From c18334002cd07ea555354609565ba6f1d3e4bd82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=A9=99=E5=AD=90?= <454313500@qq.com> Date: Tue, 23 Jan 2024 23:35:38 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=90=AD=E5=BB=BA=E5=8F=8Ctoken=20fix:?= =?UTF-8?q?=20=E4=BF=AE=E5=A4=8D=E7=AD=BE=E5=88=B0=E8=AE=B0=E5=BD=95?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Services/Integral/IntegralService.cs | 50 ++++++++++--------- .../Options/JwtOptions.cs | 5 ++ .../Options/RefreshJwtOptions.cs | 15 ++++++ .../YiFrameworkRbacDomainSharedModule.cs | 2 +- .../Managers/AccountManager.cs | 23 +++++++-- Yi.Abp.Net8/src/Yi.Abp.Web/YiAbpWebModule.cs | 17 +++++-- Yi.Abp.Net8/src/Yi.Abp.Web/appsettings.json | 7 +++ 7 files changed, 87 insertions(+), 32 deletions(-) create mode 100644 Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/Options/RefreshJwtOptions.cs diff --git a/Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application/Services/Integral/IntegralService.cs b/Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application/Services/Integral/IntegralService.cs index a2172768..11bc594f 100644 --- a/Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application/Services/Integral/IntegralService.cs +++ b/Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application/Services/Integral/IntegralService.cs @@ -9,6 +9,7 @@ using Volo.Abp.Application.Services; using Volo.Abp.Users; using Yi.Framework.Bbs.Application.Contracts.Dtos.Integral; using Yi.Framework.Bbs.Domain.Managers; +using Yi.Framework.Rbac.Domain.Authorization; namespace Yi.Framework.Bbs.Application.Services.Integral { @@ -42,33 +43,34 @@ namespace Yi.Framework.Bbs.Application.Services.Integral [HttpGet("integral/sign-in/record")] public async Task GetSignInRecordAsync() { - var output = new SignInDto(); - DateTime lastMonth = DateTime.Now.AddMonths(-1); - DateTime lastDayOfMonth = new DateTime(lastMonth.Year, lastMonth.Month, 1).AddMonths(1).AddDays(-1); - DateTime startOfLastDay = new DateTime(lastDayOfMonth.Year, lastDayOfMonth.Month, lastDayOfMonth.Day, 0, 0, 0); + var output = new SignInDto(); + DateTime lastMonth = DateTime.Now.AddMonths(-1); + DateTime lastDayOfMonth = new DateTime(lastMonth.Year, lastMonth.Month, 1).AddMonths(1).AddDays(-1); + DateTime startOfLastDay = new DateTime(lastDayOfMonth.Year, lastDayOfMonth.Month, lastDayOfMonth.Day, 0, 0, 0); - //获取当前用户本月的数据+上个月最后一天的数据 - var entities = await _integralManager._signInRepository.GetListAsync(x => x.CreatorId == CurrentUser.Id - && x.CreationTime >= startOfLastDay); + //获取当前用户本月的数据+上个月最后一天的数据 + var entities = await _integralManager._signInRepository.GetListAsync(x => x.CreatorId == CurrentUser.Id + && x.CreationTime >= startOfLastDay); - if (entities is null) - { - //返回默认值 + if (entities.Count() == 0) + { + //返回默认值 + return output; + } + //拿到最末尾的数据 + var lastEntity = entities.OrderBy(x => x.CreationTime).LastOrDefault(); + + //判断当前时间和最后时间是否为连续的 + if (lastEntity.CreationTime.Day >= DateTime.Now.AddDays(-1).Day) + { + + output.CurrentContinuousNumber = lastEntity.ContinuousNumber; + } + + //去除上个月查询的数据 + output.SignInItem = entities.Where(x => x.CreationTime.Month == DateTime.Now.Month).Select(x => new SignInItemDto { Id = x.Id, CreationTime = x.CreationTime }).OrderBy(x => x.CreationTime).ToList(); return output; - } - //拿到最末尾的数据 - var lastEntity = entities.OrderBy(x => x.CreationTime).LastOrDefault(); - - //判断当前时间和最后时间是否为连续的 - if (lastEntity.CreationTime.Day >= DateTime.Now.AddDays(-1).Day) - { - - output.CurrentContinuousNumber = lastEntity.ContinuousNumber; - } - - //去除上个月查询的数据 - output.SignInItem = entities.Where(x=>x.CreationTime.Month==DateTime.Now.Month) .Select(x => new SignInItemDto { Id = x.Id, CreationTime = x.CreationTime }).OrderBy(x=>x.CreationTime).ToList(); - return output; + } } diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/Options/JwtOptions.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/Options/JwtOptions.cs index 62127743..d768eecf 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/Options/JwtOptions.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/Options/JwtOptions.cs @@ -12,6 +12,11 @@ namespace Yi.Framework.Rbac.Domain.Shared.Options public string Audience { get; set; } + + public string RefreshIssuer { get; set; } + + public string RefreshAudience { get; set; } + public string SecurityKey { get; set; } public long ExpiresMinuteTime { get; set; } diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/Options/RefreshJwtOptions.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/Options/RefreshJwtOptions.cs new file mode 100644 index 00000000..71f4291a --- /dev/null +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/Options/RefreshJwtOptions.cs @@ -0,0 +1,15 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace Yi.Framework.Rbac.Domain.Shared.Options +{ + /// + /// 刷新token + /// + public class RefreshJwtOptions: JwtOptions + { + } +} diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/YiFrameworkRbacDomainSharedModule.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/YiFrameworkRbacDomainSharedModule.cs index 73d5fe3a..38702b3f 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/YiFrameworkRbacDomainSharedModule.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/YiFrameworkRbacDomainSharedModule.cs @@ -16,7 +16,7 @@ namespace Yi.Framework.Rbac.Domain.Shared { var configuration = context.Services.GetConfiguration(); Configure(configuration.GetSection(nameof(JwtOptions))); - + Configure(configuration.GetSection(nameof(RefreshJwtOptions))); Configure(configuration.GetSection(nameof(RbacOptions))); } } diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/AccountManager.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/AccountManager.cs index 1905b9d9..55c1b965 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/AccountManager.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/AccountManager.cs @@ -3,14 +3,11 @@ using System.Security.Claims; using System.Text; using Mapster; using Microsoft.AspNetCore.Http; -using Microsoft.AspNetCore.Identity; using Microsoft.Extensions.Options; using Microsoft.IdentityModel.Tokens; using Newtonsoft.Json; -using TencentCloud.Tdmq.V20200217.Models; using Volo.Abp; using Volo.Abp.Domain.Entities; -using Volo.Abp.Domain.Repositories; using Volo.Abp.Domain.Services; using Volo.Abp.EventBus.Local; using Volo.Abp.Security.Claims; @@ -38,11 +35,13 @@ namespace Yi.Framework.Rbac.Domain.Managers private IHttpContextAccessor _httpContextAccessor; private UserManager _userManager; private ISqlSugarRepository _roleRepository; + private RefreshJwtOptions _refreshJwtOptions; public AccountManager(IUserRepository repository , IHttpContextAccessor httpContextAccessor , IOptions jwtOptions , ILocalEventBus localEventBus , UserManager userManager + ,IOptions refreshJwtOptions , ISqlSugarRepository roleRepository) { _repository = repository; @@ -51,6 +50,7 @@ namespace Yi.Framework.Rbac.Domain.Managers _localEventBus = localEventBus; _userManager = userManager; _roleRepository = roleRepository; + _refreshJwtOptions= refreshJwtOptions.Value; } /// @@ -86,6 +86,7 @@ namespace Yi.Framework.Rbac.Domain.Managers //将用户信息添加到缓存中,需要考虑的是更改了用户、角色、菜单等整个体系都需要将缓存进行刷新,看具体业务进行选择 var accessToken = CreateToken(this.UserInfoToClaim(userInfo)); + return accessToken; } @@ -111,7 +112,23 @@ namespace Yi.Framework.Rbac.Domain.Managers return returnToken; } + private string CreateRefreshToken() + { + var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_refreshJwtOptions.SecurityKey)); + var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); + var claims =new List { new Claim("Refresh", "true") } ; + var token = new JwtSecurityToken( + issuer: _refreshJwtOptions.Issuer, + audience: _refreshJwtOptions.Audience, + claims: claims, + expires: DateTime.Now.AddMinutes(_refreshJwtOptions.ExpiresMinuteTime), + notBefore: DateTime.Now, + signingCredentials: creds); + string returnToken = new JwtSecurityTokenHandler().WriteToken(token); + return returnToken; + + } /// /// 登录效验 /// diff --git a/Yi.Abp.Net8/src/Yi.Abp.Web/YiAbpWebModule.cs b/Yi.Abp.Net8/src/Yi.Abp.Web/YiAbpWebModule.cs index 6915dab4..f1330f7f 100644 --- a/Yi.Abp.Net8/src/Yi.Abp.Web/YiAbpWebModule.cs +++ b/Yi.Abp.Net8/src/Yi.Abp.Web/YiAbpWebModule.cs @@ -118,19 +118,17 @@ namespace Yi.Abp.Web //jwt鉴权 var jwtOptions = configuration.GetSection(nameof(JwtOptions)).Get(); + var refreshJwtOptions = configuration.GetSection(nameof(RefreshJwtOptions)).Get(); + context.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ClockSkew = TimeSpan.Zero, - ValidateIssuer = true, - ValidateAudience = true, - ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidIssuer = jwtOptions.Issuer, ValidAudience = jwtOptions.Audience, - RequireExpirationTime = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtOptions.SecurityKey)) }; options.Events = new JwtBearerEvents @@ -146,6 +144,17 @@ namespace Yi.Abp.Web } }; }) + .AddJwtBearer("Refresh", options => { + options.TokenValidationParameters = new TokenValidationParameters + { + ClockSkew = TimeSpan.Zero, + ValidateIssuerSigningKey = true, + ValidIssuer = refreshJwtOptions.Issuer, + ValidAudience = refreshJwtOptions.Audience, + IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(refreshJwtOptions.SecurityKey)) + }; + + }) .AddQQ(options => { configuration.GetSection("OAuth:QQ").Bind(options); diff --git a/Yi.Abp.Net8/src/Yi.Abp.Web/appsettings.json b/Yi.Abp.Net8/src/Yi.Abp.Web/appsettings.json index 5ee98247..226005bb 100644 --- a/Yi.Abp.Net8/src/Yi.Abp.Web/appsettings.json +++ b/Yi.Abp.Net8/src/Yi.Abp.Web/appsettings.json @@ -37,6 +37,13 @@ "SecurityKey": "zqxwcevrbtnymu312412ihe9rfwhe78rh23djoi32hrui3ryf9e8wfh34iuj54y0934uti4h97fgw7hf97wyh8yy69520", "ExpiresMinuteTime": 86400 }, + //刷新token + "RefreshJwtOptions": { + "Issuer": "https://yi.ccnetcore.com", + "Audience": "https://yi.ccnetcore.com", + "SecurityKey": "67ij4o6jo4i5j6io45j6i4j74p5k6i54ojoi5t9g8ergoj34ofgkrtbmreog894jbioemgropihj48rj4io5juopjgior", + "ExpiresMinuteTime": 172800 + }, //第三方登录 "OAuth": {