MFA 需求修改

2025-10-20 13:40:52 +08:00 · 2025-10-20 13:40:52 +08:00 · 9cda4360ca
parent 18b9c08101
commit 9cda4360ca
3 changed files with 30 additions and 4 deletions
--- a/IRaCIS.Core.Application/Service/Management/UserService.cs
+++ b/IRaCIS.Core.Application/Service/Management/UserService.cs
@ -825,9 +825,10 @@ namespace IRaCIS.Core.Application.Service
        /// 验证MFA 邮件
        /// </summary>
        /// <param name="Code"></param>
+        /// <param name="isRemember"></param>
        /// <returns></returns>
        /// <exception cref="BusinessValidationFailedException"></exception>
-        public async Task<IResponseOutput> VerifyMFACodeAsync(string Code)
+        public async Task<IResponseOutput> VerifyMFACodeAsync(string Code, bool isRemember)
        {
            var identityUserId = _userInfo.IdentityUserId;

@ -857,7 +858,12 @@ namespace IRaCIS.Core.Application.Service
                }
            }

-            await _fusionCache.SetAsync(CacheKeys.UserMFAVerifyPass(identityUserId), true, TimeSpan.FromDays(_serviceVerifyConfigConfig.UserMFAVerifyDays));
+            if (isRemember)
+            {
+                await _fusionCache.SetAsync(CacheKeys.UserMFAVerifyPass(identityUserId), _userInfo.BrowserFingerprint, TimeSpan.FromDays(_serviceVerifyConfigConfig.UserMFAVerifyDays));
+
+            }
+

            return ResponseOutput.Ok();
        }
@ -1122,7 +1128,7 @@ namespace IRaCIS.Core.Application.Service
            if (_verifyConfig.CurrentValue.OpenLoginMFA)
            {

-                if ((await _fusionCache.GetOrDefaultAsync(CacheKeys.UserMFAVerifyPass(identityUserId), false)) == true)
+                if ((await _fusionCache.GetOrDefaultAsync(CacheKeys.UserMFAVerifyPass(identityUserId), "")) == _userInfo.BrowserFingerprint)
                {
                    userLoginReturnModel.IsMFA = false;
                }
--- a/IRaCIS.Core.Infra.EFCore/AuthUser/IUserInfo.cs
+++ b/IRaCIS.Core.Infra.EFCore/AuthUser/IUserInfo.cs
@ -55,5 +55,7 @@
        /// 字符串形式  标识时区
        /// </summary>
        string TimeZoneId { get; }
+
+        string BrowserFingerprint { get; }
    }
 }
--- a/IRaCIS.Core.Infra.EFCore/AuthUser/UserInfo.cs
+++ b/IRaCIS.Core.Infra.EFCore/AuthUser/UserInfo.cs
@ -300,6 +300,24 @@ namespace IRaCIS.Core.Domain.Share
            }
        }

+        public string BrowserFingerprint
+        {
+            get
+            {
+                var browserFingerprint = _accessor?.HttpContext?.Request?.Headers["BrowserFingerprint"];
+
+                if (browserFingerprint is not null && !string.IsNullOrEmpty(browserFingerprint.Value))
+                {
+                    return browserFingerprint.Value;
+                }
+
+                //return "Etc/UTC";
+                return Guid.NewGuid().ToString();
+
+
+            }
+        }
+

        public Guid? SignId
        {