diff --git a/IRaCIS.Core.Application/Helper/CacheHelper.cs b/IRaCIS.Core.Application/Helper/CacheHelper.cs
index c1cf93748..50deb6ccf 100644
--- a/IRaCIS.Core.Application/Helper/CacheHelper.cs
+++ b/IRaCIS.Core.Application/Helper/CacheHelper.cs
@@ -27,6 +27,13 @@ public static class CacheKeys
//超时没请求接口自动退出
public static string UserAutoLoginOut(Guid userId) => $"UserAutoLoginOut:{userId}";
+ ///
+ /// 用户登录错误 限制登录
+ ///
+ ///
+ ///
+ public static string UserLoginError(string userName) => $"login-failures:{userName}";
+
///
/// 跳过阅片
///
diff --git a/IRaCIS.Core.Application/IRaCIS.Core.Application.xml b/IRaCIS.Core.Application/IRaCIS.Core.Application.xml
index 529e7bc01..2bf6f8f07 100644
--- a/IRaCIS.Core.Application/IRaCIS.Core.Application.xml
+++ b/IRaCIS.Core.Application/IRaCIS.Core.Application.xml
@@ -13033,6 +13033,13 @@
主要为了 处理项目结束 锁库,不允许操作
+
+
+ 用户登录错误 限制登录
+
+
+
+
跳过阅片
diff --git a/IRaCIS.Core.Application/Service/Management/UserService.cs b/IRaCIS.Core.Application/Service/Management/UserService.cs
index f7348fcb9..69e251c4a 100644
--- a/IRaCIS.Core.Application/Service/Management/UserService.cs
+++ b/IRaCIS.Core.Application/Service/Management/UserService.cs
@@ -287,6 +287,10 @@ namespace IRaCIS.Core.Application.Service
IsFirstAdd = true
});
+ var userName = _userRepository.Where(t => t.Id == userId).Select(t => t.UserName).FirstOrDefault();
+
+ await _fusionCache.RemoveAsync(CacheKeys.UserLoginError(userName));
+
await _userLogRepository.AddAsync(new UserLog() { IP = _userInfo.IP, LoginUserId = _userInfo.Id, OptUserId = userId, OptType = UserOptType.ResetPassword }, true);
return ResponseOutput.Ok();
@@ -692,12 +696,11 @@ namespace IRaCIS.Core.Application.Service
public async Task> Login(string userName, string password)
{
- const string cachePrefix = "login-failures:";
int maxFailures = _verifyConfig.CurrentValue.LoginMaxFailCount;
int lockoutMinutes = _verifyConfig.CurrentValue.LoginFailLockMinutes;
// 生成缓存键
- string cacheKey = $"{cachePrefix}{userName}";
+ string cacheKey = CacheKeys.UserLoginError(userName);
// 从缓存中获取登录失败次数
int? failCount = await _fusionCache.GetOrDefaultAsync(cacheKey);
diff --git a/IRaCIS.Core.Application/Service/MinimalApiService/OAuthService.cs b/IRaCIS.Core.Application/Service/MinimalApiService/OAuthService.cs
index c1f9c05e1..64474a760 100644
--- a/IRaCIS.Core.Application/Service/MinimalApiService/OAuthService.cs
+++ b/IRaCIS.Core.Application/Service/MinimalApiService/OAuthService.cs
@@ -65,6 +65,13 @@ namespace IRaCIS.Core.Application.Service
[RoutePattern(HttpMethod = "Get")]
public async Task TestPKCECallBackAsync(string code)
{
+ var httpClient = new HttpClient();
+ var disco = await httpClient.GetDiscoveryDocumentAsync("https://logto.test.extimaging.com/oidc");
+ if (disco.IsError)
+ {
+ Console.WriteLine(disco.Error);
+ }
+
string codeVerifier = "QMSBBxTQrpKPscvNNfmaQfmyk5Wd33GZS1FKSo3Shv8w-59vW1iTSlgAznYojkYv2DgR4XhTqySsBnDPq0";
// OIDC 配置,替换为您的 OIDC 提供者的配置
string tokenEndpoint = "https://logto.test.extimaging.com/oidc/token"; // 替换为实际 token 端点
@@ -101,6 +108,14 @@ namespace IRaCIS.Core.Application.Service
var userResponse = await client.ExecuteAsync(userInfoRequest);
Console.WriteLine(userResponse.Content);
+
+ //结束回话
+
+ var endUrl = new RequestUrl(disco.EndSessionEndpoint).CreateEndSessionUrl(tokenResponse.IdToken, "http://localhost:6100/OAuth/TestPCKEOrgin");
+
+ var _endHttpClient = new HttpClient();
+
+ var dd = await _endHttpClient.GetAsync(endUrl);
}
return ResponseOutput.Ok();
@@ -175,7 +190,7 @@ namespace IRaCIS.Core.Application.Service
// 发出 token 请求
var response = await _httpClient.PostAsync(disco.TokenEndpoint, content);
-
+
if (response.IsSuccessStatusCode)
{
var responseBody = await response.Content.ReadAsStringAsync();
@@ -188,10 +203,18 @@ namespace IRaCIS.Core.Application.Service
Console.WriteLine(formattedJson);
- var tokenResponse=JsonConvert.DeserializeObject(responseBody);
+ var tokenResponse = JsonConvert.DeserializeObject(responseBody);
Console.WriteLine(tokenResponse);
+ //结束回话
+
+ var endUrl = new RequestUrl(disco.EndSessionEndpoint).CreateEndSessionUrl(tokenResponse.IdToken, "http://localhost:6100/OAuth/TestPCKEOrgin");
+
+ var _endHttpClient = new HttpClient();
+
+ var dd = await _endHttpClient.GetAsync(endUrl);
+
}
else
{
@@ -310,6 +333,7 @@ namespace IRaCIS.Core.Application.Service
string clientId = "tl42rjin7obxtwqqgvkti";
string clientSecret = "Pu9ig4rz44aLlxb0yKUaOiZaFk6Bcu51";
string redirectUri = "http://localhost:6100/OAuth/TestOidcClientCallBack"; // 替换为前端的回调 URL
+ string postLogoutRedirectUri = "http://localhost:6100/OAuth/TestPCKEOrgin"; //退出回话重定向到前端的url
// 准备请求内容
var tokenRequest = new AuthorizationCodeTokenRequest
{
@@ -368,6 +392,8 @@ namespace IRaCIS.Core.Application.Service
Console.WriteLine("RefreshToken:" + refreshResponse.RefreshToken);
}
+
+
}
}