XCKJ
/
irc-netcore-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

增加MFA认证
continuous-integration/drone/push Build is passing Details

IRC_NewDev
hang 2024-06-11 17:58:06 +08:00
parent eb0f13c075
commit 25efb34f1f
9 changed files with 401 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

269
IRaCIS.Core.API/Controllers/ExtraController.cs
View File

@ -30,6 +30,8 @@ using IRaCIS.Core.Application.Helper;
using Microsoft.Extensions.Options; using Microsoft.Extensions.Options;
using IRaCIS.Core.Application.Contracts; using IRaCIS.Core.Application.Contracts;
using LoginReturnDTO = IRaCIS.Application.Contracts.LoginReturnDTO; using LoginReturnDTO = IRaCIS.Application.Contracts.LoginReturnDTO;
using DocumentFormat.OpenXml.Spreadsheet;
using AutoMapper.QueryableExtensions;
namespace IRaCIS.Api.Controllers namespace IRaCIS.Api.Controllers
{ {
@ -54,7 +56,7 @@ namespace IRaCIS.Api.Controllers
/// <returns></returns> /// <returns></returns>
[HttpGet, Route("doctor/getDetail/{doctorId:guid}")] [HttpGet, Route("doctor/getDetail/{doctorId:guid}")]
public async Task<IResponseOutput<DoctorDetailDTO>> GetDoctorDetail([FromServices] IAttachmentService attachmentService, [FromServices] IDoctorService _doctorService, public async Task<IResponseOutput<DoctorDetailDTO>> GetDoctorDetail([FromServices] IAttachmentService attachmentService, [FromServices] IDoctorService _doctorService,
[FromServices] IEducationService _educationService, [FromServices] ITrialExperienceService _trialExperienceService, [FromServices] IEducationService _educationService, [FromServices] ITrialExperienceService _trialExperienceService,
[FromServices] IResearchPublicationService _researchPublicationService, [FromServices] IVacationService _vacationService, Guid doctorId) [FromServices] IResearchPublicationService _researchPublicationService, [FromServices] IVacationService _vacationService, Guid doctorId)
@ -66,7 +68,7 @@ namespace IRaCIS.Api.Controllers
var doctorDetail = new DoctorDetailDTO var doctorDetail = new DoctorDetailDTO
{ {
AuditView =await _doctorService.GetAuditState(doctorId), AuditView = await _doctorService.GetAuditState(doctorId),
BasicInfoView = await _doctorService.GetBasicInfo(doctorId), BasicInfoView = await _doctorService.GetBasicInfo(doctorId),
EmploymentView = await _doctorService.GetEmploymentInfo(doctorId), EmploymentView = await _doctorService.GetEmploymentInfo(doctorId),
AttachmentList = await attachmentService.GetAttachments(doctorId), AttachmentList = await attachmentService.GetAttachments(doctorId),
@ -77,7 +79,7 @@ namespace IRaCIS.Api.Controllers
TrialExperienceView = await _trialExperienceService.GetTrialExperience(doctorId), TrialExperienceView = await _trialExperienceService.GetTrialExperience(doctorId),
ResearchPublicationView = await _researchPublicationService.GetResearchPublication(doctorId), ResearchPublicationView = await _researchPublicationService.GetResearchPublication(doctorId),
SpecialtyView =await _doctorService.GetSpecialtyInfo(doctorId), SpecialtyView = await _doctorService.GetSpecialtyInfo(doctorId),
InHoliday = (await _vacationService.OnVacation(doctorId)).IsSuccess, InHoliday = (await _vacationService.OnVacation(doctorId)).IsSuccess,
IntoGroupInfo = _doctorService.GetDoctorIntoGroupInfo(doctorId), IntoGroupInfo = _doctorService.GetDoctorIntoGroupInfo(doctorId),
SowList = sowList, SowList = sowList,
@ -96,80 +98,30 @@ namespace IRaCIS.Api.Controllers
/// <summary> 系统用户登录接口[New] </summary> /// <summary> 系统用户登录接口[New] </summary>
[HttpPost, Route("user/login")] [HttpPost, Route("user/login")]
[AllowAnonymous] [AllowAnonymous]
public async Task<IResponseOutput<LoginReturnDTO>> Login(UserLoginDTO loginUser, [FromServices] IEasyCachingProvider provider, [FromServices] IUserService _userService, public async Task<IResponseOutput> Login(UserLoginDTO loginUser,
[FromServices] ITokenService _tokenService, [FromServices] IEasyCachingProvider provider,
[FromServices] IUserService _userService,
[FromServices] IReadingImageTaskService readingImageTaskService, [FromServices] ITokenService _tokenService,
[FromServices] IConfiguration configuration) [FromServices] IReadingImageTaskService readingImageTaskService,
IOptionsMonitor<ServiceVerifyConfigOption> _verifyConfig,
IMailVerificationService _mailVerificationService)
{ {
//MFA 邮箱验证 前端传递用户Id 和MFACode
var returnModel = await _userService.Login(loginUser.UserName, loginUser.Password); if (loginUser.UserId != null && !string.IsNullOrEmpty(loginUser.MFACode) && _verifyConfig.CurrentValue.OpenLoginMFA)
if (returnModel.IsSuccess)
{ {
#region GRPC 调用鉴权中心因为服务器IIS问题 http/2 故而没法使用 Guid userId = (Guid)loginUser.UserId;
////重试策略 //验证MFA 编码是否有问题
//var defaultMethodConfig = new MethodConfig
//{
// Names = { MethodName.Default },
// RetryPolicy = new RetryPolicy
// {
// MaxAttempts = 3,
// InitialBackoff = TimeSpan.FromSeconds(1),
// MaxBackoff = TimeSpan.FromSeconds(5),
// BackoffMultiplier = 1.5,
// RetryableStatusCodes = { Grpc.Core.StatusCode.Unavailable }
// }
//};
//#region unable to trust the certificate then the gRPC client can be configured to ignore the invalid certificate await _userService.VerifyMFACodeAsync(userId, loginUser.MFACode);
//var httpHandler = new HttpClientHandler(); var basicInfo = await _userService.GetUserBasicInfo(userId);
//// Return `true` to allow certificates that are untrusted/invalid
//httpHandler.ServerCertificateCustomValidationCallback =
// HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
var loginReturn = new LoginReturnDTO() { BasicInfo = basicInfo };
//////这一句是让grpc支持本地 http 如果本地访问部署在服务器上,那么是访问不成功的 loginReturn.JWTStr = _tokenService.GetToken(IRaCISClaims.Create(loginReturn.BasicInfo));
//AppContext.SetSwitch(
// "System.Net.Http.SocketsHttpHandler.Http2UnencryptedSupport", true);
//#endregion
//var grpcAdress = configuration.GetValue<string>("GrpcAddress");
////var grpcAdress = "http://localhost:7200";
//var channel = GrpcChannel.ForAddress(grpcAdress, new GrpcChannelOptions
//{
// HttpHandler = httpHandler,
// ServiceConfig = new ServiceConfig { MethodConfigs = { defaultMethodConfig } }
//});
////var channel = GrpcChannel.ForAddress(grpcAdress);
//var grpcClient = new TokenGrpcService.TokenGrpcServiceClient(channel);
//var userInfo = returnModel.Data.BasicInfo;
//var tokenResponse = grpcClient.GetUserToken(new GetTokenReuqest()
//{
// Id = userInfo.Id.ToString(),
// ReviewerCode = userInfo.ReviewerCode,
// IsAdmin = userInfo.IsAdmin,
// RealName = userInfo.RealName,
// UserTypeEnumInt = (int)userInfo.UserTypeEnum,
// UserTypeShortName = userInfo.UserTypeShortName,
// UserName = userInfo.UserName
//});
//returnModel.Data.JWTStr = tokenResponse.Token;
#endregion
returnModel.Data.JWTStr = _tokenService.GetToken(IRaCISClaims.Create(returnModel.Data.BasicInfo));
// 创建一个 CookieOptions 对象,用于设置 Cookie 的属性 // 创建一个 CookieOptions 对象,用于设置 Cookie 的属性
var option = new CookieOptions var option = new CookieOptions
@ -180,20 +132,161 @@ namespace IRaCIS.Api.Controllers
Secure = false // 确保 cookie 只能通过 HTTPS 访问 Secure = false // 确保 cookie 只能通过 HTTPS 访问
}; };
HttpContext.Response.Cookies.Append("access_token", returnModel.Data.JWTStr, option); HttpContext.Response.Cookies.Append("access_token", loginReturn.JWTStr, option);
// 验证阅片休息时间
await readingImageTaskService.ResetReadingRestTime(userId);
await provider.SetAsync(userId.ToString(), loginReturn.JWTStr, TimeSpan.FromDays(7));
await provider.SetAsync($"{userId.ToString()}_Online", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), TimeSpan.FromMinutes(_verifyConfig.CurrentValue.AutoLoginOutMinutes));
return ResponseOutput.Ok(loginReturn);
}
else
{
var returnModel = await _userService.Login(loginUser.UserName, loginUser.Password);
if (returnModel.IsSuccess)
{
#region GRPC 调用鉴权中心因为服务器IIS问题 http/2 故而没法使用
////重试策略
//var defaultMethodConfig = new MethodConfig
//{
// Names = { MethodName.Default },
// RetryPolicy = new RetryPolicy
// {
// MaxAttempts = 3,
// InitialBackoff = TimeSpan.FromSeconds(1),
// MaxBackoff = TimeSpan.FromSeconds(5),
// BackoffMultiplier = 1.5,
// RetryableStatusCodes = { Grpc.Core.StatusCode.Unavailable }
// }
//};
//#region unable to trust the certificate then the gRPC client can be configured to ignore the invalid certificate
//var httpHandler = new HttpClientHandler();
//// Return `true` to allow certificates that are untrusted/invalid
//httpHandler.ServerCertificateCustomValidationCallback =
// HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
//////这一句是让grpc支持本地 http 如果本地访问部署在服务器上,那么是访问不成功的
//AppContext.SetSwitch(
// "System.Net.Http.SocketsHttpHandler.Http2UnencryptedSupport", true);
//#endregion
//var grpcAdress = configuration.GetValue<string>("GrpcAddress");
////var grpcAdress = "http://localhost:7200";
//var channel = GrpcChannel.ForAddress(grpcAdress, new GrpcChannelOptions
//{
// HttpHandler = httpHandler,
// ServiceConfig = new ServiceConfig { MethodConfigs = { defaultMethodConfig } }
//});
////var channel = GrpcChannel.ForAddress(grpcAdress);
//var grpcClient = new TokenGrpcService.TokenGrpcServiceClient(channel);
//var userInfo = returnModel.Data.BasicInfo;
//var tokenResponse = grpcClient.GetUserToken(new GetTokenReuqest()
//{
// Id = userInfo.Id.ToString(),
// ReviewerCode = userInfo.ReviewerCode,
// IsAdmin = userInfo.IsAdmin,
// RealName = userInfo.RealName,
// UserTypeEnumInt = (int)userInfo.UserTypeEnum,
// UserTypeShortName = userInfo.UserTypeShortName,
// UserName = userInfo.UserName
//});
//returnModel.Data.JWTStr = tokenResponse.Token;
#endregion
var userId = returnModel.Data.BasicInfo.Id;
if (_verifyConfig.CurrentValue.OpenLoginMFA)
{
//发版屏蔽
returnModel.Data.JWTStr = _tokenService.GetToken(IRaCISClaims.Create(returnModel.Data.BasicInfo));
//MFA 发送邮件
returnModel.Data.IsMFA = true;
var email = returnModel.Data.BasicInfo.EMail;
#region 隐藏Email
// 找到 "@" 符号的位置
int atIndex = email.IndexOf('@');
// 替换 "@" 符号前的中间两位为星号
string visiblePart = email.Substring(0, atIndex);
int startIndex = (visiblePart.Length - 2) / 2;
// 替换中间两位字符为星号
string hiddenPartBeforeAt = visiblePart.Substring(0, startIndex) + "**" + visiblePart.Substring(startIndex + 2);
string afterAt = email.Substring(atIndex + 1);
// 组合隐藏和可见部分
string hiddenEmail = hiddenPartBeforeAt + "@" + afterAt;
#endregion
returnModel.Data.BasicInfo.EMail = hiddenEmail;
await _userService.SendMFAEmail(userId);
}
else
{
returnModel.Data.JWTStr = _tokenService.GetToken(IRaCISClaims.Create(returnModel.Data.BasicInfo));
// 创建一个 CookieOptions 对象,用于设置 Cookie 的属性
var option = new CookieOptions
{
Expires = DateTime.Now.AddMonths(1), // 设置过期时间为 30 分钟之后
HttpOnly = false, // 确保 cookie 只能通过 HTTP 访问
SameSite = Microsoft.AspNetCore.Http.SameSiteMode.None, // 设置 SameSite 属性
Secure = false // 确保 cookie 只能通过 HTTPS 访问
};
HttpContext.Response.Cookies.Append("access_token", returnModel.Data.JWTStr, option);
// 验证阅片休息时间
await readingImageTaskService.ResetReadingRestTime(returnModel.Data.BasicInfo.Id);
await provider.SetAsync(userId.ToString(), returnModel.Data.JWTStr, TimeSpan.FromDays(7));
await provider.SetAsync($"{userId.ToString()}_Online", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), TimeSpan.FromMinutes(_verifyConfig.CurrentValue.AutoLoginOutMinutes));
}
}
return returnModel;
} }
var userId = returnModel.Data.BasicInfo.Id.ToString();
//provider.Set(userId, userId, TimeSpan.FromMinutes(AppSettings.LoginExpiredTimeSpan));
// 验证阅片休息时间
await readingImageTaskService.ResetReadingRestTime(returnModel.Data.BasicInfo.Id);
await provider.SetAsync(userId.ToString(), returnModel.Data.JWTStr, TimeSpan.FromDays(7));
return returnModel;
} }
[HttpGet, Route("imageShare/ShareImage")] [HttpGet, Route("imageShare/ShareImage")]
[AllowAnonymous] [AllowAnonymous]
public IResponseOutput ShareImage([FromServices] ITokenService _tokenService) public IResponseOutput ShareImage([FromServices] ITokenService _tokenService)
@ -223,7 +316,7 @@ namespace IRaCIS.Api.Controllers
var ossOptions = serviceOption.AliyunOSS; var ossOptions = serviceOption.AliyunOSS;
return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, MinIO = serviceOption.MinIO ,AliyunOSS= serviceOption.AliyunOSS,AWS=serviceOption.AWS }); return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, MinIO = serviceOption.MinIO, AliyunOSS = serviceOption.AliyunOSS, AWS = serviceOption.AWS });
#region 临时token 屏蔽 #region 临时token 屏蔽
//IClientProfile profile = DefaultProfile.GetProfile(ossOptions.RegionId, ossOptions.AccessKeyId, ossOptions.AccessKeySecret); //IClientProfile profile = DefaultProfile.GetProfile(ossOptions.RegionId, ossOptions.AccessKeyId, ossOptions.AccessKeySecret);
@ -264,9 +357,9 @@ namespace IRaCIS.Api.Controllers
#endregion #endregion
} }
else if(Enum.TryParse<ObjectStoreUse>(serviceOption.ObjectStoreUse, out var parsedValue) && parsedValue == ObjectStoreUse.MinIO) else if (Enum.TryParse<ObjectStoreUse>(serviceOption.ObjectStoreUse, out var parsedValue) && parsedValue == ObjectStoreUse.MinIO)
{ {
return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse=serviceOption.ObjectStoreUse,MinIO=serviceOption.MinIO, AWS = serviceOption.AWS }); return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, MinIO = serviceOption.MinIO, AWS = serviceOption.AWS });
} }
else else
{ {
@ -275,8 +368,8 @@ namespace IRaCIS.Api.Controllers
} }
[HttpGet("user/GenerateSTS")] [HttpGet("user/GenerateSTS")]
public IResponseOutput GenerateSTS([FromServices]IOptionsMonitor<AliyunOSSOptions> options ) public IResponseOutput GenerateSTS([FromServices] IOptionsMonitor<AliyunOSSOptions> options)
{ {
var ossOptions = options.CurrentValue; var ossOptions = options.CurrentValue;
@ -304,9 +397,9 @@ namespace IRaCIS.Api.Controllers
SecurityToken = response.Credentials.SecurityToken, SecurityToken = response.Credentials.SecurityToken,
Expiration = response.Credentials.Expiration, Expiration = response.Credentials.Expiration,
Region = ossOptions.region , Region = ossOptions.region,
BucketName = ossOptions.bucketName , BucketName = ossOptions.bucketName,
ViewEndpoint = ossOptions.viewEndpoint , ViewEndpoint = ossOptions.viewEndpoint,
}; };
@ -318,12 +411,12 @@ namespace IRaCIS.Api.Controllers
[HttpGet("User/UserRedirect")] [HttpGet("User/UserRedirect")]
[AllowAnonymous] [AllowAnonymous]
public async Task<IActionResult> UserRedirect([FromServices] IRepository<User> _userRepository, string url ,[FromServices]ILogger<ExtraController> _logger) public async Task<IActionResult> UserRedirect([FromServices] IRepository<User> _userRepository, string url, [FromServices] ILogger<ExtraController> _logger)
{ {
var decodeUrl = System.Web.HttpUtility.UrlDecode(url); var decodeUrl = System.Web.HttpUtility.UrlDecode(url);
var userId = decodeUrl.Substring(decodeUrl.IndexOf("UserId=") + "UserId=".Length , 36) ; var userId = decodeUrl.Substring(decodeUrl.IndexOf("UserId=") + "UserId=".Length, 36);
var token = decodeUrl.Substring(decodeUrl.IndexOf("access_token=") + "access_token=".Length); var token = decodeUrl.Substring(decodeUrl.IndexOf("access_token=") + "access_token=".Length);
@ -331,12 +424,12 @@ namespace IRaCIS.Api.Controllers
var domainStrList = decodeUrl.Split("/").ToList().Take(3).ToList(); var domainStrList = decodeUrl.Split("/").ToList().Take(3).ToList();
var errorUrl = domainStrList[0]+"//"+ domainStrList[2]+ "/error"; var errorUrl = domainStrList[0] + "//" + domainStrList[2] + "/error";
if (!await _userRepository.AnyAsync(t => t.Id == Guid.Parse(userId) && t.EmailToken == token && t.IsFirstAdd)) if (!await _userRepository.AnyAsync(t => t.Id == Guid.Parse(userId) && t.EmailToken == token && t.IsFirstAdd))
{ {
decodeUrl = errorUrl+ $"?lang={lang}&ErrorMessage={System.Web.HttpUtility.UrlEncode(lang=="zh"? "": "ErrorThe initialization link has expired. Return")} "; decodeUrl = errorUrl + $"?lang={lang}&ErrorMessage={System.Web.HttpUtility.UrlEncode(lang == "zh" ? "" : "ErrorThe initialization link has expired. Return")} ";
} }
return Redirect(decodeUrl); return Redirect(decodeUrl);

2
IRaCIS.Core.API/IRaCIS.Core.API.xml
View File

@ -29,7 +29,7 @@
<param name="doctorId"></param> <param name="doctorId"></param>
<returns></returns> <returns></returns>
</member> </member>
<member name="M:IRaCIS.Api.Controllers.ExtraController.Login(IRaCIS.Application.Contracts.UserLoginDTO,EasyCaching.Core.IEasyCachingProvider,IRaCIS.Application.Services.IUserService,IRaCIS.Core.Application.Auth.ITokenService,IRaCIS.Core.Application.Contracts.IReadingImageTaskService,Microsoft.Extensions.Configuration.IConfiguration)"> <member name="M:IRaCIS.Api.Controllers.ExtraController.Login(IRaCIS.Application.Contracts.UserLoginDTO,EasyCaching.Core.IEasyCachingProvider,IRaCIS.Application.Services.IUserService,IRaCIS.Core.Application.Auth.ITokenService,IRaCIS.Core.Application.Contracts.IReadingImageTaskService,Microsoft.Extensions.Options.IOptionsMonitor{IRaCIS.Core.Domain.Share.ServiceVerifyConfigOption},IRaCIS.Application.Services.IMailVerificationService)">
<summary> 系统用户登录接口[New] </summary> <summary> 系统用户登录接口[New] </summary>
</member> </member>
<member name="M:IRaCIS.Core.API.Controllers.Special.FinancialChangeController.AddOrUpdateTrialInspection(IRaCIS.Core.Application.Service.Inspection.DTO.DataInspectionDto{IRaCIS.Application.Contracts.TrialCommand})"> <member name="M:IRaCIS.Core.API.Controllers.Special.FinancialChangeController.AddOrUpdateTrialInspection(IRaCIS.Core.Application.Service.Inspection.DTO.DataInspectionDto{IRaCIS.Application.Contracts.TrialCommand})">

5
IRaCIS.Core.API/appsettings.Test_IRC.json
View File

@ -60,7 +60,10 @@
"LoginMaxFailCount": 5, "LoginMaxFailCount": 5,
"LoginFailLockMinutes": 1, "LoginFailLockMinutes": 1,
"AutoLoginOutMinutes": 1
"AutoLoginOutMinutes": 1,
"OpenLoginMFA": true
}, },
"SystemEmailSendConfig": { "SystemEmailSendConfig": {

62
IRaCIS.Core.Application/Service/Common/MailService.cs
View File

@ -21,6 +21,8 @@ namespace IRaCIS.Application.Services
Task SiteSurveyRejectEmail(MimeMessage messageToSend); Task SiteSurveyRejectEmail(MimeMessage messageToSend);
Task SenMFAVerifyEmail(Guid userId, string userName, string emailAddress, int verificationCode);
Task SendMailEditEmail(Guid userId, string userName, string emailAddress, int verificationCode); Task SendMailEditEmail(Guid userId, string userName, string emailAddress, int verificationCode);
Task AnolymousSendEmailForResetAccount(string emailAddress, int verificationCode); Task AnolymousSendEmailForResetAccount(string emailAddress, int verificationCode);
@ -91,6 +93,66 @@ namespace IRaCIS.Application.Services
return str; return str;
} }
//MFA
public async Task SenMFAVerifyEmail(Guid userId, string userName, string emailAddress, int verificationCode)
{
var messageToSend = new MimeMessage();
//发件地址
messageToSend.From.Add(new MailboxAddress(_systemEmailConfig.FromName, _systemEmailConfig.FromEmail));
//收件地址
messageToSend.To.Add(new MailboxAddress(userName, emailAddress));
//主题
//---[来自{0}] 关于MFA邮箱验证的提醒
messageToSend.Subject = _localizer["Mail_EmailMFATopic", _userInfo.IsEn_Us ? _systemEmailConfig.CompanyShortName : _systemEmailConfig.CompanyShortNameCN];
var builder = new BodyBuilder();
var pathToFile = _hostEnvironment.WebRootPath
+ Path.DirectorySeparatorChar.ToString()
+ "EmailTemplate"
+ Path.DirectorySeparatorChar.ToString()
//+ "UserOptCommon.html";
+ (_userInfo.IsEn_Us ? "UserOptCommon_US.html" : "UserOptCommon.html");
using (StreamReader SourceReader = System.IO.File.OpenText(pathToFile))
{
var templateInfo = SourceReader.ReadToEnd();
builder.HtmlBody = string.Format(ReplaceCompanyName(templateInfo),
userName,
_localizer["Mail_MFAEmail"],
verificationCode
);
}
messageToSend.Body = builder.ToMessageBody();
EventHandler<MessageSentEventArgs> sucessHandle = (sender, args) =>
{
// args.Response
var code = verificationCode.ToString();
_ = _verificationCodeRepository.AddAsync(new VerificationCode()
{
CodeType = 0,
HasSend = true,
Code = code,
UserId = userId,
ExpirationTime = DateTime.Now.AddMinutes(3)
}).Result;
_ = _verificationCodeRepository.SaveChangesAsync().Result;
};
await SendEmailHelper.SendEmailAsync(messageToSend, _systemEmailConfig, sucessHandle);
}
//重置邮箱 //重置邮箱
public async Task SendMailEditEmail(Guid userId, string userName, string emailAddress, int verificationCode) public async Task SendMailEditEmail(Guid userId, string userName, string emailAddress, int verificationCode)
{ {

7
IRaCIS.Core.Application/Service/Management/DTO/UserModel.cs
View File

@ -21,6 +21,9 @@ namespace IRaCIS.Application.Contracts
{ {
public string UserName { get; set; } = string.Empty; public string UserName { get; set; } = string.Empty;
public string Password { get; set; } = string.Empty; public string Password { get; set; } = string.Empty;
public Guid? UserId { get; set; }
public string MFACode { get; set; } = string.Empty;
} }
public class LoginReturnDTO public class LoginReturnDTO
@ -28,6 +31,8 @@ namespace IRaCIS.Application.Contracts
public UserBasicInfo BasicInfo { get; set; } = new UserBasicInfo(); public UserBasicInfo BasicInfo { get; set; } = new UserBasicInfo();
public string JWTStr { get; set; }=string.Empty; public string JWTStr { get; set; }=string.Empty;
public bool IsMFA { get; set; } = false;
} }
public class UserBasicInfo public class UserBasicInfo
@ -59,7 +64,7 @@ namespace IRaCIS.Application.Contracts
public string PermissionStr { get; set; } = String.Empty; public string PermissionStr { get; set; } = String.Empty;
public string EMail { get; set; } = string.Empty;
public bool IsFirstAdd { get; set; } public bool IsFirstAdd { get; set; }
public bool IsReviewer { get; set; } = false; public bool IsReviewer { get; set; } = false;

4
IRaCIS.Core.Application/Service/Management/Interface/IUserService.cs
View File

@ -10,6 +10,10 @@ namespace IRaCIS.Application.Services
Task<UserDetailDTO> GetUser(Guid id); Task<UserDetailDTO> GetUser(Guid id);
Task<PageOutput<UserListDTO>> GetUserList(UserListQueryDTO param); Task<PageOutput<UserListDTO>> GetUserList(UserListQueryDTO param);
Task<IResponseOutput<LoginReturnDTO>> Login(string userName, string password); Task<IResponseOutput<LoginReturnDTO>> Login(string userName, string password);
Task<IResponseOutput> VerifyMFACodeAsync(Guid userId, string Code);
Task<IResponseOutput> SendMFAEmail(Guid userId);
Task<UserBasicInfo> GetUserBasicInfo(Guid userId);
Task<IResponseOutput> ModifyPassword(EditPasswordCommand editPwModel); Task<IResponseOutput> ModifyPassword(EditPasswordCommand editPwModel);
Task<IResponseOutput> ResetPassword(Guid userId); Task<IResponseOutput> ResetPassword(Guid userId);

200
IRaCIS.Core.Application/Service/Management/UserService.cs
View File

@ -15,6 +15,9 @@ using Medallion.Threading;
using EasyCaching.Core; using EasyCaching.Core;
using IRaCIS.Core.Application.Contracts; using IRaCIS.Core.Application.Contracts;
using LoginReturnDTO = IRaCIS.Application.Contracts.LoginReturnDTO; using LoginReturnDTO = IRaCIS.Application.Contracts.LoginReturnDTO;
using IRaCIS.Core.Application.Auth;
using BeetleX.Redis.Commands;
using IRaCIS.Core.Domain.Models;
namespace IRaCIS.Application.Services namespace IRaCIS.Application.Services
{ {
@ -23,16 +26,16 @@ namespace IRaCIS.Application.Services
{ {
private readonly IRepository<User> _userRepository; private readonly IRepository<User> _userRepository;
private readonly IMailVerificationService _mailVerificationService; private readonly IMailVerificationService _mailVerificationService;
private readonly IRepository<VerificationCode> _verificationCodeRepository; private readonly IRepository<VerificationCode> _verificationCodeRepository;
private readonly IRepository<Doctor> _doctorRepository; private readonly IRepository<Doctor> _doctorRepository;
private readonly IRepository<TrialUser> _userTrialRepository; private readonly IRepository<TrialUser> _userTrialRepository;
private readonly IRepository<UserLog> _userLogRepository; private readonly IRepository<UserLog> _userLogRepository;
private readonly IRepository<UserPassWordLog> _userPassWordLogRepository; private readonly IRepository<UserPassWordLog> _userPassWordLogRepository;
private readonly IDistributedLockProvider _distributedLockProvider; private readonly IDistributedLockProvider _distributedLockProvider;
private readonly IEasyCachingProvider _cache; private readonly IEasyCachingProvider _cache;
private readonly IReadingImageTaskService _readingImageTaskService; private readonly IReadingImageTaskService _readingImageTaskService;
private readonly IOptionsMonitor<ServiceVerifyConfigOption> _verifyConfig; private readonly IOptionsMonitor<ServiceVerifyConfigOption> _verifyConfig;
public UserService(IRepository<User> userRepository, public UserService(IRepository<User> userRepository,
@ -41,20 +44,20 @@ namespace IRaCIS.Application.Services
IRepository<VerificationCode> verificationCodeRepository, IRepository<VerificationCode> verificationCodeRepository,
IRepository<Doctor> doctorRepository, IRepository<Doctor> doctorRepository,
IEasyCachingProvider cache, IEasyCachingProvider cache,
IReadingImageTaskService readingImageTaskService, IReadingImageTaskService readingImageTaskService,
IRepository<TrialUser> userTrialRepository, IRepository<TrialUser> userTrialRepository,
IOptionsMonitor<ServiceVerifyConfigOption> verifyConfig, IOptionsMonitor<ServiceVerifyConfigOption> verifyConfig,
IRepository<UserLog> userLogRepository, IRepository<UserLog> userLogRepository,
IRepository<UserPassWordLog> userPassWordLogRepository IRepository<UserPassWordLog> userPassWordLogRepository
, ,
IDistributedLockProvider distributedLockProvider) IDistributedLockProvider distributedLockProvider)
{ {
_userLogRepository = userLogRepository; _userLogRepository = userLogRepository;
this._userPassWordLogRepository = userPassWordLogRepository; this._userPassWordLogRepository = userPassWordLogRepository;
_verifyConfig = verifyConfig; _verifyConfig = verifyConfig;
_cache = cache; _cache = cache;
this._readingImageTaskService = readingImageTaskService; this._readingImageTaskService = readingImageTaskService;
_userRepository = userRepository; _userRepository = userRepository;
_mailVerificationService = mailVerificationService; _mailVerificationService = mailVerificationService;
_verificationCodeRepository = verificationCodeRepository; _verificationCodeRepository = verificationCodeRepository;
_doctorRepository = doctorRepository; _doctorRepository = doctorRepository;
@ -95,44 +98,44 @@ namespace IRaCIS.Application.Services
private async Task VerifyUserPwdAsync(Guid userId, string newPwd, string? oldPwd = null) private async Task VerifyUserPwdAsync(Guid userId, string newPwd, string? oldPwd = null)
{ {
//var dbUser = (await _userRepository.FirstOrDefaultAsync(t => t.Id == userId)).IfNullThrowException(); //var dbUser = (await _userRepository.FirstOrDefaultAsync(t => t.Id == userId)).IfNullThrowException();
if (oldPwd != null && oldPwd == newPwd) if (oldPwd != null && oldPwd == newPwd)
{ {
//---新密码与旧密码相同。 //---新密码与旧密码相同。
throw new BusinessValidationFailedException(_localizer["User_NewOldPwdSame"]); throw new BusinessValidationFailedException(_localizer["User_NewOldPwdSame"]);
} }
var dbUser = (await _userRepository.Where(t => t.Id == userId).FirstOrDefaultAsync()).IfNullThrowException(); var dbUser = (await _userRepository.Where(t => t.Id == userId).FirstOrDefaultAsync()).IfNullThrowException();
if (oldPwd != null && dbUser.Password != oldPwd) if (oldPwd != null && dbUser.Password != oldPwd)
{ {
//---旧密码验证失败。 //---旧密码验证失败。
throw new BusinessValidationFailedException(_localizer["User_OldPwdInvalid"]); throw new BusinessValidationFailedException(_localizer["User_OldPwdInvalid"]);
} }
if (dbUser.Password == newPwd) if (dbUser.Password == newPwd)
{ {
//---新密码与旧密码相同。 //---新密码与旧密码相同。
throw new BusinessValidationFailedException(_localizer["User_NewOldPwdSame"]); throw new BusinessValidationFailedException(_localizer["User_NewOldPwdSame"]);
} }
var passWordList = await _userPassWordLogRepository.Where(x => x.UserId == userId).OrderByDescending(x => x.CreateTime).Take(2).ToListAsync(); var passWordList = await _userPassWordLogRepository.Where(x => x.UserId == userId).OrderByDescending(x => x.CreateTime).Take(2).ToListAsync();
if (passWordList.Any(x => x.PassWord == newPwd)) if (passWordList.Any(x => x.PassWord == newPwd))
{ {
throw new BusinessValidationFailedException(_localizer["User_PassWordRepeat"]); throw new BusinessValidationFailedException(_localizer["User_PassWordRepeat"]);
} }
if (oldPwd != null) if (oldPwd != null)
{ {
await _userPassWordLogRepository.AddAsync(new UserPassWordLog() await _userPassWordLogRepository.AddAsync(new UserPassWordLog()
{ {
CreateTime = DateTime.Now, CreateTime = DateTime.Now,
PassWord = oldPwd, PassWord = oldPwd,
UserId = userId, UserId = userId,
}); });
} }
await _userRepository.BatchUpdateNoTrackingAsync(x => x.Id == userId, x => new User() await _userRepository.BatchUpdateNoTrackingAsync(x => x.Id == userId, x => new User()
@ -142,7 +145,7 @@ namespace IRaCIS.Application.Services
await _userPassWordLogRepository.SaveChangesAsync(); await _userPassWordLogRepository.SaveChangesAsync();
await Task.CompletedTask; await Task.CompletedTask;
} }
@ -306,7 +309,7 @@ namespace IRaCIS.Application.Services
{ {
await _mailVerificationService.AdminResetPwdSendEmailAsync(userId, pwd); await _mailVerificationService.AdminResetPwdSendEmailAsync(userId, pwd);
} }
catch (Exception ) catch (Exception)
{ {
//---请检查邮箱地址或者联系维护人员, 邮件发送失败, 未能创建账户成功 //---请检查邮箱地址或者联系维护人员, 邮件发送失败, 未能创建账户成功
throw new BusinessValidationFailedException(_localizer["User_CreateFailed"]); throw new BusinessValidationFailedException(_localizer["User_CreateFailed"]);
@ -319,7 +322,7 @@ namespace IRaCIS.Application.Services
IsFirstAdd = true IsFirstAdd = true
}); });
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId=userId, OptType = UserOptType.ResetPassword }, true); await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId = userId, OptType = UserOptType.ResetPassword }, true);
return ResponseOutput.Ok(); return ResponseOutput.Ok();
} }
@ -403,7 +406,7 @@ namespace IRaCIS.Application.Services
} }
} }
var list = await _userRepository.Where(t => t.EMail == email && t.Status== UserStateEnum.Enable).Select(t => new UserAccountDto() { UserId = t.Id, UserName = t.UserName, UserRealName = t.FullName, UserType = t.UserTypeRole.UserTypeShortName }).ToListAsync(); var list = await _userRepository.Where(t => t.EMail == email && t.Status == UserStateEnum.Enable).Select(t => new UserAccountDto() { UserId = t.Id, UserName = t.UserName, UserRealName = t.FullName, UserType = t.UserTypeRole.UserTypeShortName }).ToListAsync();
@ -431,7 +434,7 @@ namespace IRaCIS.Application.Services
IsFirstAdd = false IsFirstAdd = false
}); });
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = userId, OptUserId = userId,LoginPassword=newPwd, OptType = UserOptType.UnloginModifyPasswoed }, true); await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = userId, OptUserId = userId, LoginPassword = newPwd, OptType = UserOptType.UnloginModifyPasswoed }, true);
return ResponseOutput.Result(success); return ResponseOutput.Result(success);
@ -467,7 +470,7 @@ namespace IRaCIS.Application.Services
IsFirstAdd = false IsFirstAdd = false
}); });
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId= _userInfo.Id, OptType = UserOptType.LoginModifyPassword }, true); await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId = _userInfo.Id, OptType = UserOptType.LoginModifyPassword }, true);
return ResponseOutput.Result(success); return ResponseOutput.Result(success);
@ -559,7 +562,7 @@ namespace IRaCIS.Application.Services
await _mailVerificationService.AddUserSendEmailAsync(saveItem.Id, userAddModel.BaseUrl, userAddModel.RouteUrl); await _mailVerificationService.AddUserSendEmailAsync(saveItem.Id, userAddModel.BaseUrl, userAddModel.RouteUrl);
return ResponseOutput.Ok( new UserAddedReturnDTO { Id = saveItem.Id, UserCode = saveItem.UserCode }); return ResponseOutput.Ok(new UserAddedReturnDTO { Id = saveItem.Id, UserCode = saveItem.UserCode });
} }
@ -589,7 +592,7 @@ namespace IRaCIS.Application.Services
user.OrganizationName = AppSettings.DefaultInternalOrganizationName; user.OrganizationName = AppSettings.DefaultInternalOrganizationName;
} }
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId= model.Id , OptType = UserOptType.UpdateUser }, true); await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId = model.Id, OptType = UserOptType.UpdateUser }, true);
var success = await _userRepository.SaveChangesAsync(); var success = await _userRepository.SaveChangesAsync();
@ -611,7 +614,7 @@ namespace IRaCIS.Application.Services
return ResponseOutput.NotOk(_localizer["User_InProject"]); return ResponseOutput.NotOk(_localizer["User_InProject"]);
} }
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId= userId, OptType = UserOptType.DeleteUser }, true); await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId = userId, OptType = UserOptType.DeleteUser }, true);
var success = await _userRepository.BatchDeleteNoTrackingAsync(t => t.Id == userId); var success = await _userRepository.BatchDeleteNoTrackingAsync(t => t.Id == userId);
@ -629,7 +632,7 @@ namespace IRaCIS.Application.Services
public async Task<IResponseOutput> UpdateUserState(Guid userId, UserStateEnum state) public async Task<IResponseOutput> UpdateUserState(Guid userId, UserStateEnum state)
{ {
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId = userId, OptType = state==UserStateEnum.Enable? UserOptType.AccountEnable: UserOptType.AccountLocked }, true); await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId = userId, OptType = state == UserStateEnum.Enable ? UserOptType.AccountEnable : UserOptType.AccountLocked }, true);
var success = await _userRepository.BatchUpdateNoTrackingAsync(u => u.Id == userId, t => new User var success = await _userRepository.BatchUpdateNoTrackingAsync(u => u.Id == userId, t => new User
{ {
@ -639,7 +642,70 @@ namespace IRaCIS.Application.Services
} }
public async Task<UserBasicInfo> GetUserBasicInfo(Guid userId)
{
var info = await _userRepository.Where(u => u.Id == userId).ProjectTo<UserBasicInfo>(_mapper.ConfigurationProvider).FirstNotNullAsync();
return info;
}
/// <summary>
/// 发送MFA 验证邮件
/// </summary>
/// <param name="userId"></param>
/// <returns></returns>
[AllowAnonymous]
public async Task<IResponseOutput> SendMFAEmail(Guid userId)
{
var userInfo = await _userRepository.Where(u => u.Id == userId).Select(t => new { t.FullName, t.EMail }).FirstOrDefaultAsync();
int verificationCode = new Random().Next(100000, 1000000);
await _mailVerificationService.SenMFAVerifyEmail(userId, userInfo.FullName, userInfo.EMail, verificationCode);
return ResponseOutput.Ok();
}
/// <summary>
/// 验证MFA 邮件
/// </summary>
/// <param name="userId"></param>
/// <param name="Code"></param>
/// <returns></returns>
/// <exception cref="BusinessValidationFailedException"></exception>
[AllowAnonymous]
public async Task<IResponseOutput> VerifyMFACodeAsync(Guid userId, string Code)
{
var verificationRecord = await _repository.GetQueryable<VerificationCode>().OrderByDescending(x => x.ExpirationTime).Where(t => t.UserId == userId && t.Code == Code && t.CodeType == VerifyType.Email).FirstOrDefaultAsync();
VerifyEmialGetDoctorInfoOutDto result = new VerifyEmialGetDoctorInfoOutDto();
//检查数据库是否存在该验证码
if (verificationRecord == null)
{
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = userId, OptUserId = userId, OptType = UserOptType.MFALoginFail }, true);
//---验证码错误。
throw new BusinessValidationFailedException(_localizer["TrialSiteSurvey_WrongVerificationCode"]);
}
else
{
//检查验证码是否失效
if (verificationRecord.ExpirationTime < DateTime.Now)
{
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = userId, OptUserId = userId, OptType = UserOptType.MFALoginFail }, true);
//---验证码已经过期。
throw new BusinessValidationFailedException(_localizer["TrialSiteSurvey_ExpiredVerificationCode"]);
}
else //验证码正确 并且 没有超时
{
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = userId, OptUserId = userId, OptType = UserOptType.MFALogin }, true);
}
}
return ResponseOutput.Ok();
}
/// <summary> /// <summary>
/// 用户登陆 /// 用户登陆
@ -690,14 +756,12 @@ namespace IRaCIS.Application.Services
failCount++; failCount++;
_cache.Set(cacheKey, failCount, TimeSpan.FromMinutes(lockoutMinutes)); _cache.Set(cacheKey, failCount, TimeSpan.FromMinutes(lockoutMinutes));
var errorPwdUserId = await _userRepository.Where(u => u.UserName==userName).Select(t=>t.Id).FirstOrDefaultAsync(); var errorPwdUserId = await _userRepository.Where(u => u.UserName == userName).Select(t => t.Id).FirstOrDefaultAsync();
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = errorPwdUserId, OptUserId = errorPwdUserId, LoginFaildName = userName, LoginPassword = password, OptType = UserOptType.AccountOrPasswordError }, true); await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = errorPwdUserId, OptUserId = errorPwdUserId, LoginFaildName = userName, LoginPassword = password, OptType = UserOptType.AccountOrPasswordError }, true);
return ResponseOutput.NotOk(_localizer["User_CheckNameOrPw"], new LoginReturnDTO()); return ResponseOutput.NotOk(_localizer["User_CheckNameOrPw"], new LoginReturnDTO());
} }
if (loginUser.Status == 0) if (loginUser.Status == 0)
@ -712,7 +776,7 @@ namespace IRaCIS.Application.Services
if (loginUser.LastChangePassWordTime != null && DateTime.Now.AddDays(-90) > loginUser.LastChangePassWordTime.Value) if (loginUser.LastChangePassWordTime != null && DateTime.Now.AddDays(-90) > loginUser.LastChangePassWordTime.Value)
{ {
loginUser.LoginState = 1; loginUser.LoginState = 1;
} }
@ -720,18 +784,18 @@ namespace IRaCIS.Application.Services
_cache.Set(cacheKey, 0, TimeSpan.FromMinutes(lockoutMinutes)); _cache.Set(cacheKey, 0, TimeSpan.FromMinutes(lockoutMinutes));
if (loginUser.LastLoginIP != string.Empty) if (loginUser.LastLoginIP != string.Empty)
{ {
// 与上一次IP不一致 // 与上一次IP不一致
if (loginUser.LastLoginIP != _userInfo.IP) if (loginUser.LastLoginIP != _userInfo.IP)
{ {
loginUser.LoginState = 2; loginUser.LoginState = 2;
} }
} }
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = loginUser.Id, OptUserId = loginUser.Id, OptType = UserOptType.Login }, true); await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = loginUser.Id, OptUserId = loginUser.Id, OptType = UserOptType.Login }, true);
userLoginReturnModel.BasicInfo = loginUser; userLoginReturnModel.BasicInfo = loginUser;
@ -743,21 +807,13 @@ namespace IRaCIS.Application.Services
}); });
} }
await _userRepository.BatchUpdateNoTrackingAsync(x => x.Id == loginUser.Id, x => new User() await _userRepository.BatchUpdateNoTrackingAsync(x => x.Id == loginUser.Id, x => new User()
{ {
LastLoginIP = _userInfo.IP LastLoginIP = _userInfo.IP
});
// 登录 清除缓存
//_cache.Remove(userLoginReturnModel.BasicInfo.Id.ToString());
var userId = loginUser.Id;
await _cache.SetAsync($"{userId.ToString()}_Online", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), TimeSpan.FromMinutes(_verifyConfig.CurrentValue.AutoLoginOutMinutes));
});
return ResponseOutput.Ok(userLoginReturnModel); return ResponseOutput.Ok(userLoginReturnModel);
@ -766,12 +822,12 @@ namespace IRaCIS.Application.Services
[HttpPost] [HttpPost]
public async Task<PageOutput<UserLogView>> GetUserLogList(UserLogQuery inQuery) public async Task<PageOutput<UserLogView>> GetUserLogList(UserLogQuery inQuery)
{ {
DateTime? trialCreateTime = inQuery.TrialId != null ?_repository.Where<Trial>(t=>t.Id==inQuery.TrialId).Select(t=>t.CreateTime).FirstOrDefault() : null; DateTime? trialCreateTime = inQuery.TrialId != null ? _repository.Where<Trial>(t => t.Id == inQuery.TrialId).Select(t => t.CreateTime).FirstOrDefault() : null;
var userLogQueryable = var userLogQueryable =
_userLogRepository _userLogRepository
.WhereIf(inQuery.TrialId != null, t => t.LoginUser.UserTrials.Any(c => c.TrialId == inQuery.TrialId && (c.UserId == t.LoginUserId || c.UserId == t.OptUserId))) .WhereIf(inQuery.TrialId != null, t => t.LoginUser.UserTrials.Any(c => c.TrialId == inQuery.TrialId && (c.UserId == t.LoginUserId || c.UserId == t.OptUserId)))
.WhereIf(trialCreateTime != null, t => t.CreateTime>= trialCreateTime) .WhereIf(trialCreateTime != null, t => t.CreateTime >= trialCreateTime)
.WhereIf(inQuery.OptType != null, t => t.OptType == inQuery.OptType) .WhereIf(inQuery.OptType != null, t => t.OptType == inQuery.OptType)
.WhereIf(inQuery.UserId != null, t => t.LoginUserId == inQuery.UserId) .WhereIf(inQuery.UserId != null, t => t.LoginUserId == inQuery.UserId)
.WhereIf(inQuery.BeginDate != null, t => t.CreateTime >= inQuery.BeginDate) .WhereIf(inQuery.BeginDate != null, t => t.CreateTime >= inQuery.BeginDate)

6
IRaCIS.Core.Domain/Management/UserLog.cs
View File

@ -93,7 +93,11 @@ namespace IRaCIS.Core.Domain.Models
DeleteUser=10, DeleteUser=10,
UpdateUser=11 UpdateUser=11,
MFALogin=12,
MFALoginFail=13,
} }
} }

2
IRaCIS.Core.Domain/_Config/_AppSettings.cs
View File

@ -22,6 +22,8 @@ namespace IRaCIS.Core.Domain.Share
public int LoginFailLockMinutes { get; set; } public int LoginFailLockMinutes { get; set; }
public int AutoLoginOutMinutes { get; set; } public int AutoLoginOutMinutes { get; set; }
public bool OpenLoginMFA { get; set; }
} }
public class SystemEmailSendConfig public class SystemEmailSendConfig