using Furion.SpecificationDocument;
using Microsoft.Extensions.Caching.Memory;
namespace Admin.NET.Core.Service;
///
/// 系统登录授权服务
///
[ApiDescriptionSettings(Order = 200)]
public class SysAuthService : IDynamicApiController, ITransient
{
private readonly SqlSugarRepository _sysUserRep;
private readonly RefreshTokenOptions _refreshTokenOptions;
private readonly IHttpContextAccessor _httpContextAccessor;
private readonly IUserManager _userManager;
private readonly IEventPublisher _eventPublisher;
private readonly SysUserService _sysUserService;
private readonly SysUserRoleService _sysUserRoleService;
private readonly SysMenuService _sysMenuService;
private readonly ISysOnlineUserService _sysOnlineUserService;
private readonly IMemoryCache _cache;
public SysAuthService(SqlSugarRepository sysUserRep,
IOptions refreshTokenOptions,
IHttpContextAccessor httpContextAccessor,
IUserManager userManager,
IEventPublisher eventPublisher,
SysUserService sysUserService,
SysUserRoleService sysUserRoleService,
SysMenuService sysMenuService,
ISysOnlineUserService sysOnlineUserService,
IMemoryCache cache)
{
_sysUserRep = sysUserRep;
_httpContextAccessor = httpContextAccessor;
_userManager = userManager;
_refreshTokenOptions = refreshTokenOptions.Value;
_eventPublisher = eventPublisher;
_sysUserService = sysUserService;
_sysUserRoleService = sysUserRoleService;
_sysMenuService = sysMenuService;
_sysOnlineUserService = sysOnlineUserService;
_cache = cache;
}
///
/// 登录系统
///
///
/// 用户名/密码:vben/123456
///
[HttpPost("/login")]
[AllowAnonymous]
[SuppressMonitor]
public async Task Login([Required] LoginInput input)
{
var encryptPasswod = MD5Encryption.Encrypt(input.Password); // 加密密码
// 判断用户名密码
var user = await _sysUserRep.AsQueryable().Includes(u => u.SysOrg)
.FirstAsync(u => u.UserName.Equals(input.UserName) && u.Password.Equals(encryptPasswod));
_ = user ?? throw Oops.Oh(ErrorCodeEnum.D1000);
// 验证账号是否被冻结
if (user.Status == StatusEnum.Disable)
throw Oops.Oh(ErrorCodeEnum.D1017);
// 单用户登录(强制下线其他地方登录账号)
await _sysOnlineUserService.SignleLogin(user.Id);
// 生成Token令牌
var accessToken = JWTEncryption.Encrypt(new Dictionary
{
{ClaimConst.UserId, user.Id},
{ClaimConst.TenantId, user.TenantId},
{ClaimConst.UserName, user.UserName},
{ClaimConst.RealName, user.RealName},
{ClaimConst.SuperAdmin, user.UserType},
{ClaimConst.OrgId, user.OrgId},
{ClaimConst.OrgName, user.SysOrg?.Name},
{ClaimConst.OrgLevel, user.SysOrg?.Level},
});
// 生成刷新Token令牌
var refreshToken = JWTEncryption.GenerateRefreshToken(accessToken, _refreshTokenOptions.ExpiredTime);
// 设置响应报文头
_httpContextAccessor.HttpContext.Response.Headers["access-token"] = accessToken;
_httpContextAccessor.HttpContext.Response.Headers["x-access-token"] = refreshToken;
// Swagger Knife4UI-AfterScript登录脚本
// ke.global.setAllHeader('Authorization', 'Bearer ' + ke.response.headers['access-token']);
return new LoginOutput
{
UserId = user.Id,
Token = accessToken,
RefreshToken = refreshToken
};
}
///
/// 获取用户信息
///
///
[HttpGet("/getUserInfo")]
public async Task GetUserInfo()
{
var user = _userManager.User;
if (user == null)
throw Oops.Oh(ErrorCodeEnum.D1011);
// 角色信息
var roles = await _sysUserRoleService.GetUserRoleList(user.Id);
// 数据范围
var dataScopes = await _sysUserService.GetUserOrgIdList();
// 按钮权限
var buttons = await _sysMenuService.GetPermCodeList();
// 登录日志
var client = Parser.GetDefault().Parse(_httpContextAccessor.HttpContext.Request.Headers["User-Agent"]);
await _eventPublisher.PublishAsync("Add:VisLog", new SysLogVis
{
Success = YesNoEnum.Y,
Message = "登录",
Ip = _httpContextAccessor.HttpContext.GetRemoteIpAddressToIPv4(),
Browser = client.UA.Family + client.UA.Major,
Os = client.OS.Family + client.OS.Major,
VisType = LoginTypeEnum.Login,
UserName = user.UserName,
RealName = user.RealName
});
return new LoginUserInfoOutput
{
UserId = user.Id,
Username = user.UserName,
RealName = user.RealName,
Avatar = user.Avatar,
Desc = user.Introduction,
OrgId = user.OrgId,
OrgName = user.SysOrg != null ? user.SysOrg.Name : "",
OrgLevel = user.SysOrg != null ? user.SysOrg.Level : "",
Roles = roles.Select(u => new LoginRole
{
RoleName = u.Name,
Value = u.Code
}).ToList(),
Buttons = buttons
};
}
///
/// 获取刷新Token
///
///
///
[HttpPost("/getRefreshToken")]
public string RefreshToken([Required] string accessToken)
{
return JWTEncryption.GenerateRefreshToken(accessToken, _refreshTokenOptions.ExpiredTime);
}
///
/// 退出系统
///
[HttpGet("/logout")]
public async void Logout()
{
var user = _userManager.User;
if (user == null)
throw Oops.Oh(ErrorCodeEnum.D1011);
// 设置响应报文头
_httpContextAccessor.HttpContext.Response.Headers["access-token"] = "invalid_token";
_httpContextAccessor.HttpContext.Response.Headers["x-access-token"] = "invalid_token";
// 退出日志
await _eventPublisher.PublishAsync("Add:VisLog", new SysLogVis
{
Success = YesNoEnum.Y,
Message = "退出",
VisType = LoginTypeEnum.Logout,
Ip = _httpContextAccessor.HttpContext.GetRemoteIpAddressToIPv4(),
UserName = user.UserName,
RealName = user.RealName
});
}
///
/// Swagger登录检查
///
///
[HttpPost("/Swagger/CheckUrl"), NonUnify]
[AllowAnonymous]
public int SwaggerCheckUrl()
{
return _cache.Get(CacheConst.SwaggerLogin) ? 200 : 401;
}
///
/// Swagger登录
///
///
///
[HttpPost("/Swagger/SubmitUrl"), NonUnify]
[AllowAnonymous]
public int SwaggerSubmitUrl([FromForm] SpecificationAuth auth)
{
var userName = App.GetConfig("SpecificationDocumentSettings:LoginInfo:UserName");
var password = App.GetConfig("SpecificationDocumentSettings:LoginInfo:Password");
if (auth.UserName == userName && auth.Password == password)
{
_cache.Set(CacheConst.SwaggerLogin, true);
return 200;
}
return 401;
}
}