementErrorCodes.UserDisabled);
}

if (result.IsLockedOut)
{
throw new BusinessException(BasicManagementErrorCodes.UserLockedOut);
}
Expand All @@ -47,8 +61,9 @@ public virtual async Task<LoginOutput> LoginAsync(LoginInput input)
throw new BusinessException(BasicManagementErrorCodes.UserOrPasswordMismatch);
}


var user = await _userManager.FindByNameAsync(input.Name);

await _identitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
{
Action = _httpContextAccessor.HttpContext?.Request.Path,
Expand Down Expand Up @@ -104,7 +119,7 @@ private string GenerateJwt(Guid userId, string userName, string name, string ema
{
Subject = new ClaimsIdentity(claims),
Expires = expirationTime, // token 过期时间
NotBefore = dateNow, // token 签发时间
NotBefore = dateNow, // token 签发时间
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature)
};
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,7 @@ public virtual async Task<IdentityUserDto> CreateAsync(IdentityUserCreateDto inp
{
// abp 5.0 之后新增字段,是否运行用户登录,默认设置为true
input.IsActive = true;
input.LockoutEnabled = true;
return await _identityUserAppService.CreateAsync(input);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@

public static class BasicManagementErrorCodes
{
public const string OrganizationUnitNotExist =BasicManagementConsts.NameSpace+ ":100001";
public const string UserLockedOut =BasicManagementConsts.NameSpace+ ":100002";
public const string UserOrPasswordMismatch =BasicManagementConsts.NameSpace+ ":100003";
}
public const string OrganizationUnitNotExist = BasicManagementConsts.NameSpace + ":100001";
public const string UserLockedOut = BasicManagementConsts.NameSpace + ":100002";
public const string UserOrPasswordMismatch = BasicManagementConsts.NameSpace + ":100003";
public const string UserDisabled = BasicManagementConsts.NameSpace + ":100004";
}
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
"Setting.Group.System": "System",
"Lion.AbpPro.BasicManagement:100001": "OrganizationUnit Not Exist",
"Lion.AbpPro.BasicManagement:100002": "UserLockedOut",
"Lion.AbpPro.BasicManagement:100003": "UserOrPasswordMismatch"
"Lion.AbpPro.BasicManagement:100003": "UserOrPasswordMismatch",
"Lion.AbpPro.BasicManagement:100004": "UserDisabled"
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
"Setting.Group.System": "系统",
"Lion.AbpPro.BasicManagement:100001": "组织机构不存在",
"Lion.AbpPro.BasicManagement:100002": "用户被锁定",
"Lion.AbpPro.BasicManagement:100003": "用户名或者密码错误"
"Lion.AbpPro.BasicManagement:100003": "用户名或者密码错误",
"Lion.AbpPro.BasicManagement:100004": "用户已禁用"
}
}
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
namespace Lion.AbpPro.BasicManagement.Settings;
using Volo.Abp.Identity.Settings;

namespace Lion.AbpPro.BasicManagement.Settings;

public class BasicManagementSettingDefinitionProvider : SettingDefinitionProvider
{
Expand All @@ -24,47 +26,53 @@ private static void OverrideDefaultSettings(ISettingDefinitionContext context)
.WithProperty(AbpProSettingConsts.ControlType.Default,
AbpProSettingConsts.ControlType.TypeText));

context.GetOrNull("Abp.Identity.Password.RequiredLength")
context.GetOrNull(IdentitySettingNames.Password.RequiredLength)
.WithProperty(BasicManagementSettings.Group.Default,
BasicManagementSettings.Group.SystemManagement)
.WithProperty(AbpProSettingConsts.ControlType.Default,
AbpProSettingConsts.ControlType.Number);

context.GetOrNull("Abp.Identity.Password.RequiredLength")
context.GetOrNull(IdentitySettingNames.Password.RequiredUniqueChars)
.WithProperty(BasicManagementSettings.Group.Default,
BasicManagementSettings.Group.SystemManagement)
.WithProperty(AbpProSettingConsts.ControlType.Default,
AbpProSettingConsts.ControlType.Number);

context.GetOrNull("Abp.Identity.Password.RequiredUniqueChars")
context.GetOrNull(IdentitySettingNames.Password.RequireNonAlphanumeric)
.WithProperty(BasicManagementSettings.Group.Default,
BasicManagementSettings.Group.SystemManagement)
.WithProperty(AbpProSettingConsts.ControlType.Default,
AbpProSettingConsts.ControlType.Number);
AbpProSettingConsts.ControlType.TypeCheckBox);

context.GetOrNull("Abp.Identity.Password.RequireNonAlphanumeric")
context.GetOrNull(IdentitySettingNames.Password.RequireLowercase)
.WithProperty(BasicManagementSettings.Group.Default,
BasicManagementSettings.Group.SystemManagement)
.WithProperty(AbpProSettingConsts.ControlType.Default,
AbpProSettingConsts.ControlType.TypeCheckBox);

context.GetOrNull("Abp.Identity.Password.RequireLowercase")
context.GetOrNull(IdentitySettingNames.Password.RequireUppercase)
.WithProperty(BasicManagementSettings.Group.Default,
BasicManagementSettings.Group.SystemManagement)
.WithProperty(AbpProSettingConsts.ControlType.Default,
AbpProSettingConsts.ControlType.TypeCheckBox);

context.GetOrNull("Abp.Identity.Password.RequireUppercase")
context.GetOrNull(IdentitySettingNames.Password.RequireDigit)
.WithProperty(BasicManagementSettings.Group.Default,
BasicManagementSettings.Group.SystemManagement)
.WithProperty(AbpProSettingConsts.ControlType.Default,
AbpProSettingConsts.ControlType.TypeCheckBox);

context.GetOrNull("Abp.Identity.Password.RequireDigit")
context.GetOrNull(IdentitySettingNames.Lockout.LockoutDuration)
.WithProperty(BasicManagementSettings.Group.Default,
BasicManagementSettings.Group.SystemManagement)
.WithProperty(AbpProSettingConsts.ControlType.Default,
AbpProSettingConsts.ControlType.TypeCheckBox);
AbpProSettingConsts.ControlType.Number);

context.GetOrNull(IdentitySettingNames.Lockout.MaxFailedAccessAttempts)
.WithProperty(BasicManagementSettings.Group.Default,
BasicManagementSettings.Group.SystemManagement)
.WithProperty(AbpProSettingConsts.ControlType.Default,
AbpProSettingConsts.ControlType.Number);
}


Expand Down

0 comments on commit b17b90a

Please sign in to comment.