用户MFA 缓存增加tag,重置密码,修改密码清楚该tag的缓存,从而登录时需要验证MFA
parent
2e1e042658
commit
782270d462
|
|
@ -64,6 +64,8 @@ public static class CacheKeys
|
|||
//每个用户 每个浏览器独立时间
|
||||
public static string UserMFAVerifyPass(Guid userId,string browserFingerprint) => $"UserMFAVerifyPass:{userId}:{browserFingerprint}";
|
||||
|
||||
public static string UserMFATag(Guid userId) => $"UserMFAVerifyPass:{userId}";
|
||||
|
||||
}
|
||||
|
||||
public static class CacheHelper
|
||||
|
|
|
|||
|
|
@ -19195,6 +19195,13 @@
|
|||
<param name="tpCode"></param>
|
||||
<param name="key"></param>
|
||||
</member>
|
||||
<member name="M:IRaCIS.Core.Application.Services.SeriesService.UpdateImageResizePath(IRaCIS.Core.Application.Contracts.Dicom.DTO.UpdateImageResizeDTO)">
|
||||
<summary>
|
||||
更新缩略图路径
|
||||
</summary>
|
||||
<param name="dto"></param>
|
||||
<returns></returns>
|
||||
</member>
|
||||
<member name="M:IRaCIS.Core.Application.Services.SeriesService.List(System.Guid,System.Nullable{System.Boolean},System.Nullable{System.Boolean})">
|
||||
<summary> 指定资源Id,获取Dicom检查所属序列信息列表 </summary>
|
||||
<param name="studyId"> Dicom检查的Id </param>
|
||||
|
|
|
|||
|
|
@ -308,6 +308,8 @@ namespace IRaCIS.Core.Application.Service
|
|||
|
||||
await _fusionCache.RemoveAsync(CacheKeys.UserLoginError(userName));
|
||||
|
||||
await _fusionCache.RemoveByTagAsync(CacheKeys.UserMFATag(identityUserId));
|
||||
|
||||
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, ActionIdentityUserId = _userInfo.IdentityUserId, ActionUserName = _userInfo.UserName, TargetIdentityUserId = identityUserId, OptType = UserOptType.ResetPassword }, true);
|
||||
|
||||
return ResponseOutput.Ok();
|
||||
|
|
@ -316,7 +318,7 @@ namespace IRaCIS.Core.Application.Service
|
|||
|
||||
|
||||
/// <summary>
|
||||
/// 重置密码发邮件 (未登陆修改)
|
||||
/// 重置密码发邮件 (未登陆修改-忘记密码)
|
||||
/// </summary>
|
||||
/// <param name="email"></param>
|
||||
/// <returns></returns>
|
||||
|
|
@ -357,6 +359,8 @@ namespace IRaCIS.Core.Application.Service
|
|||
|
||||
await _mailVerificationService.AnolymousSendEmailForResetAccount(email, verificationCode);
|
||||
|
||||
await _fusionCache.RemoveByTagAsync(CacheKeys.UserMFATag(existUser.Id));
|
||||
|
||||
return ResponseOutput.Ok();
|
||||
|
||||
}
|
||||
|
|
@ -485,6 +489,8 @@ namespace IRaCIS.Core.Application.Service
|
|||
|
||||
await _mailVerificationService.AfterUserModifyPasswordSendEmailAsync(_userInfo.IdentityUserId);
|
||||
|
||||
await _fusionCache.RemoveByTagAsync(CacheKeys.UserMFATag(_userInfo.IdentityUserId));
|
||||
|
||||
return ResponseOutput.Result(success);
|
||||
|
||||
|
||||
|
|
@ -861,7 +867,8 @@ namespace IRaCIS.Core.Application.Service
|
|||
|
||||
if (isRemember)
|
||||
{
|
||||
await _fusionCache.SetAsync(CacheKeys.UserMFAVerifyPass(identityUserId, _userInfo.BrowserFingerprint), _userInfo.BrowserFingerprint, TimeSpan.FromMinutes(_serviceVerifyConfigConfig.UserMFAVerifyMinutes));
|
||||
await _fusionCache.SetAsync(CacheKeys.UserMFAVerifyPass(identityUserId, _userInfo.BrowserFingerprint), _userInfo.BrowserFingerprint,
|
||||
TimeSpan.FromMinutes(_serviceVerifyConfigConfig.UserMFAVerifyMinutes), new[] { CacheKeys.UserMFATag(identityUserId) });
|
||||
Log.Logger.Warning($"MFA登录记录:{_userInfo.UserName} 浏览器标识: {_userInfo.BrowserFingerprint} 设置缓存分钟{_serviceVerifyConfigConfig.UserMFAVerifyMinutes}");
|
||||
}
|
||||
|
||||
|
|
@ -1176,7 +1183,7 @@ namespace IRaCIS.Core.Application.Service
|
|||
if (_verifyConfig.CurrentValue.OpenLoginMFA)
|
||||
{
|
||||
|
||||
|
||||
|
||||
if ((await _fusionCache.GetOrDefaultAsync(CacheKeys.UserMFAVerifyPass(identityUserId, _userInfo.BrowserFingerprint), "")) == _userInfo.BrowserFingerprint)
|
||||
{
|
||||
userLoginReturnModel.IsMFA = false;
|
||||
|
|
|
|||
Loading…
Reference in New Issue