数据权限功能、用户信息缓存
This commit is contained in:
陈淳
@@ -35,7 +35,11 @@ namespace Yi.Framework.ApiMicroservice.Controllers
|
|||||||
private SecurityCodeHelper _securityCode;
|
private SecurityCodeHelper _securityCode;
|
||||||
private IRepository<UserEntity> _repository;
|
private IRepository<UserEntity> _repository;
|
||||||
private CacheInvoker _cacheDb;
|
private CacheInvoker _cacheDb;
|
||||||
public AccountController(ILogger<UserEntity> logger, IUserService iUserService, JwtInvoker jwtInvoker, SecurityCodeHelper securityCode, CacheInvoker cacheInvoker)
|
public AccountController(ILogger<UserEntity> logger,
|
||||||
|
IUserService iUserService,
|
||||||
|
JwtInvoker jwtInvoker,
|
||||||
|
SecurityCodeHelper securityCode,
|
||||||
|
CacheInvoker cacheInvoker)
|
||||||
{
|
{
|
||||||
_iUserService = iUserService;
|
_iUserService = iUserService;
|
||||||
_jwtInvoker = jwtInvoker;
|
_jwtInvoker = jwtInvoker;
|
||||||
@@ -87,15 +91,38 @@ namespace Yi.Framework.ApiMicroservice.Controllers
|
|||||||
|
|
||||||
|
|
||||||
var loginInfo = HttpContext.GetLoginLogInfo();
|
var loginInfo = HttpContext.GetLoginLogInfo();
|
||||||
|
|
||||||
loginInfo.LoginUser = loginDto.UserName;
|
loginInfo.LoginUser = loginDto.UserName;
|
||||||
loginInfo.LogMsg = "登录成功!";
|
loginInfo.LogMsg = "登录成功!";
|
||||||
|
|
||||||
|
|
||||||
var loginLogRepository = _repository.ChangeRepository<Repository<LoginLogEntity>>();
|
var loginLogRepository = _repository.ChangeRepository<Repository<LoginLogEntity>>();
|
||||||
UserEntity user = new();
|
UserEntity user = new();
|
||||||
|
|
||||||
|
//这里其实可以返回Dto
|
||||||
if (await _iUserService.Login(loginDto.UserName, loginDto.Password, o => user = o))
|
if (await _iUserService.Login(loginDto.UserName, loginDto.Password, o => user = o))
|
||||||
{
|
{
|
||||||
|
//根据用户id获取改用户的完整信息
|
||||||
var userRoleMenu = await _iUserService.GetUserAllInfo(user.Id);
|
var userRoleMenu = await _iUserService.GetUserAllInfo(user.Id);
|
||||||
|
|
||||||
|
//如果该用户没有任何一个菜单,或者没有任何一个角色,无意义的登录
|
||||||
|
if (userRoleMenu.PermissionCodes.Count == 0)
|
||||||
|
{
|
||||||
|
return Result.Error("登录禁用!该用户分配无任何权限,无意义登录!");
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//将该用户的完整信息缓存一份至缓存,后续需要完整用户信息,只需通过token中的id从缓存中获取即可
|
||||||
|
|
||||||
|
//先制作token
|
||||||
|
var token = _jwtInvoker.GetAccessToken(userRoleMenu.User, userRoleMenu.Menus);
|
||||||
|
|
||||||
|
//需要注意,缓存用户信息时间应大于或等于token过期时间
|
||||||
|
_cacheDb.Set($"Yi:UserInfo:{user.Id}", userRoleMenu, _jwtInvoker.GetTokenExpiration());
|
||||||
|
|
||||||
|
|
||||||
await loginLogRepository.InsertReturnSnowflakeIdAsync(loginInfo);
|
await loginLogRepository.InsertReturnSnowflakeIdAsync(loginInfo);
|
||||||
return Result.Success(loginInfo.LogMsg).SetData(new { token = _jwtInvoker.GetAccessToken(userRoleMenu.User, userRoleMenu.Menus) });
|
return Result.Success(loginInfo.LogMsg).SetData(new { token });
|
||||||
}
|
}
|
||||||
loginInfo.LogMsg = "登录失败!用户名或者密码错误!";
|
loginInfo.LogMsg = "登录失败!用户名或者密码错误!";
|
||||||
await loginLogRepository.InsertReturnSnowflakeIdAsync(loginInfo);
|
await loginLogRepository.InsertReturnSnowflakeIdAsync(loginInfo);
|
||||||
@@ -137,11 +164,13 @@ namespace Yi.Framework.ApiMicroservice.Controllers
|
|||||||
/// </summary>
|
/// </summary>
|
||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
[HttpGet]
|
[HttpGet]
|
||||||
public async Task<Result> GetUserAllInfo()
|
public Result GetUserAllInfo()
|
||||||
{
|
{
|
||||||
//通过鉴权jwt获取到用户的id
|
//通过鉴权jwt获取到用户的id
|
||||||
var userId = HttpContext.GetUserIdInfo();
|
var userId = HttpContext.GetUserIdInfo();
|
||||||
var data = await _iUserService.GetUserAllInfo(userId);
|
//此处从缓存中获取即可
|
||||||
|
var data = _cacheDb.Get<UserRoleMenuDto>($"Yi:UserInfo:{userId}");
|
||||||
|
//var data = await _iUserService.GetUserAllInfo(userId);
|
||||||
//系统用户数据被重置,老前端访问重新授权
|
//系统用户数据被重置,老前端访问重新授权
|
||||||
if (data is null)
|
if (data is null)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -60,10 +60,9 @@ builder.Host.ConfigureLogging(loggingBuilder =>
|
|||||||
#endregion
|
#endregion
|
||||||
builder.Services.AddIocService(builder.Configuration);
|
builder.Services.AddIocService(builder.Configuration);
|
||||||
#region
|
#region
|
||||||
//Sqlsugar<61><72><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ע<EFBFBD><D7A2>,<2C>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ȩ<EFBFBD><EFBFBD><DEB9>ܣ<EFBFBD><DCA3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ҪRedis<EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
//Sqlsugar<61><72><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ע<EFBFBD><D7A2>,<2C>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ȩ<EFBFBD><EFBFBD><DEB9>ܣ<EFBFBD><DCA3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
||||||
#endregion
|
#endregion
|
||||||
builder.Services.AddSqlsugarServer();
|
builder.Services.AddSqlsugarServer(DbFiterExtend.Data);
|
||||||
//builder.Services.AddSqlsugarServer(DbFiterExtend.Data);
|
|
||||||
#region
|
#region
|
||||||
//Quartz<74><7A><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
//Quartz<74><7A><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
||||||
#endregion
|
#endregion
|
||||||
|
|||||||
Binary file not shown.
@@ -27,6 +27,11 @@ namespace Yi.Framework.Core
|
|||||||
return this.GetToken(_JWTTokenOptions.ReExpiration, user, null, true);
|
return this.GetToken(_JWTTokenOptions.ReExpiration, user, null, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public TimeSpan GetTokenExpiration()
|
||||||
|
{
|
||||||
|
return new TimeSpan(0, _JWTTokenOptions.Expiration, 0);
|
||||||
|
}
|
||||||
|
|
||||||
public string GetAccessToken(UserEntity user, HashSet<MenuEntity> menus)
|
public string GetAccessToken(UserEntity user, HashSet<MenuEntity> menus)
|
||||||
{
|
{
|
||||||
return this.GetToken(_JWTTokenOptions.Expiration, user, menus);
|
return this.GetToken(_JWTTokenOptions.Expiration, user, menus);
|
||||||
|
|||||||
@@ -21,7 +21,7 @@ namespace Yi.Framework.Core
|
|||||||
}
|
}
|
||||||
|
|
||||||
//无需授权情况
|
//无需授权情况
|
||||||
var userName = httpContext?.GetUserNameInfo();
|
var userName = httpContext?.GetUserIdInfo();
|
||||||
if (userName is null)
|
if (userName is null)
|
||||||
{
|
{
|
||||||
return;
|
return;
|
||||||
@@ -33,9 +33,10 @@ namespace Yi.Framework.Core
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
//这里可以优化一下
|
var userId = httpContext?.GetUserIdInfo();
|
||||||
|
|
||||||
//根据缓存获取全部用户信息
|
//根据缓存获取全部用户信息
|
||||||
var userRoleMenu = ServiceLocator.Instance?.GetService<CacheInvoker>()?.Get<UserRoleMenuDto>("用户id");
|
var userRoleMenu = ServiceLocator.Instance?.GetService<CacheInvoker>()?.Get<UserRoleMenuDto>($"Yi:UserInfo:{userId}");
|
||||||
|
|
||||||
|
|
||||||
var roles = userRoleMenu?.Roles;
|
var roles = userRoleMenu?.Roles;
|
||||||
@@ -43,9 +44,8 @@ namespace Yi.Framework.Core
|
|||||||
{
|
{
|
||||||
roles = new();
|
roles = new();
|
||||||
}
|
}
|
||||||
//先测试部门就是LEBG
|
|
||||||
long deptId = userRoleMenu?.User.DeptId ?? -1;
|
long deptId = userRoleMenu?.User.DeptId ?? -1;
|
||||||
long userId = httpContext?.GetUserIdInfo()??-1;
|
|
||||||
//根据角色的数据范围,来添加相对于的数据权限
|
//根据角色的数据范围,来添加相对于的数据权限
|
||||||
if (roles is not null)
|
if (roles is not null)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -143,8 +143,8 @@
|
|||||||
</el-row>
|
</el-row>
|
||||||
<el-row>
|
<el-row>
|
||||||
<el-col :span="12">
|
<el-col :span="12">
|
||||||
<el-form-item v-if="form.id == undefined" label="用户名称" prop="userName">
|
<el-form-item v-if="form.id == undefined" label="用户账号" prop="userName">
|
||||||
<el-input v-model="form.user.userName" placeholder="请输入用户名称" maxlength="30" />
|
<el-input v-model="form.user.userName" placeholder="请输入用户账号" maxlength="30" />
|
||||||
</el-form-item>
|
</el-form-item>
|
||||||
</el-col>
|
</el-col>
|
||||||
<el-col :span="12">
|
<el-col :span="12">
|
||||||
|
|||||||
Reference in New Issue
Block a user