XCKJ
/
irc-netcore-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MFA bug 修改
continuous-integration/drone/push Build is passing Details

Test_IRC_Net8
hang 2025-11-07 09:19:52 +08:00
parent 5059d66aa1
commit a5f3430965
4 changed files with 15 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
IRaCIS.Core.API/appsettings.Test_IRC.json
View File

@ -117,7 +117,7 @@
// PDF
"ThirdPdfUrl": "http://106.14.89.110:30088/api/v1/convert/file/pdf",
//MFA
"UserMFAVerifyDays": 1
"UserMFAVerifyMinutes": 1440
},
//
"SystemEmailSendConfig": {

2
IRaCIS.Core.Application/BusinessFilter/_Config/_AppSettings.cs
View File

@ -38,7 +38,7 @@ public class ServiceVerifyConfigOption
public string ThirdPdfUrl { get; set; }
public int UserMFAVerifyDays { get; set; } = 1;
public int UserMFAVerifyMinutes { get; set; } = 1440;
}

4
IRaCIS.Core.Application/Helper/CacheHelper.cs
View File

@ -61,8 +61,8 @@ public static class CacheKeys
/// <returns></returns>
public static string StartRestTime(Guid userId) => $"{userId}StartRestTime";
public static string UserMFAVerifyPass(Guid userId) => $"UserMFAVerifyPass:{userId}";
//每个用户 每个浏览器独立时间
public static string UserMFAVerifyPass(Guid userId,string browserFingerprint) => $"UserMFAVerifyPass:{userId}:{browserFingerprint}";
}

21
IRaCIS.Core.Application/Service/Management/UserService.cs
View File

@ -861,7 +861,7 @@ namespace IRaCIS.Core.Application.Service
if (isRemember)
{
await _fusionCache.SetAsync(CacheKeys.UserMFAVerifyPass(identityUserId), _userInfo.BrowserFingerprint, TimeSpan.FromDays(_serviceVerifyConfigConfig.UserMFAVerifyDays));
await _fusionCache.SetAsync(CacheKeys.UserMFAVerifyPass(identityUserId, _userInfo.BrowserFingerprint), _userInfo.BrowserFingerprint, TimeSpan.FromMinutes(_serviceVerifyConfigConfig.UserMFAVerifyMinutes));
}
@ -1107,9 +1107,9 @@ namespace IRaCIS.Core.Application.Service
var userAgreementList = await _userAgreementRepository.Where(t => t.IsCurrentVersion).OrderByDescending(t => t.CreateTime).ToListAsync();
var userAgreement= userAgreementList.FirstOrDefault(t => t.UserAgreementTypeEnum == UserAgreementType.UserAgreement);
var userAgreement = userAgreementList.FirstOrDefault(t => t.UserAgreementTypeEnum == UserAgreementType.UserAgreement);
if (userAgreement!=null&& loginUser.UserAgreementId!= userAgreement.Id)
if (userAgreement != null && loginUser.UserAgreementId != userAgreement.Id)
{
await _identityUserRepository.BatchUpdateNoTrackingAsync(x => x.Id == loginUser.IdentityUserId, x => new IdentityUser()
{
@ -1119,13 +1119,13 @@ namespace IRaCIS.Core.Application.Service
var obj = new
{
UserAgreementTypeEnum = UserAgreementType.UserAgreement,
FileVersion=userAgreement.FileVersion,
UserAgreementId=userAgreement.Id,
IsEn_Us= _userInfo.IsEn_Us,
FileVersion = userAgreement.FileVersion,
UserAgreementId = userAgreement.Id,
IsEn_Us = _userInfo.IsEn_Us,
};
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, ActionIdentityUserId = loginUser.IdentityUserId, ActionUserName = loginUser.UserName, OptType = UserOptType.AcceptUserAgreement, JsonObj= obj.ToJsonStr() }, true);
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, ActionIdentityUserId = loginUser.IdentityUserId, ActionUserName = loginUser.UserName, OptType = UserOptType.AcceptUserAgreement, JsonObj = obj.ToJsonStr() }, true);
}
@ -1176,7 +1176,7 @@ namespace IRaCIS.Core.Application.Service
if (_verifyConfig.CurrentValue.OpenLoginMFA)
{
if ((await _fusionCache.GetOrDefaultAsync(CacheKeys.UserMFAVerifyPass(identityUserId), "")) == _userInfo.BrowserFingerprint)
if ((await _fusionCache.GetOrDefaultAsync(CacheKeys.UserMFAVerifyPass(identityUserId, _userInfo.BrowserFingerprint), "")) == _userInfo.BrowserFingerprint)
{
userLoginReturnModel.IsMFA = false;
}
@ -1196,9 +1196,10 @@ namespace IRaCIS.Core.Application.Service
//修改密码 || 90天修改密码再mfa 之前
if (userLoginReturnModel.BasicInfo.IsFirstAdd || userLoginReturnModel.BasicInfo.NeedChangePassWord)
{
//移动到上面去了
//userLoginReturnModel.JWTStr = _tokenService.GetToken(userLoginReturnModel.BasicInfo);
}
else
else if (userLoginReturnModel.IsMFA == true)
{
//正常登录才发送邮件
await SendMFAEmail(new SendMfaCommand() { IdentityUserId = identityUserId, MFAType = UserMFAType.Login });