MFA bug 修改

2025-11-07 09:19:52 +08:00 · 2025-11-07 09:19:52 +08:00 · a5f3430965
parent 5059d66aa1
commit a5f3430965
4 changed files with 15 additions and 14 deletions
--- a/IRaCIS.Core.API/appsettings.Test_IRC.json
+++ b/IRaCIS.Core.API/appsettings.Test_IRC.json
@ -117,7 +117,7 @@
    // 转换PDF服务配置
    "ThirdPdfUrl": "http://106.14.89.110:30088/api/v1/convert/file/pdf",
    //MFA免验证发送天数
-    "UserMFAVerifyDays": 1
+    "UserMFAVerifyMinutes": 1440
  },
  // 邮件服务配置（用于系统通知、找回密码、错误报警等）
  "SystemEmailSendConfig": {
--- a/IRaCIS.Core.Application/BusinessFilter/_Config/_AppSettings.cs
+++ b/IRaCIS.Core.Application/BusinessFilter/_Config/_AppSettings.cs
@ -38,7 +38,7 @@ public class ServiceVerifyConfigOption

    public string ThirdPdfUrl { get; set; }

-    public int UserMFAVerifyDays { get; set; } = 1;
+    public int UserMFAVerifyMinutes { get; set; } = 1440;

 }

--- a/IRaCIS.Core.Application/Helper/CacheHelper.cs
+++ b/IRaCIS.Core.Application/Helper/CacheHelper.cs
@ -61,8 +61,8 @@ public static class CacheKeys
    /// <returns></returns>
    public static string StartRestTime(Guid userId) => $"{userId}StartRestTime";

-
-    public static string UserMFAVerifyPass(Guid userId) => $"UserMFAVerifyPass:{userId}";
+    //每个用户 每个浏览器独立时间
+    public static string UserMFAVerifyPass(Guid userId,string browserFingerprint) => $"UserMFAVerifyPass:{userId}:{browserFingerprint}";

 }

--- a/IRaCIS.Core.Application/Service/Management/UserService.cs
+++ b/IRaCIS.Core.Application/Service/Management/UserService.cs
@ -861,7 +861,7 @@ namespace IRaCIS.Core.Application.Service

            if (isRemember)
            {
-                await _fusionCache.SetAsync(CacheKeys.UserMFAVerifyPass(identityUserId), _userInfo.BrowserFingerprint, TimeSpan.FromDays(_serviceVerifyConfigConfig.UserMFAVerifyDays));
+                await _fusionCache.SetAsync(CacheKeys.UserMFAVerifyPass(identityUserId, _userInfo.BrowserFingerprint), _userInfo.BrowserFingerprint, TimeSpan.FromMinutes(_serviceVerifyConfigConfig.UserMFAVerifyMinutes));

            }

@ -1176,7 +1176,7 @@ namespace IRaCIS.Core.Application.Service
            if (_verifyConfig.CurrentValue.OpenLoginMFA)
            {

-                if ((await _fusionCache.GetOrDefaultAsync(CacheKeys.UserMFAVerifyPass(identityUserId), "")) == _userInfo.BrowserFingerprint)
+                if ((await _fusionCache.GetOrDefaultAsync(CacheKeys.UserMFAVerifyPass(identityUserId, _userInfo.BrowserFingerprint), "")) == _userInfo.BrowserFingerprint)
                {
                    userLoginReturnModel.IsMFA = false;
                }
@ -1196,9 +1196,10 @@ namespace IRaCIS.Core.Application.Service
                //修改密码  || 90天修改密码再mfa 之前
                if (userLoginReturnModel.BasicInfo.IsFirstAdd || userLoginReturnModel.BasicInfo.NeedChangePassWord)
                {
+                    //移动到上面去了
                    //userLoginReturnModel.JWTStr = _tokenService.GetToken(userLoginReturnModel.BasicInfo);
                }
-                else
+                else if (userLoginReturnModel.IsMFA == true)
                {
                    //正常登录才发送邮件
                    await SendMFAEmail(new SendMfaCommand() { IdentityUserId = identityUserId, MFAType = UserMFAType.Login });