gaoxing/UNIVPLMDataIntegration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request '使用缓存管理用户session信息、优化日志记录逻辑' (#414) from jasondom/Admin.NET.Pro:v2-1 into v2

Browse Source 
Reviewed-on: https://code.adminnet.top/Admin.NET/Admin.NET.Pro/pulls/414
This commit is contained in:
zuohuaijun 2025-08-24 15:33:22 +08:00
commit b04324848c
27 changed files with 926 additions and 419 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
Admin.NET/Admin.NET.Application/Service/App/Auth/AppAuthService.cs
View File

@ -24,6 +24,7 @@ public class AppAuthService : IDynamicApiController, ITransient
private readonly SysRoleService _sysRoleService;
private readonly SysOnlineUserService _sysOnlineUserService;
private readonly SysConfigService _sysConfigService;
private readonly SysAuthService _sysAuthService;
private readonly ICaptcha _captcha;
private readonly SysCacheService _sysCacheService;
@ -33,9 +34,11 @@ public class AppAuthService : IDynamicApiController, ITransient
SysRoleService sysRoleService,
SysOnlineUserService sysOnlineUserService,
SysConfigService sysConfigService,
SysAuthService sysAuthService,
ICaptcha captcha,
SysCacheService sysCacheService)
{
_sysAuthService = sysAuthService;
_appUserManager = appUserManager;
_sysUserRep = sysUserRep;
_httpContextAccessor = httpContextAccessor;
@ -100,8 +103,7 @@ public class AppAuthService : IDynamicApiController, ITransient
// 登录成功则清空密码错误次数
_sysCacheService.Remove(keyPasswordErrorTimes);
return await CreateToken(user);
return await _sysAuthService.CreateToken(user, LoginModeEnum.APP);
}
/// <summary>
@ -149,61 +151,14 @@ public class AppAuthService : IDynamicApiController, ITransient
// 账号是否存在
var user = await _sysUserRep.AsQueryable().Includes(u => u.SysOrg).IgnoreTenant().FirstAsync(u => u.Phone.Equals(input.Phone));
_ = user ?? throw Oops.Oh(ErrorCodeEnum.D0009);
return await CreateToken(user);
return await _sysAuthService.CreateToken(user, LoginModeEnum.APP);
}
/// <summary>
/// 生成Token令牌 🔖
/// </summary>
/// <param name="user"></param>
/// <param name="loginMode"></param>
/// <returns></returns>
[NonAction]
public virtual async Task<LoginOutput> CreateToken(SysUser user, LoginModeEnum loginMode = LoginModeEnum.APP)
{
// 单用户登录
await _sysOnlineUserService.SingleLogin(user.Id, loginMode);
// 生成Token令牌
var tokenExpire = await _sysConfigService.GetTokenExpire();
var accessToken = JWTEncryption.Encrypt(new Dictionary<string, object>
{
{ AppClaimConst.UserId, user.Id },
{ AppClaimConst.TenantId, user.TenantId },
{ AppClaimConst.Account, user.Account },
{ AppClaimConst.RealName, user.RealName },
{ AppClaimConst.AccountType, user.AccountType },
{ AppClaimConst.OrgId, user.OrgId },
{ AppClaimConst.OrgName, user.SysOrg?.Name },
{ AppClaimConst.OrgType, user.SysOrg?.Type },
{ AppClaimConst.OrgLevel, user.SysOrg?.Level },
{ ClaimConst.LoginMode, loginMode },
{ ClaimConst.TokenVersion, user.TokenVersion },
}, tokenExpire);
// 生成刷新Token令牌
var refreshTokenExpire = await _sysConfigService.GetRefreshTokenExpire();
var refreshToken = JWTEncryption.GenerateRefreshToken(accessToken, refreshTokenExpire);
// 设置响应报文头
_httpContextAccessor.HttpContext.SetTokensOfResponseHeaders(accessToken, refreshToken);
// 缓存用户Token版本
_sysCacheService.Set($"{CacheConst.KeyUserToken}{user.Id}", $"{user.TokenVersion}");
return new LoginOutput
{
AccessToken = accessToken,
RefreshToken = refreshToken
};
}
/// <summary>
/// 获取登录账号 🔖
/// 获取当前登陆用户信息 🔖
/// </summary>
/// <returns></returns>
[DisplayName("获取登录账号")]
[DisplayName("获取当前登陆用户信息")]
public virtual async Task<LoginUserOutput> GetUserInfo()
{
var user = await _sysUserRep.GetByIdAsync(_appUserManager.UserId) ?? throw Oops.Oh(ErrorCodeEnum.D1011).StatusCode(401);
@ -261,6 +216,7 @@ public class AppAuthService : IDynamicApiController, ITransient
if (string.IsNullOrWhiteSpace(_appUserManager.Account))
throw Oops.Oh(ErrorCodeEnum.D1011);
_appUserManager.RemoveSession(_appUserManager.UserId);
_httpContextAccessor.HttpContext.SignoutToSwagger();
}

25
Admin.NET/Admin.NET.Application/Service/App/Auth/AppUserManager.cs
View File

@ -6,16 +6,25 @@
using Microsoft.AspNetCore.Http;
namespace Admin.NET.Application.Service.App;
namespace Admin.NET.Application;
public class AppUserManager : UserManager
/// <summary>
/// 业务层用户Session管理
/// </summary>
/// <param name="sysCacheService"></param>
/// <param name="httpContextAccessor"></param>
public class AppUserManager(
SysCacheService sysCacheService,
IHttpContextAccessor httpContextAccessor)
: UserManager(sysCacheService, httpContextAccessor)
{
private readonly IHttpContextAccessor _httpContextAccessor;
public AppUserManager(IHttpContextAccessor httpContextAccessor) : base(httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor;
}
// 扩展属性
}
/// <summary>
/// 用户会话信息
/// </summary>
public partial class UserSessionDao
{
// 扩展属性
}

21
Admin.NET/Admin.NET.Core/ApiKeyAuth/ApiKeyAuthenticationHandler.cs
View File

@ -16,12 +16,18 @@ namespace Admin.NET.Core.ApiKeyAuth;
public class ApiKeyAuthenticationHandler : AuthenticationHandler<ApiKeyAuthenticationOptions>
{
public const string AuthenticationScheme = "ApiKey";
private readonly SysAuthService _sysAuthService;
private readonly UserManager _userManager;
public ApiKeyAuthenticationHandler(IOptionsMonitor<ApiKeyAuthenticationOptions> options,
ILoggerFactory logger,
UrlEncoder encoder)
UrlEncoder encoder,
UserManager userManager,
SysAuthService sysAuthService)
: base(options, logger, encoder)
{
_userManager = userManager;
_sysAuthService = sysAuthService;
}
protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
@ -39,15 +45,12 @@ public class ApiKeyAuthenticationHandler : AuthenticationHandler<ApiKeyAuthentic
identity.AddClaims(
[
new Claim(ClaimConst.UserId, acsInfo.BindUserId + ""),
new Claim(ClaimConst.TenantId, acsInfo.BindTenantId + ""),
new Claim(ClaimConst.Account, acsInfo.BindUser.Account + ""),
new Claim(ClaimConst.RealName, acsInfo.BindUser.RealName),
new Claim(ClaimConst.AccountType, ((int)acsInfo.BindUser.AccountType).ToString()),
new Claim(ClaimConst.OrgId, acsInfo.BindUser.OrgId + ""),
new Claim(ClaimConst.OrgName, acsInfo.BindUser.SysOrg?.Name + ""),
new Claim(ClaimConst.OrgType, acsInfo.BindUser.SysOrg?.Type + ""),
new Claim(ClaimConst.TokenVersion,"1")
new Claim(ClaimConst.TokenVersion, "1")
]);
// 设置用户Session缓存
if (!_userManager.ExistSession(acsInfo.Id)) await _sysAuthService.CreateToken(acsInfo.BindUser);
var user = new ClaimsPrincipal(identity);
return AuthenticateResult.Success(new AuthenticationTicket(user, AuthenticationScheme));
}

5
Admin.NET/Admin.NET.Core/Const/CacheConst.cs
View File

@ -11,6 +11,11 @@ namespace Admin.NET.Core;
/// </summary>
public class CacheConst
{
/// <summary>
/// 用户会话缓存
/// </summary>
public const string KeyUserSession = "sys_user_session:";
/// <summary>
/// 用户Token版本缓存
/// </summary>

122
Admin.NET/Admin.NET.Core/Const/ClaimConst.cs
View File

@ -11,73 +11,85 @@ namespace Admin.NET.Core;
/// </summary>
public class ClaimConst
{
/// <summary>
/// 应用Id
/// </summary>
public const string AppId = "AppId";
/// <summary>
/// 租户Id
/// </summary>
public const string TenantId = "TenantId";
/// <summary>
/// 用户Id
/// </summary>
public const string UserId = "UserId";
/// <summary>
/// 账号
/// </summary>
public const string Account = "Account";
/// <summary>
/// 真实姓名
/// </summary>
public const string RealName = "RealName";
/// <summary>
/// 昵称
/// </summary>
public const string NickName = "NickName";
/// <summary>
/// 账号类型
/// </summary>
public const string AccountType = "AccountType";
/// <summary>
/// 组织机构Id
/// </summary>
public const string OrgId = "OrgId";
/// <summary>
/// 组织机构名称
/// </summary>
public const string OrgName = "OrgName";
/// <summary>
/// 组织机构类型
/// </summary>
public const string OrgType = "OrgType";
/// <summary>
/// 组织机构级别
/// </summary>
public const string OrgLevel = "OrgLevel";
/// <summary>
/// 登录模式PC、APP
/// </summary>
public const string LoginMode = "LoginMode";
/// <summary>
/// Token版本号
/// </summary>
public const string TokenVersion = "TokenVersion";
/// <summary>
/// 应用Id
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string AppId = "AppId";
/// <summary>
/// 租户Id
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string TenantId = "TenantId";
/// <summary>
/// 账号
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string Account = "Account";
/// <summary>
/// 真实姓名
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string RealName = "RealName";
/// <summary>
/// 昵称
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string NickName = "NickName";
/// <summary>
/// 账号类型
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string AccountType = "AccountType";
/// <summary>
/// 组织机构Id
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string OrgId = "OrgId";
/// <summary>
/// 组织机构名称
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string OrgName = "OrgName";
/// <summary>
/// 组织机构类型
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string OrgType = "OrgType";
/// <summary>
/// 组织机构级别
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string OrgLevel = "OrgLevel";
/// <summary>
/// 登录模式PC、APP
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string LoginMode = "LoginMode";
/// <summary>
/// 微信OpenId
/// </summary>
[Obsolete("参数已从请求上下文中移除请通过UserManger获取")]
public const string OpenId = "OpenId";
}

1
Admin.NET/Admin.NET.Core/Const/CommonConst.cs
View File

@ -15,6 +15,7 @@ public class CommonConst
/// <summary>
/// 系统管理员角色编码
/// </summary>
[Description("系统管理员角色编码")]
public const string SysAdminRole = "sys_admin";
/// <summary>

21
Admin.NET/Admin.NET.Core/Entity/SysLogDiff.cs
View File

@ -12,7 +12,7 @@ namespace Admin.NET.Core;
[SugarTable(null, "系统差异日志表")]
[SysTable]
[LogTable]
public partial class SysLogDiff : EntityTenant
public partial class SysLogDiff : EntityTenantId
{
/// <summary>
/// 操作前记录
@ -55,4 +55,23 @@ public partial class SysLogDiff : EntityTenant
/// </summary>
[SugarColumn(ColumnDescription = "耗时")]
public long? Elapsed { get; set; }
/// <summary>
/// 创建时间
/// </summary>
[SugarColumn(ColumnDescription = "创建时间", IsOnlyIgnoreUpdate = true)]
public virtual DateTime CreateTime { get; set; }
/// <summary>
/// 创建者Id
/// </summary>
[OwnerUser]
[SugarColumn(ColumnDescription = "创建者Id", IsOnlyIgnoreUpdate = true)]
public virtual long? CreateUserId { get; set; }
/// <summary>
/// 创建者姓名
/// </summary>
[SugarColumn(ColumnDescription = "创建者姓名", Length = 64, IsOnlyIgnoreUpdate = true)]
public virtual string? CreateUserName { get; set; }
}

21
Admin.NET/Admin.NET.Core/Entity/SysLogMsg.cs
View File

@ -12,7 +12,7 @@ namespace Admin.NET.Core;
[SugarTable(null, "系统消息日志表")]
[SysTable]
[LogTable]
public partial class SysLogMsg : EntityTenant
public partial class SysLogMsg : EntityTenantId
{
/// <summary>
/// 消息类型
@ -125,4 +125,23 @@ public partial class SysLogMsg : EntityTenant
[SugarColumn(ColumnDescription = "发送者设备", Length = 256)]
[MaxLength(256)]
public string? SendDevice { get; set; }
/// <summary>
/// 创建时间
/// </summary>
[SugarColumn(ColumnDescription = "创建时间", IsNullable = true, IsOnlyIgnoreUpdate = true)]
public virtual DateTime CreateTime { get; set; }
/// <summary>
/// 创建者Id
/// </summary>
[OwnerUser]
[SugarColumn(ColumnDescription = "创建者Id", IsOnlyIgnoreUpdate = true)]
public virtual long? CreateUserId { get; set; }
/// <summary>
/// 创建者姓名
/// </summary>
[SugarColumn(ColumnDescription = "创建者姓名", Length = 64, IsOnlyIgnoreUpdate = true)]
public virtual string? CreateUserName { get; set; }
}

22
Admin.NET/Admin.NET.Core/Entity/SysLogVis.cs
View File

@ -12,7 +12,7 @@ namespace Admin.NET.Core;
[SugarTable(null, "系统访问日志表")]
[SysTable]
[LogTable]
public partial class SysLogVis : EntityTenant
public partial class SysLogVis : EntityTenantId
{
/// <summary>
/// 模块名称
@ -113,4 +113,24 @@ public partial class SysLogVis : EntityTenant
[SugarColumn(ColumnDescription = "真实姓名", Length = 32)]
[MaxLength(32)]
public string? RealName { get; set; }
/// <summary>
/// 创建时间
/// </summary>
[SugarColumn(ColumnDescription = "创建时间", IsOnlyIgnoreUpdate = true)]
public virtual DateTime CreateTime { get; set; }
/// <summary>
/// 创建者Id
/// </summary>
[OwnerUser]
[SugarColumn(ColumnDescription = "创建者Id", IsOnlyIgnoreUpdate = true)]
public virtual long? CreateUserId { get; set; }
/// <summary>
/// 创建者姓名
/// </summary>
[SugarColumn(ColumnDescription = "创建者姓名", Length = 64, IsOnlyIgnoreUpdate = true)]
public virtual string? CreateUserName { get; set; }
}

26
Admin.NET/Admin.NET.Core/Hub/OnlineUserHub.cs
View File

@ -19,10 +19,14 @@ public class OnlineUserHub : Hub<IOnlineUserHub>
private readonly SysMessageService _sysMessageService;
private readonly IHubContext<OnlineUserHub, IOnlineUserHub> _onlineUserHubContext;
private readonly UserManager _userManager;
public OnlineUserHub(SysMessageService sysMessageService,
public OnlineUserHub(
UserManager userManager,
SysMessageService sysMessageService,
IHubContext<OnlineUserHub, IOnlineUserHub> onlineUserHubContext)
{
_userManager = userManager;
_sysMessageService = sysMessageService;
_onlineUserHubContext = onlineUserHubContext;
}
@ -34,28 +38,22 @@ public class OnlineUserHub : Hub<IOnlineUserHub>
public override async Task OnConnectedAsync()
{
var httpContext = Context.GetHttpContext();
var userId = (httpContext.User.FindFirst(ClaimConst.UserId)?.Value).ToLong();
var account = httpContext.User.FindFirst(ClaimConst.Account)?.Value;
if (userId < 0 || string.IsNullOrWhiteSpace(account)) return;
var realName = httpContext.User.FindFirst(ClaimConst.RealName)?.Value;
var tenantId = (httpContext.User.FindFirst(ClaimConst.TenantId)?.Value).ToLong();
var loginMode = (LoginModeEnum)(httpContext.User.FindFirst(ClaimConst.LoginMode)?.Value).ToInt();
loginMode = loginMode == 0 ? LoginModeEnum.PC : loginMode; // 默认PC登录模式
if (_userManager.UserId < 0 || string.IsNullOrWhiteSpace(_userManager.Account)) return;
var loginMode = _userManager.LoginMode == 0 ? LoginModeEnum.PC : LoginModeEnum.APP; // 默认PC登录模式
var device = httpContext.GetClientDeviceInfo().Trim();
var ipAddress = httpContext.Request.Headers["X-Forwarded-For"].FirstOrDefault();
var user = new OnlineUser
{
ConnectionId = Context.ConnectionId,
UserId = userId,
UserName = account,
RealName = realName,
UserId = _userManager.UserId,
UserName = _userManager.Account,
RealName = _userManager.RealName,
Time = DateTime.Now,
Ip = string.IsNullOrWhiteSpace(ipAddress) ? httpContext.GetRemoteIpAddressToIPv4(true) : ipAddress,
Browser = httpContext.GetClientBrowser(),
Os = httpContext.GetClientOs(),
TenantId = tenantId,
TenantId = _userManager.TenantId ?? 0,
LoginMode = loginMode,
Device = device
};
@ -66,7 +64,7 @@ public class OnlineUserHub : Hub<IOnlineUserHub>
await _onlineUserHubContext.Groups.AddToGroupAsync(Context.ConnectionId, groupName);
// 更新在线用户列表
var userList = SysCacheService.HashGetAll<OnlineUser>(CacheConst.KeyUserOnline).Values.Where(u => u.TenantId == tenantId).ToList();
var userList = SysCacheService.HashGetAll<OnlineUser>(CacheConst.KeyUserOnline).Values.Where(u => u.TenantId == _userManager.TenantId).ToList();
await _onlineUserHubContext.Clients.Groups(groupName).OnlineUserList(new OnlineUserList
{
RealName = user.RealName,

219
Admin.NET/Admin.NET.Core/Logging/DatabaseLoggingWriter.cs
View File

@ -13,13 +13,18 @@ namespace Admin.NET.Core;
/// </summary>
public class DatabaseLoggingWriter : IDatabaseLoggingWriter, IDisposable
{
private readonly IServiceScope _serviceScope;
private readonly IEventPublisher _eventPublisher;
private static readonly Lazy<UserManager> _userManager = new(() => App.GetService<UserManager>());
private static readonly Lazy<SqlSugarRepository<SysUser>> _sysUserRep = new(() => App.GetService<SqlSugarRepository<SysUser>>());
private readonly ILogger<DatabaseLoggingWriter> _logger;
private readonly SysConfigService _sysConfigService;
private readonly IEventPublisher _eventPublisher;
private readonly IServiceScope _serviceScope;
private readonly SqlSugarScopeProvider _db;
public DatabaseLoggingWriter(IServiceScopeFactory serviceScopeFactory, IEventPublisher eventPublisher, ILogger<DatabaseLoggingWriter> logger)
public DatabaseLoggingWriter(
IServiceScopeFactory serviceScopeFactory,
ILogger<DatabaseLoggingWriter> logger,
IEventPublisher eventPublisher)
{
_serviceScope = serviceScopeFactory.CreateScope();
_sysConfigService = _serviceScope.ServiceProvider.GetRequiredService<SysConfigService>();
@ -94,33 +99,24 @@ public class DatabaseLoggingWriter : IDatabaseLoggingWriter, IDisposable
return;
}
var loggingMonitor = JSON.Deserialize<dynamic>(jsonStr);
// 获取当前操作者
string account = "", realName = "", userId = "", tenantId = "";
if (loggingMonitor.authorizationClaims != null)
{
var authDict = (loggingMonitor.authorizationClaims as IEnumerable<dynamic>)!.ToDictionary(u => u.type.ToString(), u => u.value.ToString());
account = authDict?.GetValueOrDefault(ClaimConst.Account);
realName = authDict?.GetValueOrDefault(ClaimConst.RealName);
tenantId = authDict?.GetValueOrDefault(ClaimConst.TenantId);
userId = authDict?.GetValueOrDefault(ClaimConst.UserId);
}
var loggingMonitor = JSON.Deserialize<LoggingMonitorDto>(jsonStr);
var userInfo = GetUserInfo(loggingMonitor);
// 优先获取 X-Forwarded-For 头部信息携带的IP地址如nginx代理配置转发
var remoteIPv4 = ((JArray)loggingMonitor.requestHeaders).OfType<JObject>()
.FirstOrDefault(header => (string)header["key"] == "X-Forwarded-For")?["value"]?.ToString();
var reqHeaders = loggingMonitor.RequestHeaders.ToDictionary(u => u.Key, u => u.Value);
var remoteIPv4 = reqHeaders.GetValueOrDefault("X-Forwarded-For")?.ToString();
// 获取IP地理位置
if (string.IsNullOrEmpty(remoteIPv4))
remoteIPv4 = loggingMonitor.remoteIPv4;
if (string.IsNullOrEmpty(remoteIPv4)) remoteIPv4 = loggingMonitor.RemoteIPv4;
(string ipLocation, double? longitude, double? latitude) = CommonHelper.GetIpAddress(remoteIPv4);
// 获取设备信息
var browser = "";
var os = "";
if (loggingMonitor.userAgent != null)
var browser = "";
if (loggingMonitor.UserAgent != null)
{
var client = Parser.GetDefault().Parse(loggingMonitor.userAgent.ToString());
var client = Parser.GetDefault().Parse(loggingMonitor.UserAgent);
browser = $"{client.UA.Family} {client.UA.Major}.{client.UA.Minor} / {client.Device.Family}";
os = $"{client.OS.Family} {client.OS.Major} {client.OS.Minor}";
}
@ -128,120 +124,119 @@ public class DatabaseLoggingWriter : IDatabaseLoggingWriter, IDisposable
// 捕捉异常,否则会由于 unhandled exception 导致程序崩溃
try
{
// 记录异常日志-发送邮件
if (logMsg.Exception != null || loggingMonitor.exception != null)
var logEntity = new SysLogOp
{
await _db.Insertable(new SysLogEx
{
ControllerName = loggingMonitor.controllerName,
ActionName = loggingMonitor.actionTypeName,
DisplayTitle = loggingMonitor.displayTitle,
Status = loggingMonitor.returnInformation?.httpStatusCode,
RemoteIp = remoteIPv4,
Location = ipLocation,
Longitude = longitude,
Latitude = latitude,
Browser = browser, // loggingMonitor.userAgent,
Os = os, // loggingMonitor.osDescription + " " + loggingMonitor.osArchitecture,
Elapsed = loggingMonitor.timeOperationElapsedMilliseconds,
LogDateTime = logMsg.LogDateTime,
Account = account,
RealName = realName,
HttpMethod = loggingMonitor.httpMethod,
RequestUrl = loggingMonitor.requestUrl,
RequestParam = (loggingMonitor.parameters == null || loggingMonitor.parameters.Count == 0) ? null : JSON.Serialize(loggingMonitor.parameters[0].value),
ReturnResult = loggingMonitor.returnInformation == null ? null : JSON.Serialize(loggingMonitor.returnInformation),
EventId = logMsg.EventId.Id,
ThreadId = logMsg.ThreadId,
TraceId = logMsg.TraceId,
Exception = JSON.Serialize(loggingMonitor.exception),
Message = logMsg.Message,
CreateUserId = string.IsNullOrWhiteSpace(userId) ? 0 : long.Parse(userId),
TenantId = string.IsNullOrWhiteSpace(tenantId) ? 0 : long.Parse(tenantId),
LogLevel = logMsg.LogLevel
}).ExecuteCommandAsync();
ControllerName = loggingMonitor.DisplayName,
ActionName = loggingMonitor.ActionTypeName,
DisplayTitle = loggingMonitor.DisplayTitle,
Status = loggingMonitor.ReturnInformation?.HttpStatusCode?.ToString(),
RemoteIp = remoteIPv4,
Location = ipLocation,
Longitude = longitude,
Latitude = latitude,
Browser = browser,
Os = os,
Elapsed = loggingMonitor.TimeOperationElapsedMilliseconds,
Message = logMsg.Message,
HttpMethod = loggingMonitor.HttpMethod,
RequestUrl = loggingMonitor.RequestUrl,
RequestParam = loggingMonitor.Parameters is { Count: > 0 } ? JSON.Serialize(loggingMonitor.Parameters[0].Value) : null,
ReturnResult = loggingMonitor.ReturnInformation?.Value != null ? JSON.Serialize(loggingMonitor.ReturnInformation?.Value) : null,
Exception = loggingMonitor.Exception == null ? JSON.Serialize(logMsg.Exception) : JSON.Serialize(loggingMonitor.Exception),
LogDateTime = logMsg.LogDateTime,
EventId = logMsg.EventId.Id,
ThreadId = logMsg.ThreadId,
TraceId = logMsg.TraceId,
Account = userInfo.Account,
RealName = userInfo.RealName,
CreateUserId = userInfo.UserId,
CreateUserName = userInfo.RealName,
TenantId = userInfo.TenantId,
LogLevel = logMsg.LogLevel,
};
// 记录异常日志-发送邮件
if (logMsg.Exception != null || loggingMonitor.Exception != null)
{
await _db.Insertable(logEntity.Adapt<SysLogEx>()).ExecuteCommandAsync();
// 将异常日志发送到邮件
await _eventPublisher.PublishAsync(CommonConst.SendErrorMail, logMsg.Exception ?? loggingMonitor.exception);
await _eventPublisher.PublishAsync(CommonConst.SendErrorMail, logMsg.Exception ?? loggingMonitor.Exception);
return;
}
// 记录访问日志-登录退出
if (loggingMonitor.actionName == "login" || loggingMonitor.actionName == "loginPhone" || loggingMonitor.actionName == "logout")
if (loggingMonitor.ActionName == "login" || loggingMonitor.ActionName == "loginPhone" || loggingMonitor.ActionName == "logout")
{
if (loggingMonitor.actionName != "logout")
{
dynamic para = Clay.Parse((loggingMonitor.parameters == null) ? null : JSON.Serialize(loggingMonitor.parameters[0].value));
if (loggingMonitor.actionName == "login")
account = para.account;
else if (loggingMonitor.actionName == "loginPhone")
account = para.phone;
}
await _db.Insertable(new SysLogVis
{
ControllerName = loggingMonitor.displayName,
ActionName = loggingMonitor.actionTypeName,
DisplayTitle = loggingMonitor.displayTitle,
Status = loggingMonitor.returnInformation?.httpStatusCode,
RemoteIp = remoteIPv4,
Location = ipLocation,
Longitude = longitude,
Latitude = latitude,
Browser = browser, // loggingMonitor.userAgent,
Os = os, // loggingMonitor.osDescription + " " + loggingMonitor.osArchitecture,
Elapsed = loggingMonitor.timeOperationElapsedMilliseconds,
LogDateTime = logMsg.LogDateTime,
Account = account,
RealName = realName,
CreateUserId = string.IsNullOrWhiteSpace(userId) ? 0 : long.Parse(userId),
TenantId = string.IsNullOrWhiteSpace(tenantId) ? 0 : long.Parse(tenantId),
LogLevel = logMsg.LogLevel
}).ExecuteCommandAsync();
await _db.Insertable(logEntity.Adapt<SysLogVis>()).ExecuteCommandAsync();
return;
}
// 记录操作日志
if (!await _sysConfigService.GetConfigValueByCode<bool>(ConfigConst.SysOpLog)) return;
await _db.Insertable(new SysLogOp
{
ControllerName = loggingMonitor.controllerName,
ActionName = loggingMonitor.actionTypeName,
DisplayTitle = loggingMonitor.displayTitle,
Status = loggingMonitor.returnInformation?.httpStatusCode,
RemoteIp = remoteIPv4,
Location = ipLocation,
Longitude = longitude,
Latitude = latitude,
Browser = browser, // loggingMonitor.userAgent,
Os = os, // loggingMonitor.osDescription + " " + loggingMonitor.osArchitecture,
Elapsed = loggingMonitor.timeOperationElapsedMilliseconds,
LogDateTime = logMsg.LogDateTime,
Account = account,
RealName = realName,
HttpMethod = loggingMonitor.httpMethod,
RequestUrl = loggingMonitor.requestUrl,
RequestParam = (loggingMonitor.parameters == null || loggingMonitor.parameters.Count == 0) ? null : JSON.Serialize(loggingMonitor.parameters[0].value),
ReturnResult = loggingMonitor.returnInformation == null ? null : JSON.Serialize(loggingMonitor.returnInformation),
EventId = logMsg.EventId.Id,
ThreadId = logMsg.ThreadId,
TraceId = logMsg.TraceId,
Exception = loggingMonitor.exception == null ? null : JSON.Serialize(loggingMonitor.exception),
Message = logMsg.Message,
CreateUserId = string.IsNullOrWhiteSpace(userId) ? 0 : long.Parse(userId),
TenantId = string.IsNullOrWhiteSpace(tenantId) ? 0 : long.Parse(tenantId),
LogLevel = logMsg.LogLevel
}).ExecuteCommandAsync();
await _db.Insertable(logEntity.Adapt<SysLogOp>()).ExecuteCommandAsync();
await Task.Delay(50); // 延迟 0.05 秒写入数据库,有效减少高频写入数据库导致死锁问题
}
catch (Exception ex)
{
_logger.LogError(ex, "操作日志入库");
// 将异常日志发送到邮件
await _eventPublisher.PublishAsync(CommonConst.SendErrorMail, ex);
}
}
/// <summary>
/// 从日志消息中获取用户信息
/// </summary>
/// <param name="loggingMonitor"></param>
/// <returns></returns>
private LoggingUserInfo GetUserInfo(LoggingMonitorDto loggingMonitor)
{
LoggingUserInfo result = new();
if (loggingMonitor.AuthorizationClaims != null)
{
result.UserId = long.TryParse(loggingMonitor.AuthorizationClaims
.ToDictionary(u => u.Type, u => u.Value)
.GetValueOrDefault(ClaimConst.UserId) ?? ""
, out var temp) ? temp : null;
var userSession = _userManager.Value.GetSession(result.UserId);
result.TenantId = long.TryParse(userSession?.TenantId?.ToString() ?? "", out temp) ? temp : null;
result.RealName = userSession?.RealName;
result.Account = userSession?.Account;
}
// 退出登陆时没有session尝试从数据库中获取
if (string.IsNullOrWhiteSpace(result.Account) && result.UserId != null)
{
var user = _sysUserRep.Value.GetById(result.UserId);
result.Account = user?.TenantId?.ToString();
result.RealName = user?.RealName;
result.Account = user?.Account;
}
// 用户登陆时没有userId需要根据入参获取
if (loggingMonitor.ActionName == "login" && loggingMonitor.Parameters is { Count: > 0 })
{
try
{
result.Account = (loggingMonitor.Parameters[0].Value as JObject)!.GetValue("account")?.ToString();
if (!string.IsNullOrEmpty(result.Account))
{
var user = _sysUserRep.Value.AsQueryable().First(u => u.Account == result.Account);
result.TenantId = user?.TenantId;
result.RealName = user?.RealName;
result.UserId = user?.Id;
}
}
catch
{
// ignored
}
}
return result;
}
/// <summary>
/// 释放服务作用域
/// </summary>

19
Admin.NET/Admin.NET.Core/Logging/ElasticSearchLoggingWriter.cs
View File

@ -15,12 +15,15 @@ public class ElasticSearchLoggingWriter : IDatabaseLoggingWriter, IDisposable
{
private readonly IServiceScope _serviceScope;
private readonly ElasticsearchClient _esClient;
private readonly SysCacheService _sysCacheService;
private readonly SysConfigService _sysConfigService;
private static readonly Lazy<UserManager> _userManager = new(() => App.GetService<UserManager>());
public ElasticSearchLoggingWriter(IServiceScopeFactory scopeFactory)
{
_serviceScope = scopeFactory.CreateScope();
_esClient = _serviceScope.ServiceProvider.GetRequiredService<ElasticsearchClient>();
_sysCacheService = _serviceScope.ServiceProvider.GetRequiredService<SysCacheService>();
_sysConfigService = _serviceScope.ServiceProvider.GetRequiredService<SysConfigService>();
}
@ -43,17 +46,17 @@ public class ElasticSearchLoggingWriter : IDatabaseLoggingWriter, IDisposable
string account = "", realName = "", userId = "", tenantId = "";
if (loggingMonitor.authorizationClaims != null)
{
UserSessionDao userSession = null;
foreach (var item in loggingMonitor.authorizationClaims)
{
if (item.type == ClaimConst.Account)
account = item.value;
if (item.type == ClaimConst.RealName)
realName = item.value;
if (item.type == ClaimConst.TenantId)
tenantId = item.value;
if (item.type == ClaimConst.UserId)
userId = item.value;
if (item.type != ClaimConst.UserId) continue;
userId = item.value;
userSession = _userManager.Value?.GetSession(userId);
break;
}
tenantId = userSession?.TenantId.ToString();
realName = userSession?.RealName;
account = userSession?.Account;
}
string remoteIPv4 = loggingMonitor.remoteIPv4;

309
Admin.NET/Admin.NET.Core/Logging/LoggingMonitorDto.cs Normal file
View File

@ -0,0 +1,309 @@
// Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
//
// 本项目主要遵循 MIT 许可证和 Apache 许可证(版本 2.0)进行分发和使用。许可证位于源代码树根目录中的 LICENSE-MIT 和 LICENSE-APACHE 文件。
//
// 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动!任何基于本项目二次开发而产生的一切法律纠纷和责任,我们不承担任何责任!
namespace Admin.NET.Core;
/// <summary>
/// 日志监控信息输出参数
/// </summary>
public class LoggingMonitorDto
{
/// <summary>
/// 标题
/// </summary>
public string Title { get; set; }
/// <summary>
/// 控制器名称
/// </summary>
public string ControllerName { get; set; }
/// <summary>
/// 控制器类型名称
/// </summary>
public string ControllerTypeName { get; set; }
/// <summary>
/// 操作方法名称
/// </summary>
public string ActionName { get; set; }
/// <summary>
/// 操作方法类型名称
/// </summary>
public string ActionTypeName { get; set; }
/// <summary>
/// 区域名称Area
/// </summary>
public string AreaName { get; set; }
/// <summary>
/// 显示名称(全路径)
/// </summary>
public string DisplayName { get; set; }
/// <summary>
/// 显示标题
/// </summary>
public string DisplayTitle { get; set; }
/// <summary>
/// 本地IPv4地址
/// </summary>
public string LocalIPv4 { get; set; }
/// <summary>
/// 本地端口
/// </summary>
public int? LocalPort { get; set; }
/// <summary>
/// 远程IPv4地址
/// </summary>
public string RemoteIPv4 { get; set; }
/// <summary>
/// 远程端口
/// </summary>
public int? RemotePort { get; set; }
/// <summary>
/// HTTP请求方法如GET、POST
/// </summary>
public string HttpMethod { get; set; }
/// <summary>
/// 分布式追踪IDTraceId
/// </summary>
public string TraceId { get; set; }
/// <summary>
/// 线程ID
/// </summary>
public int? ThreadId { get; set; }
/// <summary>
/// 请求URL
/// </summary>
public string RequestUrl { get; set; }
/// <summary>
/// 协议版本如HTTP/1.1
/// </summary>
public string Protocol { get; set; }
/// <summary>
/// 引用页面URLReferer
/// </summary>
public string RefererUrl { get; set; }
/// <summary>
/// 用户代理User-Agent
/// </summary>
public string UserAgent { get; set; }
/// <summary>
/// 接受的语言Accept-Language
/// </summary>
public string AcceptLanguage { get; set; }
/// <summary>
/// 请求来源client、server等
/// </summary>
public string RequestFrom { get; set; }
/// <summary>
/// 请求头中的Cookies
/// </summary>
public string RequestHeaderCookies { get; set; }
/// <summary>
/// 操作耗时(毫秒)
/// </summary>
public long? TimeOperationElapsedMilliseconds { get; set; }
/// <summary>
/// 访问令牌AccessToken
/// </summary>
public string AccessToken { get; set; }
/// <summary>
/// 响应头中的Cookies
/// </summary>
public string ResponseHeaderCookies { get; set; }
/// <summary>
/// 操作系统描述
/// </summary>
public string OsDescription { get; set; }
/// <summary>
/// 操作系统架构如X64
/// </summary>
public string OsArchitecture { get; set; }
/// <summary>
/// 框架描述(如.NET 8.0.18
/// </summary>
public string FrameworkDescription { get; set; }
/// <summary>
/// 基础框架名称如Furion.Pure
/// </summary>
public string BasicFramework { get; set; }
/// <summary>
/// 基础框架版本
/// </summary>
public string BasicFrameworkVersion { get; set; }
/// <summary>
/// 入口程序集名称
/// </summary>
public string EntryAssemblyName { get; set; }
/// <summary>
/// 进程名称
/// </summary>
public string ProcessName { get; set; }
/// <summary>
/// 部署服务器如Kestrel
/// </summary>
public string DeployServer { get; set; }
/// <summary>
/// 启动监听地址
/// </summary>
public string StartUrls { get; set; }
/// <summary>
/// 环境如Development、Production
/// </summary>
public string Environment { get; set; }
/// <summary>
/// 授权声明集合
/// </summary>
public List<LoggingAuthorizationClaimsDto> AuthorizationClaims { get; set; }
/// <summary>
/// 请求头集合
/// </summary>
public List<KeyValuePair<string, object>> RequestHeaders { get; set; }
/// <summary>
/// 请求参数集合
/// </summary>
public List<LoggingParametersDto> Parameters { get; set; }
/// <summary>
/// 返回信息
/// </summary>
public LoggingReturnInformationDto ReturnInformation { get; set; }
/// <summary>
/// 异常信息
/// </summary>
public object Exception { get; set; }
/// <summary>
/// 验证信息
/// </summary>
public object Validation { get; set; }
}
public class LoggingAuthorizationClaimsDto
{
/// <summary>
/// 类型名
/// </summary>
public string Type { get; set; }
/// <summary>
/// 值类型
/// </summary>
public string ValueType { get; set; }
/// <summary>
/// 值
/// </summary>
public string Value { get; set; }
}
/// <summary>
/// 输入参数
/// </summary>
public class LoggingParametersDto
{
/// <summary>
/// 输入类型
/// </summary>
public string Name { get; set; }
/// <summary>
/// 输入类型
/// </summary>
public string Type { get; set; }
/// <summary>
/// 实际输入数据
/// </summary>
public object Value { get; set; }
}
/// <summary>
/// 返回信息详情
/// </summary>
public class LoggingReturnInformationDto
{
/// <summary>
/// 返回类型如X.Core.XResult<System.Object>
/// </summary>
public string Type { get; set; }
/// <summary>
/// HTTP状态码
/// </summary>
public int? HttpStatusCode { get; set; }
/// <summary>
/// 实际返回类型如Task<List<T>>
/// </summary>
public string ActType { get; set; }
/// <summary>
/// 实际返回数据
/// </summary>
public object Value { get; set; }
}
/// <summary>
/// 用户信息
/// </summary>
public class LoggingUserInfo
{
/// <summary>
/// 用户Id
/// </summary>
public long? UserId { get; set; }
/// <summary>
/// 账号
/// </summary>
public string Account { get; set; }
/// <summary>
/// 真实姓名
/// </summary>
public string RealName { get; set; }
/// <summary>
/// 租户Id
/// </summary>
public long? TenantId { get; set; }
}

35
Admin.NET/Admin.NET.Core/Service/Auth/SysAuthService.cs
View File

@ -233,17 +233,24 @@ public class SysAuthService : IDynamicApiController, ITransient
var accessToken = JWTEncryption.Encrypt(new Dictionary<string, object>
{
{ ClaimConst.UserId, user.Id },
{ ClaimConst.TenantId, user.TenantId },
{ ClaimConst.Account, user.Account },
{ ClaimConst.RealName, user.RealName },
{ ClaimConst.AccountType, user.AccountType },
{ ClaimConst.OrgId, user.OrgId },
{ ClaimConst.OrgName, user.SysOrg?.Name },
{ ClaimConst.OrgType, user.SysOrg?.Type },
{ ClaimConst.OrgLevel, user.SysOrg?.Level },
{ ClaimConst.TokenVersion, user.TokenVersion },
}, tokenExpire);
// 缓存用户Session
_userManager.SetSession(new()
{
UserId = user.Id,
TenantId = user.TenantId,
Account = user.Account,
RealName = user.RealName,
AccountType = user.AccountType,
OrgId = user.OrgId,
OrgName = user.SysOrg?.Name,
OrgType = user.SysOrg?.Type,
OrgLevel = user.SysOrg?.Level,
TokenVersion = user.TokenVersion,
}, TimeSpan.FromMinutes(tokenExpire));
// 生成刷新Token令牌
var refreshTokenExpire = await _sysConfigService.GetRefreshTokenExpire();
var refreshToken = JWTEncryption.GenerateRefreshToken(accessToken, refreshTokenExpire);
@ -281,10 +288,10 @@ public class SysAuthService : IDynamicApiController, ITransient
}
/// <summary>
/// 获取登录账号 🔖
/// 获取当前登陆用户信息 🔖
/// </summary>
/// <returns></returns>
[DisplayName("获取登录账号")]
[DisplayName("获取当前登陆用户信息")]
public virtual async Task<LoginUserOutput> GetUserInfo()
{
var user = await _sysUserRep.GetByIdAsync(_userManager.UserId) ?? throw Oops.Oh(ErrorCodeEnum.D1011).StatusCode(401);
@ -348,16 +355,18 @@ public class SysAuthService : IDynamicApiController, ITransient
{
var httpContext = _httpContextAccessor.HttpContext ?? throw Oops.Oh(ErrorCodeEnum.D1016);
var accessToken = httpContext.Request.Headers.Authorization.ToString();
if (string.IsNullOrWhiteSpace(accessToken) || string.IsNullOrWhiteSpace(_userManager.Account))
var userId = httpContext.User.FindFirst(ClaimConst.UserId)?.Value;
var version = httpContext.User.FindFirst(ClaimConst.TokenVersion)?.Value;
if (string.IsNullOrWhiteSpace(userId) || string.IsNullOrWhiteSpace(version) || string.IsNullOrWhiteSpace(_userManager.Account))
throw Oops.Oh(ErrorCodeEnum.D1011);
// 写入Token黑名单
var tokenExpire = await _sysConfigService.GetTokenExpire();
_sysCacheService.Set($"{CacheConst.KeyTokenBlacklist}:{accessToken}", _userManager.Account, TimeSpan.FromMinutes(tokenExpire));
_sysCacheService.Set($"{CacheConst.KeyTokenBlacklist}:{userId}:{version}", _userManager.Account, TimeSpan.FromMinutes(tokenExpire));
// 发布系统退出事件
await _eventPublisher.PublishAsync(UserEventTypeEnum.Logout, _userManager);
_userManager.RemoveSession(_userManager.UserId);
// 退出Swagger/设置无效Token响应头
_httpContextAccessor.HttpContext.SignoutToSwagger();

19
Admin.NET/Admin.NET.Core/Service/Cache/SysCacheService.cs
View File

@ -12,10 +12,13 @@ namespace Admin.NET.Core.Service;
[ApiDescriptionSettings(Order = 400, Description = "系统缓存")]
public class SysCacheService : IDynamicApiController, ISingleton
{
private readonly Lazy<UserManager> _userManager = new(() => App.GetService<UserManager>());
private static ICacheProvider _cacheProvider;
private readonly CacheOptions _cacheOptions;
public SysCacheService(ICacheProvider cacheProvider, IOptions<CacheOptions> cacheOptions)
public SysCacheService(
ICacheProvider cacheProvider,
IOptions<CacheOptions> cacheOptions)
{
_cacheProvider = cacheProvider;
_cacheOptions = cacheOptions.Value;
@ -428,9 +431,19 @@ public class SysCacheService : IDynamicApiController, ISingleton
[ApiDescriptionSettings(Name = "Clear"), HttpPost]
public void Clear()
{
_cacheProvider.Cache.Clear();
// 超管用户操作,清空所有缓存
if (_userManager.Value.SuperAdmin)
{
_cacheProvider.Cache.Clear();
Cache.Default.Clear();
return;
}
Cache.Default.Clear();
// 排除非本租户、以及超管的Session缓存
var sysUserRep = App.GetService<SqlSugarRepository<SysUser>>();
var userIds = sysUserRep.AsQueryable().Where(u => u.AccountType != AccountTypeEnum.SuperAdmin).Select(u => u.Id).ToList().Select(u => u.ToString()).ToList();
var keys = _cacheProvider.Cache.Keys.Where(key => !key.StartsWith(CacheConst.KeyUserSession) || userIds.Any(key.EndsWith)).ToList();
keys.ForEach(key => _cacheProvider.Cache.Remove(key));
}
/// <summary>

66
Admin.NET/Admin.NET.Core/Service/OpenAccess/SysOpenAccessService.cs
View File

@ -17,15 +17,22 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
{
private readonly SqlSugarRepository<SysOpenAccess> _sysOpenAccessRep;
private readonly SysCacheService _sysCacheService;
private readonly SysAuthService _sysAuthService;
private readonly UserManager _userManager;
/// <summary>
/// 开放接口身份服务构造函数
/// </summary>
public SysOpenAccessService(SqlSugarRepository<SysOpenAccess> sysOpenAccessRep,
SysCacheService sysCacheService)
public SysOpenAccessService(
SqlSugarRepository<SysOpenAccess> sysOpenAccessRep,
SysCacheService sysCacheService,
SysAuthService sysAuthService,
UserManager userManager)
{
_sysOpenAccessRep = sysOpenAccessRep;
_sysCacheService = sysCacheService;
_sysAuthService = sysAuthService;
_userManager = userManager;
}
/// <summary>
@ -33,14 +40,14 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[DisplayName("生成签名")]
[DisplayName("生成签名")]
public GenerateSignatureOutput GenerateSignature(GenerateSignatureInput input)
{
// 时间戳
if (input.Timestamp == 0)
input.Timestamp = new DateTimeOffset(DateTime.Now).ToUnixTimeMilliseconds();
// 密钥
{
// 时间戳
if (input.Timestamp == 0)
input.Timestamp = new DateTimeOffset(DateTime.Now).ToUnixTimeMilliseconds();
// 密钥
var appSecretByte = Encoding.UTF8.GetBytes(input.AccessSecret);
// 拼接参数
@ -49,10 +56,10 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
using HMAC hmac = new HMACSHA256();
hmac.Key = appSecretByte;
var sign = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(parameter)));
return new GenerateSignatureOutput
{
Timestamp = input.Timestamp,
Signature = sign
return new GenerateSignatureOutput
{
Timestamp = input.Timestamp,
Signature = sign
};
}
@ -61,7 +68,7 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[DisplayName("获取开放接口身份分页列表")]
[DisplayName("获取开放接口身份分页列表")]
public async Task<SqlSugarPagedList<OpenAccessOutput>> Page(PageOpenAccessInput input)
{
return await _sysOpenAccessRep.AsQueryable()
@ -83,7 +90,7 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
/// <param name="input"></param>
/// <returns></returns>
[ApiDescriptionSettings(Name = "Add"), HttpPost]
[DisplayName("增加开放接口身份")]
[DisplayName("增加开放接口身份")]
public async Task AddOpenAccess(AddOpenAccessInput input)
{
if (await _sysOpenAccessRep.AsQueryable().AnyAsync(u => u.AccessKey == input.AccessKey && u.Id != input.Id))
@ -99,7 +106,7 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
/// <param name="input"></param>
/// <returns></returns>
[ApiDescriptionSettings(Name = "Update"), HttpPost]
[DisplayName("更新开放接口身份")]
[DisplayName("更新开放接口身份")]
public async Task UpdateOpenAccess(UpdateOpenAccessInput input)
{
if (await _sysOpenAccessRep.AsQueryable().AnyAsync(u => u.AccessKey == input.AccessKey && u.Id != input.Id))
@ -117,7 +124,7 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
/// <param name="input"></param>
/// <returns></returns>
[ApiDescriptionSettings(Name = "Delete"), HttpPost]
[DisplayName("删除开放接口身份")]
[DisplayName("删除开放接口身份")]
public async Task DeleteOpenAccess(DeleteOpenAccessInput input)
{
var openAccess = await _sysOpenAccessRep.GetByIdAsync(input.Id);
@ -131,7 +138,7 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
/// 创建密钥 🔖
/// </summary>
/// <returns></returns>
[DisplayName("创建密钥")]
[DisplayName("创建密钥")]
public async Task<string> CreateSecret()
{
return await Task.FromResult(Convert.ToBase64String(Guid.NewGuid().ToByteArray())[..^2]);
@ -142,7 +149,7 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
/// </summary>
/// <param name="accessKey"></param>
/// <returns></returns>
[NonAction]
[NonAction]
public async Task<SysOpenAccess> GetByKey(string accessKey)
{
return await Task.FromResult(
@ -156,10 +163,21 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
);
}
/// <summary>
/// 根据 Key 获取对象
/// </summary>
/// <param name="openAccess"></param>
/// <returns></returns>
[NonAction]
private async Task TryCreateSession(SysOpenAccess openAccess)
{
if (!_userManager.ExistSession(openAccess.Id)) await _sysAuthService.CreateToken(openAccess.BindUser);
}
/// <summary>
/// Signature 身份验证事件默认实现
/// </summary>
[NonAction]
[NonAction]
public static SignatureAuthenticationEvent GetSignatureAuthenticationEventImpl()
{
return new SignatureAuthenticationEvent
@ -188,15 +206,9 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
identity.AddClaims(
[
new Claim(ClaimConst.UserId, openAccess.BindUserId + ""),
new Claim(ClaimConst.TenantId, openAccess.BindTenantId + ""),
new Claim(ClaimConst.Account, openAccess.BindUser.Account + ""),
new Claim(ClaimConst.RealName, openAccess.BindUser.RealName),
new Claim(ClaimConst.AccountType, ((int)openAccess.BindUser.AccountType).ToString()),
new Claim(ClaimConst.OrgId, openAccess.BindUser.OrgId + ""),
new Claim(ClaimConst.OrgName, openAccess.BindUser.SysOrg?.Name + ""),
new Claim(ClaimConst.OrgType, openAccess.BindUser.SysOrg?.Type + ""),
new Claim(ClaimConst.TokenVersion, openAccess.BindUser.TokenVersion + ""),
]);
openAccessService.TryCreateSession(openAccess).GetAwaiter().GetResult();
return Task.CompletedTask;
}
};

2
Admin.NET/Admin.NET.Core/Service/Serial/SysSerialService.cs
View File

@ -172,7 +172,7 @@ public class SysSerialService : IDynamicApiController, ITransient
public async Task<string> NextSeqNo(SerialTypeEnum? type, bool isGlobal = false, bool isTran = true)
{
// 获取租户Id, 以及分布式锁缓存键名
long tenantId = isGlobal ? SqlSugarConst.DefaultTenantId : _userManager.TenantId;
long? tenantId = isGlobal ? SqlSugarConst.DefaultTenantId : _userManager.TenantId;
string cacheKey = $"{CacheConst.KeySerialLock}:{tenantId}:{type}";
// 获取分布式锁

5
Admin.NET/Admin.NET.Core/Service/Tenant/SysTenantService.cs
View File

@ -27,6 +27,7 @@ public class SysTenantService : IDynamicApiController, ITransient
private readonly SysConfigService _sysConfigService;
private readonly SysCacheService _sysCacheService;
private readonly IEventPublisher _eventPublisher;
private readonly UserManager _userManager;
public SysTenantService(SqlSugarRepository<SysTenant> sysTenantRep,
SqlSugarRepository<SysOrg> sysOrgRep,
@ -560,7 +561,7 @@ public class SysTenantService : IDynamicApiController, ITransient
//// 还可以根据域名判断租户
//var host = App.HttpContext.Request.Host.ToString();
if (tenantId < 1) tenantId = long.Parse(App.User?.FindFirst(ClaimConst.TenantId)?.Value ?? "0");
if (tenantId < 1) tenantId = _userManager?.TenantId ?? 0;
if (tenantId < 1) tenantId = SqlSugarConst.DefaultTenantId;
var tenant = await _sysTenantRep.GetFirstAsync(u => u.Id == tenantId) ?? throw Oops.Oh($"租户信息不存在:{tenantId}");
@ -613,7 +614,7 @@ public class SysTenantService : IDynamicApiController, ITransient
[DisplayName("保存系统信息")]
public async Task SaveSysInfo(SysInfoInput input)
{
input.TenantId = input.TenantId < 1 ? long.Parse(App.User?.FindFirst(ClaimConst.TenantId)?.Value ?? "0") : input.TenantId;
input.TenantId = input.TenantId < 1 ? (_userManager.TenantId ?? 0) : input.TenantId;
var tenant = await _sysTenantRep.GetFirstAsync(u => u.Id == input.TenantId) ?? throw Oops.Oh(ErrorCodeEnum.D1002);
tenant = input.Adapt<SysTenant>();
tenant.Id = input.TenantId;

102
Admin.NET/Admin.NET.Core/Service/User/UserManager.cs
View File

@ -9,92 +9,120 @@ namespace Admin.NET.Core;
/// <summary>
/// 当前登录用户信息
/// </summary>
public class UserManager : IScoped
public class UserManager (
SysCacheService sysCacheService,
IHttpContextAccessor httpContextAccessor) : UserSessionDao, IScoped
{
private readonly IHttpContextAccessor _httpContextAccessor;
/// <summary>
/// 用户Session
/// </summary>
[System.Text.Json.Serialization.JsonIgnore]
[Newtonsoft.Json.JsonIgnore]
private UserSessionDao Session { get; set; }
/// <summary>
/// 应用Id
/// 代理对象
/// </summary>
public long AppId => (_httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.AppId)?.Value).ToLong();
/// <summary>
/// 租户Id
/// </summary>
public long TenantId => (_httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.TenantId)?.Value).ToLong();
[System.Text.Json.Serialization.JsonIgnore]
[Newtonsoft.Json.JsonIgnore]
protected UserSessionDao session => Session ??= sysCacheService.Get<UserSessionDao>(CacheConst.KeyUserSession + UserId);
/// <summary>
/// 用户Id
/// </summary>
public long UserId => (_httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.UserId)?.Value).ToLong();
[System.Text.Json.Serialization.JsonIgnore]
[Newtonsoft.Json.JsonIgnore]
public override long UserId => (httpContextAccessor.HttpContext?.User.FindFirst(nameof(UserId))?.Value).ToLong();
/// <summary>
/// 应用Id
/// </summary>
public override long? AppId => session?.AppId;
/// <summary>
/// 租户Id
/// </summary>
public override long? TenantId => session?.TenantId;
/// <summary>
/// 用户账号
/// </summary>
public string Account => _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.Account)?.Value;
public override string Account => session?.Account;
/// <summary>
/// 真实姓名
/// </summary>
public string RealName => _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.RealName)?.Value;
public override string RealName => session?.RealName;
/// <summary>
/// 昵称
/// </summary>
public string NickName => _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.NickName)?.Value;
public override string NickName => session?.NickName;
/// <summary>
/// 账号类型
/// </summary>
public AccountTypeEnum? AccountType => int.TryParse(_httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.AccountType)?.Value, out var val) ? (AccountTypeEnum?)val : null;
/// <summary>
/// 是否超级管理员
/// </summary>
public bool SuperAdmin => _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.AccountType)?.Value == ((int)AccountTypeEnum.SuperAdmin).ToString();
/// <summary>
/// 是否系统管理员
/// </summary>
public bool SysAdmin => _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.AccountType)?.Value == ((int)AccountTypeEnum.SysAdmin).ToString();
public override AccountTypeEnum? AccountType => session?.AccountType;
/// <summary>
/// 组织机构Id
/// </summary>
public long OrgId => (_httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.OrgId)?.Value).ToLong();
public override long OrgId => session?.OrgId ?? 0;
/// <summary>
/// 组织机构名称
/// </summary>
public string OrgName => (_httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.OrgName)?.Value);
public override string OrgName => session?.OrgName;
/// <summary>
/// 组织机构Id
/// </summary>
public string OrgType => (_httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.OrgType)?.Value);
public override string OrgType => session?.OrgType;
/// <summary>
/// 组织机构级别
/// </summary>
public int OrgLevel => (_httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.OrgLevel)?.Value).ToInt();
public override int? OrgLevel => session?.OrgLevel;
/// <summary>
/// 登录模式
/// </summary>
public int LoginMode => (_httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.LoginMode)?.Value).ToInt();
/// <summary>
/// Token版本号
/// </summary>
public int TokenVersion => (_httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.TokenVersion)?.Value).ToInt();
public override LoginModeEnum? LoginMode => session?.LoginMode;
/// <summary>
/// 微信OpenId
/// </summary>
public string OpenId => _httpContextAccessor.HttpContext?.User.FindFirst(ClaimConst.OpenId)?.Value;
public override string OpenId => session?.OpenId;
public UserManager(IHttpContextAccessor httpContextAccessor)
/// <summary>
/// 用户Session是否存在
/// </summary>
public bool ExistSession(long userId)
{
_httpContextAccessor = httpContextAccessor;
return sysCacheService.ExistKey(CacheConst.KeyUserSession + userId);
}
/// <summary>
/// 设置用户Session
/// </summary>
public void SetSession(UserSessionDao userSession, TimeSpan expire)
{
sysCacheService.Set(CacheConst.KeyUserSession + userSession.UserId, userSession, expire);
}
/// <summary>
/// 清除指定用户Session
/// </summary>
public void RemoveSession(long userId)
{
sysCacheService.Remove(CacheConst.KeyUserSession + userId);
}
/// <summary>
/// 获取指定用户Session
/// </summary>
public UserSessionDao GetSession(dynamic userId)
{
return sysCacheService.Get<UserSessionDao>(CacheConst.KeyUserSession + userId);
}
}

97
Admin.NET/Admin.NET.Core/Service/User/UserSessionDao.cs Normal file
View File

@ -0,0 +1,97 @@
// Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
//
// 本项目主要遵循 MIT 许可证和 Apache 许可证(版本 2.0)进行分发和使用。许可证位于源代码树根目录中的 LICENSE-MIT 和 LICENSE-APACHE 文件。
//
// 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动!任何基于本项目二次开发而产生的一切法律纠纷和责任,我们不承担任何责任!
namespace Admin.NET.Core;
/// <summary>
/// 用户会话信息
/// </summary>
public partial class UserSessionDao
{
/// <summary>
/// 用户Id
/// </summary>
public virtual long UserId { get; set; }
/// <summary>
/// 平台应用Id
/// </summary>
public virtual long? AppId { get; set; }
/// <summary>
/// 租户Id
/// </summary>
public virtual long? TenantId { get; set; }
/// <summary>
/// 账号
/// </summary>
public virtual string Account { get; set; }
/// <summary>
/// 真实姓名
/// </summary>
public virtual string RealName { get; set; }
/// <summary>
/// 昵称
/// </summary>
public virtual string NickName { get; set; }
/// <summary>
/// 账户类型
/// </summary>
public virtual AccountTypeEnum? AccountType { get; set; }
/// <summary>
/// 是否超级管理员
/// </summary>
[System.Text.Json.Serialization.JsonIgnore]
[Newtonsoft.Json.JsonIgnore]
public bool SuperAdmin => AccountType == AccountTypeEnum.SuperAdmin;
/// <summary>
/// 是否系统管理员
/// </summary>
[System.Text.Json.Serialization.JsonIgnore]
[Newtonsoft.Json.JsonIgnore]
public bool SysAdmin => AccountType == AccountTypeEnum.SysAdmin;
/// <summary>
/// 组织机构Id
/// </summary>
public virtual long OrgId { get; set; }
/// <summary>
/// 组织机构名称
/// </summary>
public virtual string OrgName { get; set; }
/// <summary>
/// 组织机构类型
/// </summary>
public virtual string OrgType { get; set; }
/// <summary>
/// 组织机构级别
/// </summary>
public virtual int? OrgLevel { get; set; }
/// <summary>
/// 登录模式
/// </summary>
public virtual LoginModeEnum? LoginMode { get; set; }
/// <summary>
/// 微信OpenId
/// </summary>
public virtual string OpenId { get; set; }
/// <summary>
/// token版本
/// </summary>
public virtual long TokenVersion { get; set; }
}

26
Admin.NET/Admin.NET.Core/Service/Wechat/SysWechatService.cs
View File

@ -13,16 +13,20 @@ namespace Admin.NET.Core.Service;
public class SysWechatService : IDynamicApiController, ITransient
{
private readonly SqlSugarRepository<SysOAuthUser> _sysOAuthUserRep;
private readonly SysConfigService _sysConfigService;
private readonly WechatApiClientFactory _wechatApiClientFactory;
private readonly WechatApiClient _wechatApiClient;
private readonly SysAuthService _sysAuthService;
public SysWechatService(SqlSugarRepository<SysOAuthUser> sysOAuthUserRep,
public SysWechatService(
UserManager userManager,
SysAuthService sysAuthService,
SysConfigService sysConfigService,
SqlSugarRepository<SysOAuthUser> sysOAuthUserRep,
WechatApiClientFactory wechatApiClientFactory)
{
_sysAuthService = sysAuthService;
_sysOAuthUserRep = sysOAuthUserRep;
_sysConfigService = sysConfigService;
_wechatApiClientFactory = wechatApiClientFactory;
_wechatApiClient = wechatApiClientFactory.CreateWechatClient();
}
@ -92,20 +96,14 @@ public class SysWechatService : IDynamicApiController, ITransient
[DisplayName("微信用户登录OpenId")]
public async Task<dynamic> OpenIdLogin(WechatUserLogin input)
{
var wxUser = await _sysOAuthUserRep.GetFirstAsync(p => p.OpenId == input.OpenId);
if (wxUser == null)
throw Oops.Oh("微信用户登录OpenId错误");
var tokenExpire = await _sysConfigService.GetTokenExpire();
var wxUser = await _sysOAuthUserRep.AsQueryable().Includes(u => u.SysUser, u => u.SysOrg).FirstAsync(p => p.OpenId == input.OpenId);
if (wxUser == null) throw Oops.Oh("微信用户登录OpenId错误");
if (wxUser.SysUser == null) throw Oops.Oh("微信用户未关联");
var tokenInfo = await _sysAuthService.CreateToken(wxUser.SysUser);
return new
{
wxUser.Avatar,
accessToken = JWTEncryption.Encrypt(new Dictionary<string, object>
{
{ ClaimConst.UserId, wxUser.Id },
{ ClaimConst.NickName, wxUser.NickName },
{ ClaimConst.LoginMode, LoginModeEnum.APP },
}, tokenExpire)
accessToken = tokenInfo.AccessToken
};
}

24
Admin.NET/Admin.NET.Core/Service/Wechat/SysWxOpenService.cs
View File

@ -13,21 +13,22 @@ namespace Admin.NET.Core.Service;
public class SysWxOpenService : IDynamicApiController, ITransient
{
private readonly SqlSugarRepository<SysOAuthUser> _sysOAuthUserRep;
private readonly SysConfigService _sysConfigService;
private readonly SysAuthService _sysAuthService;
private readonly WechatApiClient _wechatApiClient;
private readonly SysFileService _sysFileService;
private readonly WechatApiClientFactory _wechatApiClientFactory;
public SysWxOpenService(SqlSugarRepository<SysOAuthUser> sysOAuthUserRep,
SysConfigService sysConfigService,
public SysWxOpenService(
SqlSugarRepository<SysOAuthUser> sysOAuthUserRep,
SysAuthService sysAuthService,
WechatApiClientFactory wechatApiClientFactory,
SysFileService sysFileService)
{
_sysOAuthUserRep = sysOAuthUserRep;
_sysConfigService = sysConfigService;
_wechatApiClient = wechatApiClientFactory.CreateWxOpenClient();
_sysAuthService = sysAuthService;
_sysFileService = sysFileService;
_wechatApiClientFactory = wechatApiClientFactory;
_wechatApiClient = wechatApiClientFactory.CreateWxOpenClient();
}
/// <summary>
@ -119,17 +120,14 @@ public class SysWxOpenService : IDynamicApiController, ITransient
[DisplayName("微信小程序登录OpenId")]
public async Task<dynamic> WxOpenIdLogin(WxOpenIdLoginInput input)
{
var wxUser = await _sysOAuthUserRep.GetFirstAsync(p => p.OpenId == input.OpenId) ?? throw Oops.Oh("微信小程序登录失败");
var tokenExpire = await _sysConfigService.GetTokenExpire();
var wxUser = await _sysOAuthUserRep.AsQueryable().Includes(u => u.SysUser, u => u.SysOrg).FirstAsync(p => p.OpenId == input.OpenId) ?? throw Oops.Oh("微信小程序登录失败");
if (wxUser.SysUser == null) throw Oops.Oh("微信未关联该用户");
var tokenInfo = await _sysAuthService.CreateToken(wxUser.SysUser, LoginModeEnum.APP);
return new
{
wxUser.Avatar,
accessToken = JWTEncryption.Encrypt(new Dictionary<string, object>
{
{ ClaimConst.UserId, wxUser.Id },
{ ClaimConst.RealName, wxUser.NickName },
{ ClaimConst.LoginMode, LoginModeEnum.APP },
}, tokenExpire)
accessToken = tokenInfo.AccessToken
};
}

4
Admin.NET/Admin.NET.Core/SqlSugar/SqlSugarRepository.cs
View File

@ -12,6 +12,8 @@ namespace Admin.NET.Core;
/// <typeparam name="T"></typeparam>
public class SqlSugarRepository<T> : SimpleClient<T>, ISqlSugarRepository<T> where T : class, new()
{
private static readonly Lazy<UserManager> _userManager = new(() => App.GetService<UserManager>());
public SqlSugarRepository()
{
var iTenant = SqlSugarSetup.ITenant;
@ -37,7 +39,7 @@ public class SqlSugarRepository<T> : SimpleClient<T>, ISqlSugarRepository<T> whe
return;
// 若未贴任何表特性或当前未登录或是默认租户Id则返回默认库连接
var tenantId = App.User?.FindFirst(ClaimConst.TenantId)?.Value;
var tenantId = _userManager.Value.TenantId?.ToString();
if (string.IsNullOrWhiteSpace(tenantId) || tenantId == SqlSugarConst.MainConfigId) return;
// 根据租户Id切换库连接, 为空则返回默认库连接

16
Admin.NET/Admin.NET.Core/SqlSugar/SqlSugarSetup.cs
View File

@ -212,6 +212,7 @@ public static class SqlSugarSetup
};
// 数据审计
Lazy<UserManager> userManager = new(() => App.GetService<UserManager>());
dbProvider.Aop.DataExecuting = (oldValue, entityInfo) =>
{
// 新增/插入 操作
@ -249,7 +250,7 @@ public static class SqlSugarSetup
if (entityInfo.PropertyName == nameof(EntityTenantId.TenantId))
{
if (entityValue.TenantId == null || entityValue.TenantId == 0)
entityInfo.SetValue(App.User.FindFirst(ClaimConst.TenantId)?.Value ?? SqlSugarConst.DefaultTenantId.ToString());
entityInfo.SetValue(userManager.Value.TenantId?.ToString() ?? SqlSugarConst.DefaultTenantId.ToString());
}
else if (entityInfo.PropertyName == nameof(EntityBase.CreateUserId))
{
@ -259,17 +260,17 @@ public static class SqlSugarSetup
else if (entityInfo.PropertyName == nameof(EntityBase.CreateUserName))
{
if (string.IsNullOrWhiteSpace(entityValue.CreateUserName))
entityInfo.SetValue(App.User.FindFirst(ClaimConst.RealName)?.Value);
entityInfo.SetValue(userManager.Value.RealName);
}
else if (entityInfo.PropertyName == nameof(EntityBaseData.CreateOrgId))
{
if (entityValue.CreateOrgId == null || entityValue.CreateOrgId == 0)
entityInfo.SetValue(App.User.FindFirst(ClaimConst.OrgId)?.Value);
entityInfo.SetValue(userManager.Value.OrgId);
}
else if (entityInfo.PropertyName == nameof(EntityBaseData.CreateOrgName))
{
if (string.IsNullOrWhiteSpace(entityValue.CreateOrgName))
entityInfo.SetValue(App.User.FindFirst(ClaimConst.OrgName)?.Value);
entityInfo.SetValue(userManager.Value.OrgName);
}
}
// 编辑/更新 操作
@ -280,7 +281,7 @@ public static class SqlSugarSetup
else if (entityInfo.PropertyName == nameof(EntityBase.UpdateUserId))
entityInfo.SetValue(App.User?.FindFirst(ClaimConst.UserId)?.Value);
else if (entityInfo.PropertyName == nameof(EntityBase.UpdateUserName))
entityInfo.SetValue(App.User?.FindFirst(ClaimConst.RealName)?.Value);
entityInfo.SetValue(userManager.Value.RealName);
}
// 设置绑定简称字段数据
@ -294,14 +295,13 @@ public static class SqlSugarSetup
};
// 超管不受任何过滤器限制
if (App.User?.FindFirst(ClaimConst.AccountType)?.Value == ((int)AccountTypeEnum.SuperAdmin).ToString())
return;
if (userManager.Value.AccountType == AccountTypeEnum.SuperAdmin)return;
// 配置假删除过滤器
dbProvider.QueryFilter.AddTableFilter<IDeletedFilter>(u => u.IsDelete == false);
// 配置租户过滤器
var tenantId = App.User?.FindFirst(ClaimConst.TenantId)?.Value;
var tenantId = userManager.Value.TenantId?.ToString();
if (!string.IsNullOrWhiteSpace(tenantId))
dbProvider.QueryFilter.AddTableFilter<ITenantIdFilter>(u => u.TenantId == long.Parse(tenantId));

18
Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs
View File

@ -23,6 +23,7 @@ namespace Admin.NET.Web.Core
public class JwtHandler : AppAuthorizeHandler
{
private readonly IServiceProvider _serviceProvider;
private static readonly Lazy<UserManager> _userManager = new(() => App.GetService<UserManager>());
public JwtHandler(IServiceProvider serviceProvider)
{
@ -50,6 +51,7 @@ namespace Admin.NET.Web.Core
else
{
context.Fail(new AuthorizationFailureReason(this, "登录已过期,请重新登录。"));
context.StatusCode(StatusCodes.Status401Unauthorized);
var currentHttpContext = context.GetCurrentHttpContext();
// 跳过签名 SignatureAuthentication 引发的失败
if (currentHttpContext.Items.ContainsKey(SignatureAuthenticationDefaults.AuthenticateFailMsgKey)) return;
@ -58,16 +60,17 @@ namespace Admin.NET.Web.Core
}
// 验证Token黑名单
var accessToken = httpContext.Request.Headers.Authorization.ToString();
if (sysCacheService.ExistKey($"{CacheConst.KeyTokenBlacklist}:{accessToken}"))
var userId = httpContext.User.FindFirst(ClaimConst.UserId)?.Value;
var version = httpContext.User.FindFirst(ClaimConst.TokenVersion)?.Value;
if (sysCacheService.ExistKey($"{CacheConst.KeyTokenBlacklist}:{userId}:{version}") || !sysCacheService.ExistKey($"{CacheConst.KeyUserSession}{userId}"))
{
context.Fail(new AuthorizationFailureReason(this, "令牌已失效,请重新登录。"));
context.StatusCode(StatusCodes.Status401Unauthorized);
context.GetCurrentHttpContext().SignoutToSwagger();
return;
}
// 验证Token版本号
var userId = httpContext.User.FindFirst(ClaimConst.UserId)?.Value;
var tokenVersion1 = httpContext.User.FindFirst(ClaimConst.TokenVersion)?.Value;
var tokenVersion2 = sysCacheService.Get<string>($"{CacheConst.KeyUserToken}{userId}");
if (string.IsNullOrWhiteSpace(tokenVersion2) && !string.IsNullOrWhiteSpace(userId))
@ -77,6 +80,7 @@ namespace Admin.NET.Web.Core
if (user == null || user.Status == StatusEnum.Disable)
{
context.Fail(new AuthorizationFailureReason(this, "账号不存在或已被停用,请联系管理员。"));
context.StatusCode(StatusCodes.Status401Unauthorized);
context.GetCurrentHttpContext().SignoutToSwagger();
return;
}
@ -86,18 +90,20 @@ namespace Admin.NET.Web.Core
if (string.IsNullOrWhiteSpace(tokenVersion1) || tokenVersion1 != tokenVersion2)
{
context.Fail(new AuthorizationFailureReason(this, "令牌已失效,请重新登录。"));
context.StatusCode(StatusCodes.Status401Unauthorized);
context.GetCurrentHttpContext().SignoutToSwagger();
return;
}
// 验证租户有效期
var tenantId = httpContext.User.FindFirst(ClaimConst.TenantId)?.Value;
var tenantId = _userManager.Value.TenantId?.ToString();
if (!string.IsNullOrWhiteSpace(tenantId))
{
var tenant = sysCacheService.Get<List<SysTenant>>(CacheConst.KeyTenant)?.FirstOrDefault(u => u.Id == long.Parse(tenantId));
if (tenant != null && tenant.ExpirationTime != null && DateTime.Now > tenant.ExpirationTime)
{
context.Fail(new AuthorizationFailureReason(this, "租户已过期,请联系管理员。"));
context.StatusCode(StatusCodes.Status401Unauthorized);
context.GetCurrentHttpContext().SignoutToSwagger();
}
}
@ -117,7 +123,7 @@ namespace Admin.NET.Web.Core
private static async Task<bool> CheckAuthorizeAsync(DefaultHttpContext httpContext)
{
// 排除超管权限判断
if (App.User.FindFirst(ClaimConst.AccountType)?.Value == ((int)AccountTypeEnum.SuperAdmin).ToString())
if (_userManager.Value?.AccountType == AccountTypeEnum.SuperAdmin)
return true;
var serviceScope = httpContext.RequestServices.CreateScope();
@ -126,7 +132,7 @@ namespace Admin.NET.Web.Core
var path = httpContext.Request.Path.ToString();
// 移动端接口权限判断
if (App.User.FindFirst(ClaimConst.LoginMode)?.Value == ((int)LoginModeEnum.APP).ToString())
if (_userManager.Value?.LoginMode == LoginModeEnum.APP)
{
var appApiList = serviceScope.ServiceProvider.GetRequiredService<SysCommonService>().GetAppApiList();
return appApiList.Exists(u => path.EndsWith(u, StringComparison.CurrentCultureIgnoreCase));

44
Admin.NET/Admin.NET.Web.Entry/wwwroot/template/service_Service.cs.vm
View File

@ -37,7 +37,7 @@ namespace @Model.NameSpace;
public partial class @(@Model.ClassName)Service : IDynamicApiController, ITransient
{
private readonly SysCacheService _sysCacheService;//默认CacheService
private readonly UserManager _userManager;//默认用户管理
private readonly UserSession _userManager;//默认用户管理
private readonly IEventPublisher _eventPublisher;//默认事件总线
private readonly SqlSugarRepository<@(@Model.ClassName)> _@(@Model.LowerClassName)Rep;
@foreach (var column in Model.TableField){
@ -51,7 +51,7 @@ public partial class @(@Model.ClassName)Service : IDynamicApiController, ITransi
public @(@Model.ClassName)Service(SqlSugarRepository<@(@Model.ClassName)> @(@Model.LowerClassName)Rep
,SysCacheService sysCacheService
, UserManager userManager
, UserSession userManager
,IEventPublisher eventPublisher
@foreach (var column in Model.TableField){
if(@column.EffectType == "ForeignKey"||@column.EffectType == "ApiTreeSelector"){
@ -59,8 +59,8 @@ public partial class @(@Model.ClassName)Service : IDynamicApiController, ITransi
@:,SqlSugarRepository<@(@column.FkEntityName)> @(@column.LowerFkEntityName)Rep
}
}
}
}
)
{
_@(@Model.LowerClassName)Rep = @(@Model.LowerClassName)Rep;
@ -81,12 +81,12 @@ public partial class @(@Model.ClassName)Service : IDynamicApiController, ITransi
/// 分页查询@(@Model.BusName)
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
/// <returns></returns>
[ApiDescriptionSettings(Name = "Page", Description = "分页查询", Order = 1000), HttpPost]
[DisplayName("分页查询@(@Model.BusName)")]
public async Task<SqlSugarPagedList<Page@(@Model.ClassName)Output>> Page(Page@(@Model.ClassName)Input input)
{
return await @(@Model.ClassName)Mid.GetQuery(_@(@Model.LowerClassName)Rep, input).Select<Page@(@Model.ClassName)Output>().OrderBuilder(input).ToPagedListAsync(input.Page, input.PageSize);
return await @(@Model.ClassName)Mid.GetQuery(_@(@Model.LowerClassName)Rep, input).Select<Page@(@Model.ClassName)Output>().OrderBuilder(input).ToPagedListAsync(input.Page, input.PageSize);
}
/// <summary>
@ -171,8 +171,8 @@ if (@column.ColumnKey == "True"){
@foreach (var column in Model.TableField){
if (@column.ColumnKey == "True"){
@:return await _@(@Model.LowerClassName)Rep.GetFirstAsync(u => u.@(@column.PropertyName) == input.@(@column.PropertyName));
}
}
}
}
}
/// <summary>
@ -252,7 +252,7 @@ if (@column.ColumnKey == "True"){
@foreach (var column in Model.TableField){
if (@column.IsGroupBy == "Y"){
@: .GroupByIF(input.GroupBy.Contains("@column.PropertyName"), u => u.@column.PropertyName)
}
}
}
@: //.Having(it => SqlFunc.AggregateCount(it.Id) > 0)//聚合函数过滤
}
@ -289,7 +289,7 @@ if (@column.ColumnKey == "True"){
[DisplayName("根据输入参数获取@(@Model.BusName)统计")]
public async Task<List<@(@Model.ClassName)Output>> GetAggregTotalSum(Page@(@Model.ClassName)Input input)
{
var query = @(@Model.ClassName)Mid.GetQuery(_@(@Model.LowerClassName)Rep, input);
// 输入参数示例
//input = new Page@(@Model.ClassName)Input
@ -346,7 +346,7 @@ if (@column.ColumnKey == "True"){
@:{
@: query = query.Having(string.Join(" AND ", aggregator.HavingConditions));
@:}
@:// 执行查询
@:return await query.Select<@(@Model.ClassName)Output>(string.Join(", ", selectParts)).ToListAsync();
}
@ -357,9 +357,9 @@ if (@column.ColumnKey == "True"){
}
*/
@foreach (var column in Model.TableField){
if(@column.EffectType == "ForeignKey" && (@column.WhetherAddUpdate == "Y" || column.QueryWhether == "Y")){
if(@column.EffectType == "ForeignKey" && (@column.WhetherAddUpdate == "Y" || column.QueryWhether == "Y")){
@:/// <summary>
@:/// 获取@(@column.ColumnComment)列表
@:/// </summary>
@ -380,7 +380,7 @@ if(@column.EffectType == "ForeignKey" && (@column.WhetherAddUpdate == "Y" || col
}
@foreach (var column in Model.TableField){
if(@column.EffectType == "Upload"){
if(@column.EffectType == "Upload"){
@:/// <summary>
@:/// 上传@(@column.ColumnComment)
@:/// </summary>
@ -391,13 +391,13 @@ if(@column.EffectType == "Upload"){
@:public async Task<SysFile> Upload@(@column.PropertyName)([Required] IFormFile file)
@:{
@:var service = App.GetRequiredService<SysFileService>();
@:return await service.UploadFile(new UploadFileInput { File = file}, "upload/@(@column.PropertyName)" );
@:}
@:return await service.UploadFile(new UploadFileInput { File = file}, "upload/@(@column.PropertyName)" );
@:}
}
}
@foreach (var column in Model.TableField){
if(@column.EffectType == "ApiTreeSelector" && !definedObjects.ContainsKey("@(@column.FkEntityName)Tree")){
@:/// <summary>
@:/// 获取@(@Model.BusName)树列表
@ -411,19 +411,19 @@ if(@column.EffectType == "ApiTreeSelector" && !definedObjects.ContainsKey("@(@co
@:// 有筛选条件时返回list列表防止构造不出树
@:var isSearch=false;
foreach (var columnTree in Model.TableField){
if (@columnTree.QueryWhether == "Y"){
if (@columnTree.NetType?.TrimEnd('?') == "string"){
@:if(!string.IsNullOrWhiteSpace(input.@columnTree.PropertyName))isSearch=true;
}else if((@columnTree.NetType?.TrimEnd('?') == "int" || @columnTree.NetType?.TrimEnd('?') == "long")){
@:if(input.@columnTree.PropertyName>0)isSearch=true;
}else if((@columnTree.NetType?.TrimEnd('?') == "DateTime" && @columnTree.QueryType == "~")){
@:if(input.@(@columnTree.PropertyName)Range != null)isSearch=true;
} }}
@:if (isSearch||!string.IsNullOrEmpty(input.SearchKey?.Trim()))
@:{
@ -471,4 +471,4 @@ string LowerFirstLetter(string text)
{
return text.ToString()[..1].ToLower() + text[1..]; // 首字母小写
}
}
}

16
Admin.NET/Plugins/Admin.NET.Plugin.ReZero/Service/SuperApiAop.cs
View File

@ -18,6 +18,7 @@ namespace Admin.NET.Plugin.ReZero.Service;
/// </summary>
public class SuperApiAop : DefaultSuperApiAop
{
private static readonly Lazy<UserManager> _userManager = new(() => App.GetService<UserManager>());
public override async Task OnExecutingAsync(InterfaceContext aopContext)
{
////if (aopContext.InterfaceType == InterfaceType.DynamicApi)
@ -59,13 +60,6 @@ public class SuperApiAop : DefaultSuperApiAop
var api = aopContext.InterfaceInfo;
var context = aopContext.HttpContext;
var accessToken = context.Request.Headers.Authorization.ToString();
if (!string.IsNullOrWhiteSpace(accessToken) && accessToken.StartsWith("Bearer "))
accessToken = accessToken.Replace("Bearer ", "");
var claims = JWTEncryption.ReadJwtToken(accessToken)?.Claims;
var userName = claims?.FirstOrDefault(u => u.Type == ClaimConst.Account)?.Value;
var realName = claims?.FirstOrDefault(u => u.Type == ClaimConst.RealName)?.Value;
var paths = api.Url.Split('/');
var actionName = paths[paths.Length - 1];
@ -86,13 +80,13 @@ public class SuperApiAop : DefaultSuperApiAop
{
new
{
type = ClaimConst.Account,
value = userName
type = _userManager.Value?.Account,
value = _userManager.Value?.RealName
},
new
{
type = ClaimConst.RealName,
value = realName
type = _userManager.Value?.RealName,
value = _userManager.Value?.RealName
},
},
exception = aopContext.Exception == null ? null : JSON.Serialize(aopContext.Exception)