重置密码，清理密码错误限制

2024-11-04 16:31:47 +08:00 · 2024-11-04 16:31:47 +08:00 · 205619071d
parent 239f87320b
commit 205619071d
4 changed files with 47 additions and 4 deletions
--- a/IRaCIS.Core.Application/Helper/CacheHelper.cs
+++ b/IRaCIS.Core.Application/Helper/CacheHelper.cs
@ -27,6 +27,13 @@ public static class CacheKeys
    //超时没请求接口自动退出
    public static string UserAutoLoginOut(Guid userId) => $"UserAutoLoginOut:{userId}";

+    /// <summary>
+    /// 用户登录错误 限制登录
+    /// </summary>
+    /// <param name="userName"></param>
+    /// <returns></returns>
+    public static string UserLoginError(string userName) => $"login-failures:{userName}";
+
    /// <summary>
    /// 跳过阅片
    /// </summary>
--- a/IRaCIS.Core.Application/IRaCIS.Core.Application.xml
+++ b/IRaCIS.Core.Application/IRaCIS.Core.Application.xml
@ -13033,6 +13033,13 @@
            主要为了 处理项目结束 锁库，不允许操作
            </summary>
        </member>
+        <member name="M:IRaCIS.Core.Application.Helper.CacheKeys.UserLoginError(System.String)">
+            <summary>
+            用户登录错误 限制登录
+            </summary>
+            <param name="userName"></param>
+            <returns></returns>
+        </member>
        <member name="M:IRaCIS.Core.Application.Helper.CacheKeys.SkipReadingCacheKey(System.Guid)">
            <summary>
            跳过阅片
--- a/IRaCIS.Core.Application/Service/Management/UserService.cs
+++ b/IRaCIS.Core.Application/Service/Management/UserService.cs
@ -287,6 +287,10 @@ namespace IRaCIS.Core.Application.Service
                IsFirstAdd = true
            });

+            var userName = _userRepository.Where(t => t.Id == userId).Select(t => t.UserName).FirstOrDefault();
+
+            await _fusionCache.RemoveAsync(CacheKeys.UserLoginError(userName));
+
            await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId = userId, OptType = UserOptType.ResetPassword }, true);

            return ResponseOutput.Ok();
@ -692,12 +696,11 @@ namespace IRaCIS.Core.Application.Service
        public async Task<IResponseOutput<LoginReturnDTO>> Login(string userName, string password)
        {

-            const string cachePrefix = "login-failures:";
            int maxFailures = _verifyConfig.CurrentValue.LoginMaxFailCount;
            int lockoutMinutes = _verifyConfig.CurrentValue.LoginFailLockMinutes;

            // 生成缓存键
-            string cacheKey = $"{cachePrefix}{userName}";
+            string cacheKey = CacheKeys.UserLoginError(userName);

            // 从缓存中获取登录失败次数
            int? failCount = await _fusionCache.GetOrDefaultAsync<int?>(cacheKey);
--- a/IRaCIS.Core.Application/Service/MinimalApiService/OAuthService.cs
+++ b/IRaCIS.Core.Application/Service/MinimalApiService/OAuthService.cs
@ -65,6 +65,13 @@ namespace IRaCIS.Core.Application.Service
        [RoutePattern(HttpMethod = "Get")]
        public async Task<IResponseOutput> TestPKCECallBackAsync(string code)
        {
+            var httpClient = new HttpClient();
+            var disco = await httpClient.GetDiscoveryDocumentAsync("https://logto.test.extimaging.com/oidc");
+            if (disco.IsError)
+            {
+                Console.WriteLine(disco.Error);
+            }
+
            string codeVerifier = "QMSBBxTQrpKPscvNNfmaQfmyk5Wd33GZS1FKSo3Shv8w-59vW1iTSlgAznYojkYv2DgR4XhTqySsBnDPq0";
            // OIDC 配置，替换为您的 OIDC 提供者的配置
            string tokenEndpoint = "https://logto.test.extimaging.com/oidc/token"; // 替换为实际 token 端点
@ -101,6 +108,14 @@ namespace IRaCIS.Core.Application.Service
                var userResponse = await client.ExecuteAsync(userInfoRequest);

                Console.WriteLine(userResponse.Content);
+
+                //结束回话
+
+                var endUrl = new RequestUrl(disco.EndSessionEndpoint).CreateEndSessionUrl(tokenResponse.IdToken, "http://localhost:6100/OAuth/TestPCKEOrgin");
+
+                var _endHttpClient = new HttpClient();
+
+                var dd = await _endHttpClient.GetAsync(endUrl);
            }

            return ResponseOutput.Ok();
@ -175,7 +190,7 @@ namespace IRaCIS.Core.Application.Service
            // 发出 token 请求
            var response = await _httpClient.PostAsync(disco.TokenEndpoint, content);

-            
+
            if (response.IsSuccessStatusCode)
            {
                var responseBody = await response.Content.ReadAsStringAsync();
@ -188,10 +203,18 @@ namespace IRaCIS.Core.Application.Service

                Console.WriteLine(formattedJson);

-                var tokenResponse=JsonConvert.DeserializeObject<LogtoTokenResponse>(responseBody);
+                var tokenResponse = JsonConvert.DeserializeObject<LogtoTokenResponse>(responseBody);

                Console.WriteLine(tokenResponse);

+                //结束回话
+
+                var endUrl = new RequestUrl(disco.EndSessionEndpoint).CreateEndSessionUrl(tokenResponse.IdToken, "http://localhost:6100/OAuth/TestPCKEOrgin");
+
+                var _endHttpClient = new HttpClient();
+
+                var dd = await _endHttpClient.GetAsync(endUrl);
+
            }
            else
            {
@ -310,6 +333,7 @@ namespace IRaCIS.Core.Application.Service
            string clientId = "tl42rjin7obxtwqqgvkti";
            string clientSecret = "Pu9ig4rz44aLlxb0yKUaOiZaFk6Bcu51";
            string redirectUri = "http://localhost:6100/OAuth/TestOidcClientCallBack"; // 替换为前端的回调 URL
+            string postLogoutRedirectUri = "http://localhost:6100/OAuth/TestPCKEOrgin"; //退出回话重定向到前端的url
            // 准备请求内容
            var tokenRequest = new AuthorizationCodeTokenRequest
            {
@ -368,6 +392,8 @@ namespace IRaCIS.Core.Application.Service
                        Console.WriteLine("RefreshToken:" + refreshResponse.RefreshToken);
                    }

+
+
                }
            }