a、Core层 Authorization.Users.UserStore.cs
public class UserStore : AbpUserStore<Role, User> { private readonly IRepository<User, long> _userRepository; public UserStore( IUnitOfWorkManager unitOfWorkManager, IRepository<User, long> userRepository, IRepository<Role> roleRepository, IAsyncQueryableExecuter asyncQueryableExecuter, IRepository<UserRole, long> userRoleRepository, IRepository<UserLogin, long> userLoginRepository, IRepository<UserClaim, long> userClaimRepository, IRepository<UserPermissionSetting, long> userPermissionSettingRepository, IRepository<UserOrganizationUnit, long> userOrganizationUnitRepository, IRepository<OrganizationUnitRole, long> organizationUnitRoleRepository) : base( unitOfWorkManager, userRepository, roleRepository, asyncQueryableExecuter, userRoleRepository, userLoginRepository, userClaimRepository, userPermissionSettingRepository, userOrganizationUnitRepository, organizationUnitRoleRepository) { _userRepository = userRepository; } /// <summary> /// 根据账号获取用户 /// </summary> /// <param name="account"></param> /// <returns></returns> public virtual async Task<User> FindByAccountAsync(string account) { account = account.ToLower(); return await _userRepository.FirstOrDefaultAsync( user => user.UserName.ToLower() == account ); } }
b、Core层 Authorization.LogInManager.cs
public class LogInManager : AbpLogInManager<Tenant, Role, User> { private readonly UserStore _userStore; private readonly AbpUserManager<Role, User> _userManager; public LogInManager( UserManager userManager, IMultiTenancyConfig multiTenancyConfig, IRepository<Tenant> tenantRepository, IUnitOfWorkManager unitOfWorkManager, ISettingManager settingManager, IRepository<UserLoginAttempt, long> userLoginAttemptRepository, IUserManagementConfig userManagementConfig, IIocResolver iocResolver, IPasswordHasher<User> passwordHasher, RoleManager roleManager, UserClaimsPrincipalFactory claimsPrincipalFactory, UserStore userStore) : base( userManager, multiTenancyConfig, tenantRepository, unitOfWorkManager, settingManager, userLoginAttemptRepository, userManagementConfig, iocResolver, passwordHasher, roleManager, claimsPrincipalFactory) { _userStore = userStore; _userManager = userManager; } /// <summary> /// 自定义登录 /// </summary> /// <param name="account">账号、手机号、身份证号</param> /// <param name="password">明文密码</param> /// <returns></returns> [UnitOfWork] public virtual async Task<AbpLoginResult<Tenant, User>> LoginCustomAsync(string account, string password) { var result = await LoginCustomAsyncInternal(account, password); //保存用户尝试登录的记录 await SaveLoginAttemptAsync(result, null, account); return result; } protected virtual async Task<AbpLoginResult<Tenant, User>> LoginCustomAsyncInternal(string account, string password) { if (account.IsNullOrEmpty() || password.IsNullOrEmpty()) { throw new ArgumentException("account or password"); } //不启用租户,获取默认租户 Tenant tenant = await GetDefaultTenantAsync(); int? tenantId = tenant?.Id; using (UnitOfWorkManager.Current.SetTenantId(tenantId)) { //根据用户名获取用户信息 var user = await _userStore.FindByAccountAsync(account); if (user == null) { return new AbpLoginResult<Tenant, User>(AbpLoginResultType.UnknownExternalLogin, tenant); } //验证用户的密码是否正确 var verificationResult = _userManager.PasswordHasher.VerifyHashedPassword(user, user.Password, password); if (verificationResult != PasswordVerificationResult.Success) { if (await TryLockOutAsync(tenantId, user.Id)) { return new AbpLoginResult<Tenant, User>(AbpLoginResultType.LockedOut, tenant, user); } return new AbpLoginResult<Tenant, User>(AbpLoginResultType.InvalidPassword, tenant, user); } //重置用户登录失败次数 await _userManager.ResetAccessFailedCountAsync(user); //生成登录结果 return await CreateLoginResultAsync(user, tenant); } } }
c、Web.Core层
添加方法:
/// <summary> /// 自定义登录 /// </summary> /// <param name="userName">账号、身份证、手机号</param> /// <param name="password"></param> /// <returns></returns> private async Task<AbpLoginResult<Tenant, User>> GetCustomLoginResultAsync(string userName, string password) { var loginResult = await _logInManager.LoginCustomAsync(userName, password); switch (loginResult.Result) { case AbpLoginResultType.Success: return loginResult; default: throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, userName, null); } }
重构方法:
[HttpPost] public async Task<AuthenticateResultModel> Authenticate([FromBody] AuthenticateModel model) { //var loginResult = await GetLoginResultAsync( // model.UserNameOrEmailAddress, // model.Password, // GetTenancyNameOrNull() //); //自定义登录获取结果 var loginResult = await GetCustomLoginResultAsync( model.UserNameOrEmailAddress, model.Password ); var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); return new AuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncryptedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, UserId = loginResult.User.Id }; }
