数据权限功能、用户信息缓存
This commit is contained in:
陈淳
@@ -35,7 +35,11 @@ namespace Yi.Framework.ApiMicroservice.Controllers
|
||||
private SecurityCodeHelper _securityCode;
|
||||
private IRepository<UserEntity> _repository;
|
||||
private CacheInvoker _cacheDb;
|
||||
public AccountController(ILogger<UserEntity> logger, IUserService iUserService, JwtInvoker jwtInvoker, SecurityCodeHelper securityCode, CacheInvoker cacheInvoker)
|
||||
public AccountController(ILogger<UserEntity> logger,
|
||||
IUserService iUserService,
|
||||
JwtInvoker jwtInvoker,
|
||||
SecurityCodeHelper securityCode,
|
||||
CacheInvoker cacheInvoker)
|
||||
{
|
||||
_iUserService = iUserService;
|
||||
_jwtInvoker = jwtInvoker;
|
||||
@@ -87,15 +91,38 @@ namespace Yi.Framework.ApiMicroservice.Controllers
|
||||
|
||||
|
||||
var loginInfo = HttpContext.GetLoginLogInfo();
|
||||
|
||||
loginInfo.LoginUser = loginDto.UserName;
|
||||
loginInfo.LogMsg = "登录成功!";
|
||||
|
||||
|
||||
var loginLogRepository = _repository.ChangeRepository<Repository<LoginLogEntity>>();
|
||||
UserEntity user = new();
|
||||
|
||||
//这里其实可以返回Dto
|
||||
if (await _iUserService.Login(loginDto.UserName, loginDto.Password, o => user = o))
|
||||
{
|
||||
//根据用户id获取改用户的完整信息
|
||||
var userRoleMenu = await _iUserService.GetUserAllInfo(user.Id);
|
||||
|
||||
//如果该用户没有任何一个菜单,或者没有任何一个角色,无意义的登录
|
||||
if (userRoleMenu.PermissionCodes.Count == 0)
|
||||
{
|
||||
return Result.Error("登录禁用!该用户分配无任何权限,无意义登录!");
|
||||
}
|
||||
|
||||
|
||||
//将该用户的完整信息缓存一份至缓存,后续需要完整用户信息,只需通过token中的id从缓存中获取即可
|
||||
|
||||
//先制作token
|
||||
var token = _jwtInvoker.GetAccessToken(userRoleMenu.User, userRoleMenu.Menus);
|
||||
|
||||
//需要注意,缓存用户信息时间应大于或等于token过期时间
|
||||
_cacheDb.Set($"Yi:UserInfo:{user.Id}", userRoleMenu, _jwtInvoker.GetTokenExpiration());
|
||||
|
||||
|
||||
await loginLogRepository.InsertReturnSnowflakeIdAsync(loginInfo);
|
||||
return Result.Success(loginInfo.LogMsg).SetData(new { token = _jwtInvoker.GetAccessToken(userRoleMenu.User, userRoleMenu.Menus) });
|
||||
return Result.Success(loginInfo.LogMsg).SetData(new { token });
|
||||
}
|
||||
loginInfo.LogMsg = "登录失败!用户名或者密码错误!";
|
||||
await loginLogRepository.InsertReturnSnowflakeIdAsync(loginInfo);
|
||||
@@ -137,11 +164,13 @@ namespace Yi.Framework.ApiMicroservice.Controllers
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
[HttpGet]
|
||||
public async Task<Result> GetUserAllInfo()
|
||||
public Result GetUserAllInfo()
|
||||
{
|
||||
//通过鉴权jwt获取到用户的id
|
||||
var userId = HttpContext.GetUserIdInfo();
|
||||
var data = await _iUserService.GetUserAllInfo(userId);
|
||||
//此处从缓存中获取即可
|
||||
var data = _cacheDb.Get<UserRoleMenuDto>($"Yi:UserInfo:{userId}");
|
||||
//var data = await _iUserService.GetUserAllInfo(userId);
|
||||
//系统用户数据被重置,老前端访问重新授权
|
||||
if (data is null)
|
||||
{
|
||||
|
||||
@@ -60,10 +60,9 @@ builder.Host.ConfigureLogging(loggingBuilder =>
|
||||
#endregion
|
||||
builder.Services.AddIocService(builder.Configuration);
|
||||
#region
|
||||
//Sqlsugar<61><72><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ע<EFBFBD><D7A2>,<2C>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ȩ<EFBFBD><EFBFBD><DEB9>ܣ<EFBFBD><DCA3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ҪRedis<EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
||||
//Sqlsugar<61><72><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ע<EFBFBD><D7A2>,<2C>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ȩ<EFBFBD><EFBFBD><DEB9>ܣ<EFBFBD><DCA3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
||||
#endregion
|
||||
builder.Services.AddSqlsugarServer();
|
||||
//builder.Services.AddSqlsugarServer(DbFiterExtend.Data);
|
||||
builder.Services.AddSqlsugarServer(DbFiterExtend.Data);
|
||||
#region
|
||||
//Quartz<74><7A><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
||||
#endregion
|
||||
|
||||
Binary file not shown.
@@ -27,6 +27,11 @@ namespace Yi.Framework.Core
|
||||
return this.GetToken(_JWTTokenOptions.ReExpiration, user, null, true);
|
||||
}
|
||||
|
||||
public TimeSpan GetTokenExpiration()
|
||||
{
|
||||
return new TimeSpan(0, _JWTTokenOptions.Expiration, 0);
|
||||
}
|
||||
|
||||
public string GetAccessToken(UserEntity user, HashSet<MenuEntity> menus)
|
||||
{
|
||||
return this.GetToken(_JWTTokenOptions.Expiration, user, menus);
|
||||
|
||||
@@ -21,7 +21,7 @@ namespace Yi.Framework.Core
|
||||
}
|
||||
|
||||
//无需授权情况
|
||||
var userName = httpContext?.GetUserNameInfo();
|
||||
var userName = httpContext?.GetUserIdInfo();
|
||||
if (userName is null)
|
||||
{
|
||||
return;
|
||||
@@ -33,9 +33,10 @@ namespace Yi.Framework.Core
|
||||
return;
|
||||
}
|
||||
|
||||
//这里可以优化一下
|
||||
var userId = httpContext?.GetUserIdInfo();
|
||||
|
||||
//根据缓存获取全部用户信息
|
||||
var userRoleMenu = ServiceLocator.Instance?.GetService<CacheInvoker>()?.Get<UserRoleMenuDto>("用户id");
|
||||
var userRoleMenu = ServiceLocator.Instance?.GetService<CacheInvoker>()?.Get<UserRoleMenuDto>($"Yi:UserInfo:{userId}");
|
||||
|
||||
|
||||
var roles = userRoleMenu?.Roles;
|
||||
@@ -43,9 +44,8 @@ namespace Yi.Framework.Core
|
||||
{
|
||||
roles = new();
|
||||
}
|
||||
//先测试部门就是LEBG
|
||||
|
||||
long deptId = userRoleMenu?.User.DeptId ?? -1;
|
||||
long userId = httpContext?.GetUserIdInfo()??-1;
|
||||
//根据角色的数据范围,来添加相对于的数据权限
|
||||
if (roles is not null)
|
||||
{
|
||||
|
||||
@@ -143,8 +143,8 @@
|
||||
</el-row>
|
||||
<el-row>
|
||||
<el-col :span="12">
|
||||
<el-form-item v-if="form.id == undefined" label="用户名称" prop="userName">
|
||||
<el-input v-model="form.user.userName" placeholder="请输入用户名称" maxlength="30" />
|
||||
<el-form-item v-if="form.id == undefined" label="用户账号" prop="userName">
|
||||
<el-input v-model="form.user.userName" placeholder="请输入用户账号" maxlength="30" />
|
||||
</el-form-item>
|
||||
</el-col>
|
||||
<el-col :span="12">
|
||||
|
||||
Reference in New Issue
Block a user