From 5222cdb8f1faf14145196b9147c1a8ae23e279f7 Mon Sep 17 00:00:00 2001
From: hang <872297557@qq.com>
Date: Thu, 16 Jan 2025 11:47:24 +0800
Subject: [PATCH] =?UTF-8?q?=E5=B1=8F=E5=B9=95=E8=A7=A3=E9=94=81+=20?=
 =?UTF-8?q?=E5=AF=86=E7=A0=81=E9=94=99=E8=AF=AF=20=E4=B9=9F=E5=BC=82?=
 =?UTF-8?q?=E5=9C=B0=E7=99=BB=E5=BD=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Service/Management/UserService.cs         | 90 ++++++++++++-------
 1 file changed, 58 insertions(+), 32 deletions(-)

diff --git a/IRaCIS.Core.Application/Service/Management/UserService.cs b/IRaCIS.Core.Application/Service/Management/UserService.cs
index dba110cb8..da75b1e42 100644
--- a/IRaCIS.Core.Application/Service/Management/UserService.cs
+++ b/IRaCIS.Core.Application/Service/Management/UserService.cs
@@ -888,7 +888,7 @@ namespace IRaCIS.Core.Application.Service
             if (_verifyConfig.CurrentValue.IsNeedChangePassWord && loginUser.LastChangePassWordTime != null && DateTime.Now.AddDays(-_verifyConfig.CurrentValue.ChangePassWordDays) > loginUser.LastChangePassWordTime.Value)
             {
                 loginUser.NeedChangePassWord = true;
-             
+
             }
 
             //await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = loginUser.IdentityUserId, OptUserId = loginUser.IdentityUserId, OptType = UserOptType.Login }, true);
@@ -1012,6 +1012,59 @@ namespace IRaCIS.Core.Application.Service
 
             var loginUser = await _identityUserRepository.Where(u => u.UserName.Equals(userName) && u.Password == password).ProjectTo<UserBasicInfo>(_mapper.ConfigurationProvider).FirstOrDefaultAsync();
 
+            var existUserLoginInfo = await _identityUserRepository.Where(u => u.UserName == userName).Select(t => new { t.LastLoginIP, t.LastChangePassWordTime, t.Id }).FirstOrDefaultAsync();
+
+            var isExistAccount = existUserLoginInfo != null;
+
+            var isLoginUncommonly = false;
+
+            //登录用户是系统用户的时候，就要要记录异地登录
+
+            //账号在系统存在
+            if (isExistAccount || loginUser != null)
+            {
+                var ipinfo = _searcher.Search(_userInfo.IP);
+
+                var iPRegion = string.Join('|', ipinfo.Split('|').TakeLast(3));
+
+                string SplitAndConcatenate(string input)
+                {
+                    string[] parts = input.Split('|');
+                    return parts.Length >= 3 ? parts[0] + parts[1] : string.Join("", parts);
+                }
+
+                if (existUserLoginInfo.LastLoginIP != string.Empty)
+                {
+                    // 与上一次区域不一致
+                    if (SplitAndConcatenate(existUserLoginInfo.LastLoginIP) != SplitAndConcatenate(iPRegion))
+                    {
+
+                        isLoginUncommonly = true;
+
+                        //设置上次登录的IP
+                        await _identityUserRepository.BatchUpdateNoTrackingAsync(x => x.Id == existUserLoginInfo.Id, x => new IdentityUser()
+                        {
+                            LastLoginIP = iPRegion,
+                            LastLoginTime = DateTime.Now
+
+                        });
+
+                        if (loginUser != null)
+                        {
+                            //异地登录
+                            loginUser.LoginState = 2;
+
+                            //超过90天没修改密码
+                            if (_verifyConfig.CurrentValue.IsNeedChangePassWord && loginUser.LastChangePassWordTime != null && DateTime.Now.AddDays(-_verifyConfig.CurrentValue.ChangePassWordDays) > loginUser.LastChangePassWordTime.Value)
+                            {
+                                loginUser.NeedChangePassWord = true;
+                            }
+                        }
+                    }
+                }
+
+            }
+
             if (loginUser == null)
             {
 
@@ -1019,48 +1072,26 @@ namespace IRaCIS.Core.Application.Service
                 failCount++;
                 await _fusionCache.SetAsync(cacheKey, failCount, TimeSpan.FromMinutes(lockoutMinutes));
 
-                var errorPwdUserId = await _identityUserRepository.Where(u => u.UserName == userName).Select(t => t.Id).FirstOrDefaultAsync();
 
                 await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, ActionUserName = userName, LoginPassword = password, OptType = UserOptType.AccountOrPasswordError }, true);
 
+
                 return ResponseOutput.NotOk(_localizer["User_CheckNameOrPw"], new IRCLoginReturnDTO());
 
             }
 
-            //登录用户是系统用户的时候，就要要记录异地登录
-
             #region 处理用户状态
 
 
-            var ipinfo = _searcher.Search(_userInfo.IP);
 
-            var iPRegion = string.Join('|', ipinfo.Split('|').TakeLast(3));
 
-            string SplitAndConcatenate(string input)
-            {
-                string[] parts = input.Split('|');
-                return parts.Length >= 3 ? parts[0] + parts[1] : string.Join("", parts);
-            }
 
-            if (loginUser.LastLoginIP != string.Empty)
-            {
-                // 与上一次区域不一致
-                if (SplitAndConcatenate(loginUser.LastLoginIP) != SplitAndConcatenate(iPRegion))
-                {
-                    loginUser.LoginState = 2;
-                }
-            }
-            //超过90天没修改密码
-            if (_verifyConfig.CurrentValue.IsNeedChangePassWord && loginUser.LastChangePassWordTime != null && DateTime.Now.AddDays(-_verifyConfig.CurrentValue.ChangePassWordDays) > loginUser.LastChangePassWordTime.Value)
-            {
-                loginUser.NeedChangePassWord = true;
-            }
 
             #endregion
 
             if (loginUser.Status == 0)
             {
-                await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, ActionIdentityUserId = loginUser.IdentityUserId, ActionUserName = userName, OptType = UserOptType.LoginLockedAccount, IsLoginUncommonly = (loginUser.LoginState == 2) }, true);
+                await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, ActionIdentityUserId = loginUser.IdentityUserId, ActionUserName = userName, OptType = UserOptType.LoginLockedAccount, IsLoginUncommonly = isLoginUncommonly }, true);
 
                 //---该用户已经被禁用。
                 return ResponseOutput.NotOk(_localizer["User_Disabled"], new IRCLoginReturnDTO());
@@ -1070,7 +1101,7 @@ namespace IRaCIS.Core.Application.Service
             await _fusionCache.SetAsync(cacheKey, 0, TimeSpan.FromMinutes(lockoutMinutes));
 
 
-            await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, ActionIdentityUserId = loginUser.IdentityUserId, OptType = UserOptType.Login, IsLoginUncommonly = (loginUser.LoginState == 2) }, true);
+            await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, ActionIdentityUserId = loginUser.IdentityUserId, OptType = UserOptType.Login, IsLoginUncommonly = isLoginUncommonly }, true);
 
             userLoginReturnModel.BasicInfo = loginUser;
 
@@ -1084,12 +1115,7 @@ namespace IRaCIS.Core.Application.Service
 
             }
 
-            await _identityUserRepository.BatchUpdateNoTrackingAsync(x => x.Id == loginUser.IdentityUserId, x => new IdentityUser()
-            {
-                LastLoginIP = iPRegion,
-                LastLoginTime = DateTime.Now
 
-            });
 
             //返回临时token
             userLoginReturnModel.JWTStr = _tokenService.GetToken(new UserTokenInfo() { IdentityUserId = loginUser.IdentityUserId, UserName = userName });
@@ -1112,7 +1138,7 @@ namespace IRaCIS.Core.Application.Service
                 userLoginReturnModel.BasicInfo.EMail = hiddenEmail;
 
                 //修改密码  || 90天修改密码再mfa 之前
-                if (userLoginReturnModel.BasicInfo.IsFirstAdd || userLoginReturnModel.BasicInfo.LoginState == 1)
+                if (userLoginReturnModel.BasicInfo.IsFirstAdd || userLoginReturnModel.BasicInfo.NeedChangePassWord)
                 {
                     //userLoginReturnModel.JWTStr = _tokenService.GetToken(userLoginReturnModel.BasicInfo);
                 }