XCKJ
/
irc-netcore-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MFA 需求修改
continuous-integration/drone/push Build is failing Details

Test_IRC_Net8
hang 2025-10-20 13:40:52 +08:00
parent 18b9c08101
commit 9cda4360ca
3 changed files with 30 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
IRaCIS.Core.Application/Service/Management/UserService.cs
View File

@ -825,9 +825,10 @@ namespace IRaCIS.Core.Application.Service
/// 验证MFA 邮件 /// 验证MFA 邮件
/// </summary> /// </summary>
/// <param name="Code"></param> /// <param name="Code"></param>
/// <param name="isRemember"></param>
/// <returns></returns> /// <returns></returns>
/// <exception cref="BusinessValidationFailedException"></exception> /// <exception cref="BusinessValidationFailedException"></exception>
public async Task<IResponseOutput> VerifyMFACodeAsync(string Code) public async Task<IResponseOutput> VerifyMFACodeAsync(string Code, bool isRemember)
{ {
var identityUserId = _userInfo.IdentityUserId; var identityUserId = _userInfo.IdentityUserId;
@ -857,7 +858,12 @@ namespace IRaCIS.Core.Application.Service
} }
} }
await _fusionCache.SetAsync(CacheKeys.UserMFAVerifyPass(identityUserId), true, TimeSpan.FromDays(_serviceVerifyConfigConfig.UserMFAVerifyDays)); if (isRemember)
{
await _fusionCache.SetAsync(CacheKeys.UserMFAVerifyPass(identityUserId), _userInfo.BrowserFingerprint, TimeSpan.FromDays(_serviceVerifyConfigConfig.UserMFAVerifyDays));
}
return ResponseOutput.Ok(); return ResponseOutput.Ok();
} }
@ -1044,7 +1050,7 @@ namespace IRaCIS.Core.Application.Service
var lastLoginIPRegion = await _userLogRepository.Where(t => t.ActionUserName == actionUserName && userOptTypes.Contains(t.OptType)) var lastLoginIPRegion = await _userLogRepository.Where(t => t.ActionUserName == actionUserName && userOptTypes.Contains(t.OptType))
.OrderByDescending(t => t.CreateTime).Select(t => t.IPRegion).FirstOrDefaultAsync(); .OrderByDescending(t => t.CreateTime).Select(t => t.IPRegion).FirstOrDefaultAsync();
if (lastLoginIPRegion!=null&&lastLoginIPRegion != string.Empty) if (lastLoginIPRegion != null && lastLoginIPRegion != string.Empty)
{ {
// 与上一次区域不一致 // 与上一次区域不一致
//if (SplitAndConcatenate(existUserLoginInfo.LastLoginIP) != SplitAndConcatenate(iPRegion)) //if (SplitAndConcatenate(existUserLoginInfo.LastLoginIP) != SplitAndConcatenate(iPRegion))
@ -1122,7 +1128,7 @@ namespace IRaCIS.Core.Application.Service
if (_verifyConfig.CurrentValue.OpenLoginMFA) if (_verifyConfig.CurrentValue.OpenLoginMFA)
{ {
if ((await _fusionCache.GetOrDefaultAsync(CacheKeys.UserMFAVerifyPass(identityUserId), false)) == true) if ((await _fusionCache.GetOrDefaultAsync(CacheKeys.UserMFAVerifyPass(identityUserId), "")) == _userInfo.BrowserFingerprint)
{ {
userLoginReturnModel.IsMFA = false; userLoginReturnModel.IsMFA = false;
} }

2
IRaCIS.Core.Infra.EFCore/AuthUser/IUserInfo.cs
View File

@ -55,5 +55,7 @@
/// 字符串形式 标识时区 /// 字符串形式 标识时区
/// </summary> /// </summary>
string TimeZoneId { get; } string TimeZoneId { get; }
string BrowserFingerprint { get; }
} }
} }

18
IRaCIS.Core.Infra.EFCore/AuthUser/UserInfo.cs
View File

@ -300,6 +300,24 @@ namespace IRaCIS.Core.Domain.Share
} }
} }
public string BrowserFingerprint
{
get
{
var browserFingerprint = _accessor?.HttpContext?.Request?.Headers["BrowserFingerprint"];
if (browserFingerprint is not null && !string.IsNullOrEmpty(browserFingerprint.Value))
{
return browserFingerprint.Value;
}
//return "Etc/UTC";
return Guid.NewGuid().ToString();
}
}
public Guid? SignId public Guid? SignId
{ {