From bfc88b44b2aec3e4ac42aa2f20816c222ef75831 Mon Sep 17 00:00:00 2001 From: FunCoder Date: Mon, 7 Apr 2025 09:54:17 +0800 Subject: [PATCH 1/3] =?UTF-8?q?=E4=BC=98=E5=8C=96=E4=BB=A4=E7=89=8C?= =?UTF-8?q?=E7=89=88=E6=9C=AC=E6=9B=B4=E6=96=B0=E6=9C=BA=E5=88=B6=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Service/Auth/SysAuthService.cs | 4 +-- .../Service/User/SysUserService.cs | 26 ++++++++++++------- 2 files changed, 18 insertions(+), 12 deletions(-) diff --git a/Admin.NET/Admin.NET.Core/Service/Auth/SysAuthService.cs b/Admin.NET/Admin.NET.Core/Service/Auth/SysAuthService.cs index 2cc2642f..de12be24 100644 --- a/Admin.NET/Admin.NET.Core/Service/Auth/SysAuthService.cs +++ b/Admin.NET/Admin.NET.Core/Service/Auth/SysAuthService.cs @@ -352,8 +352,8 @@ public class SysAuthService : IDynamicApiController, ITransient // .Where(u => u.Id == _userManager.UserId) // .ExecuteCommandAsync(); - // 更新用户Token版本缓存 - _sysCacheService.Set($"{CacheConst.KeyUserToken}{_userManager.UserId}", $"{_userManager.TokenVersion + 1}"); + //// 更新用户Token版本缓存 退出系统不用更新系统缓存,更新后其他已登录机全都要重新登录。 + //_sysCacheService.Set($"{CacheConst.KeyUserToken}{_userManager.UserId}", $"{_userManager.TokenVersion + 1}"); // 发布系统退出事件 await _eventPublisher.PublishAsync(UserEventTypeEnum.Logout, _userManager); diff --git a/Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs b/Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs index 7c219835..28d290fa 100644 --- a/Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs +++ b/Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs @@ -4,6 +4,8 @@ // // 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动!任何基于本项目二次开发而产生的一切法律纠纷和责任,我们不承担任何责任! +using System.Linq; + namespace Admin.NET.Core.Service; /// @@ -140,7 +142,8 @@ public class SysUserService : IDynamicApiController, ITransient if (await query.AnyAsync(u => u.Account == input.Account)) throw Oops.Oh(ErrorCodeEnum.D1003); if (!string.IsNullOrWhiteSpace(input.Phone) && await query.AnyAsync(u => u.Phone == input.Phone)) throw Oops.Oh(ErrorCodeEnum.D1032); - input.TokenVersion++; + ////更新用户普通信息时不因更新TokenVersion + //input.TokenVersion++; var user = input.Adapt(); await _sysUserRep.AsUpdateable(user).IgnoreColumns(true).IgnoreColumns(u => new { u.Password, u.Status, u.TenantId }).ExecuteCommandAsync(); @@ -287,13 +290,16 @@ public class SysUserService : IDynamicApiController, ITransient { var user = await _sysUserRep.GetByIdAsync(input.UserId) ?? throw Oops.Oh(ErrorCodeEnum.D0009); - await _sysUserRoleService.GrantUserRole(input); - - // 强制下线账号和失效Token - await OfflineAndExpireToken(user); - - // 发布更新用户角色事件 - await _eventPublisher.PublishAsync(UserEventTypeEnum.UpdateRole, input); + // 若账号的角色发生变化,才更新 + var roles = await _sysUserRoleService.GetUserRoleIdList(input.UserId); + if(!roles.SequenceEqual(input.RoleIdList)) + { + await _sysUserRoleService.GrantUserRole(input); + // 强制下线账号和失效Token + await OfflineAndExpireToken(user); + // 发布更新用户角色事件 + await _eventPublisher.PublishAsync(UserEventTypeEnum.UpdateRole, input); + } } /// @@ -461,8 +467,8 @@ public class SysUserService : IDynamicApiController, ITransient /// private async Task OfflineAndExpireToken(SysUser user) { - // 更新Token版本缓存 - _sysCacheService.Set($"{CacheConst.KeyUserToken}{user.Id}", $"{user.TokenVersion + 1}"); + // 更新Token版本缓存,当角色、机构、密码、重置、删除、状态改变时,Token版本清0 + _sysCacheService.Remove($"{CacheConst.KeyUserToken}{user.Id}"); // 强制下线账号 await _sysOnlineUserService.ForceOfflineByUserId(user.Id); From ffd69843f1dde5325d025f02efada2f5b09f46f5 Mon Sep 17 00:00:00 2001 From: FunCoder Date: Mon, 7 Apr 2025 09:57:44 +0800 Subject: [PATCH 2/3] . --- Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs | 2 -- 1 file changed, 2 deletions(-) diff --git a/Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs b/Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs index 28d290fa..27ddb015 100644 --- a/Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs +++ b/Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs @@ -4,8 +4,6 @@ // // 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动!任何基于本项目二次开发而产生的一切法律纠纷和责任,我们不承担任何责任! -using System.Linq; - namespace Admin.NET.Core.Service; /// From 8dc9f846e17c3f6738662f984684222ccd3b6e49 Mon Sep 17 00:00:00 2001 From: FunCoder Date: Mon, 7 Apr 2025 10:14:04 +0800 Subject: [PATCH 3/3] =?UTF-8?q?=E6=9F=A5=E5=BA=93=E5=B9=B6=E7=BC=93?= =?UTF-8?q?=E5=AD=98=E7=94=A8=E6=88=B7Token=E7=89=88=E6=9C=AC=E7=9A=84?= =?UTF-8?q?=E6=97=B6=E5=80=99=E5=88=A4=E6=96=AD=E8=B4=A6=E6=88=B7=E5=A4=B1?= =?UTF-8?q?=E6=95=88=E6=88=96=E8=A2=AB=E7=A6=81=E6=AD=A2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs b/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs index 3b55db87..ec38d2c1 100644 --- a/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs +++ b/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs @@ -49,6 +49,12 @@ namespace Admin.NET.Web.Core { // 查库并缓存用户Token版本 var user = await serviceScope.ServiceProvider.GetRequiredService().Queryable().FirstAsync(u => u.Id == long.Parse(userId)); + if (user == null || user.IsDelete) + { + context.Fail(new AuthorizationFailureReason(this, "账户失效或被禁止")); + context.GetCurrentHttpContext().SignoutToSwagger(); + return; + } sysCacheService.Set($"{CacheConst.KeyUserToken}{user.Id}", $"{user.TokenVersion}"); tokenVersion2 = user.TokenVersion.ToString(); }