Bläddra i källkod

登录使用滑块验证作为安全验证
检查验证数据统一格式

zhontai 3 år sedan
förälder
incheckning
94ec355e21

+ 1 - 0
Admin.Core.Service/Admin.Core.Service.csproj

@@ -34,6 +34,7 @@
   <ItemGroup>
     <ProjectReference Include="..\Admin.Core.Model\Admin.Core.Model.csproj" />
     <ProjectReference Include="..\Admin.Core.Repository\Admin.Core.Repository.csproj" />
+    <ProjectReference Include="..\Admin.Tools\Admin.Tools.csproj" />
   </ItemGroup>
 
 </Project>

+ 12 - 1
Admin.Core.Service/Admin/Auth/AuthService.cs

@@ -6,6 +6,7 @@ using Admin.Core.Model.Admin;
 using Admin.Core.Repository.Admin;
 using Admin.Core.Service.Admin.Auth.Input;
 using Admin.Core.Service.Admin.Auth.Output;
+using Admin.Tools.Captcha;
 using System;
 using System.Linq;
 using System.Threading.Tasks;
@@ -19,13 +20,15 @@ namespace Admin.Core.Service.Admin.Auth
         private readonly IUserRepository _userRepository;
         private readonly VerifyCodeHelper _verifyCodeHelper;
         private readonly ITenantRepository _tenantRepository;
+        private readonly ICaptcha _captcha;
 
         public AuthService(
             AppConfig appConfig,
             VerifyCodeHelper verifyCodeHelper,
             IUserRepository userRepository,
             IPermissionRepository permissionRepository,
-            ITenantRepository tenantRepository
+            ITenantRepository tenantRepository,
+            ICaptcha captcha
         )
         {
             _appConfig = appConfig;
@@ -33,6 +36,7 @@ namespace Admin.Core.Service.Admin.Auth
             _userRepository = userRepository;
             _permissionRepository = permissionRepository;
             _tenantRepository = tenantRepository;
+            _captcha = captcha;
         }
 
         public async Task<IResponseOutput> GetPassWordEncryptKeyAsync()
@@ -110,6 +114,7 @@ namespace Admin.Core.Service.Admin.Auth
 
             if (_appConfig.VarifyCode.Enable)
             {
+                /*
                 var verifyCodeKey = string.Format(CacheKey.VerifyCodeKey, input.VerifyCodeKey);
                 var exists = await Cache.ExistsAsync(verifyCodeKey);
                 if (exists)
@@ -129,6 +134,12 @@ namespace Admin.Core.Service.Admin.Auth
                 {
                     return ResponseOutput.NotOk("验证码已过期!", 1);
                 }
+                */
+                var isOk = await _captcha.CheckAsync(input.Captcha, true);
+                if (!isOk)
+                {
+                    return ResponseOutput.NotOk("安全验证不通过,请重新登录!");
+                }
             }
 
             #endregion 验证码校验

+ 7 - 1
Admin.Core.Service/Admin/Auth/Input/AuthLoginInput.cs

@@ -1,4 +1,5 @@
-using System.ComponentModel.DataAnnotations;
+using Admin.Tools.Captcha;
+using System.ComponentModel.DataAnnotations;
 
 namespace Admin.Core.Service.Admin.Auth.Input
 {
@@ -34,5 +35,10 @@ namespace Admin.Core.Service.Admin.Auth.Input
         /// 验证码键
         /// </summary>
         public string VerifyCodeKey { get; set; }
+
+        /// <summary>
+        /// 验证数据
+        /// </summary>
+        public CaptchaInput Captcha { get; set; }
     }
 }

+ 5 - 0
Admin.Core/Admin.Core.Service.xml

@@ -232,6 +232,11 @@
             验证码键
             </summary>
         </member>
+        <member name="P:Admin.Core.Service.Admin.Auth.Input.AuthLoginInput.Captcha">
+            <summary>
+            验证数据
+            </summary>
+        </member>
         <member name="P:Admin.Core.Service.Admin.Auth.Output.AuthGetVerifyCodeOutput.Key">
             <summary>
             缓存键

+ 1 - 1
Admin.Core/Admin.Core.xml

@@ -166,7 +166,7 @@
             </summary>
             <returns></returns>
         </member>
-        <member name="M:Admin.Core.Controllers.Admin.AuthController.CheckCaptcha(Admin.Tools.Captcha.SlideJigsawCaptchaInput)">
+        <member name="M:Admin.Core.Controllers.Admin.AuthController.CheckCaptcha(Admin.Tools.Captcha.CaptchaInput)">
             <summary>
             检查验证数据
             </summary>

+ 1 - 1
Admin.Core/Controllers/Admin/AuthController.cs

@@ -112,7 +112,7 @@ namespace Admin.Core.Controllers.Admin
         [HttpGet]
         [AllowAnonymous]
         [NoOprationLog]
-        public async Task<IResponseOutput> CheckCaptcha([FromQuery] SlideJigsawCaptchaInput input)
+        public async Task<IResponseOutput> CheckCaptcha([FromQuery] CaptchaInput input)
         {
             var result = await _captcha.CheckAsync(input);
             return ResponseOutput.Result(result);

+ 5 - 5
Admin.Tools/Captcha/Dtos/SlideJigsawCaptchaInput.cs

@@ -1,15 +1,15 @@
 namespace Admin.Tools.Captcha
 {
-    public class SlideJigsawCaptchaInput
+    public class CaptchaInput
     {
         /// <summary>
-        /// 坐标数据
+        /// 校验唯一标识
         /// </summary>
-        public string Point { get; set; }
+        public string Token { get; set; }
 
         /// <summary>
-        /// 校验唯一标识
+        /// 数据
         /// </summary>
-        public string Token { get; set; }
+        public string Data { get; set; }
     }
 }

+ 1 - 1
Admin.Tools/Captcha/ICaptcha.cs

@@ -19,6 +19,6 @@ namespace Admin.Tools.Captcha
         /// </summary>
         /// <param name="input"></param>
         /// <returns></returns>
-        Task<bool> CheckAsync(SlideJigsawCaptchaInput input);
+        Task<bool> CheckAsync(CaptchaInput input, bool deleteCache = false);
     }
 }

+ 10 - 2
Admin.Tools/Captcha/SlideJigsawCaptcha.cs

@@ -322,21 +322,29 @@ namespace Admin.Tools.Captcha
         /// <summary>
         /// 检查验证数据
         /// </summary>
-        public async Task<bool> CheckAsync(SlideJigsawCaptchaInput input)
+        /// <param name="input"></param>
+        /// <param name="needDelete"></param>
+        /// <returns></returns>
+        public async Task<bool> CheckAsync(CaptchaInput input, bool deleteCache = false)
         {
             var key = string.Format(CacheKey.VerifyCodeKey, input.Token);
             if (await _cache.ExistsAsync(key))
             {
                 try
                 {
-                    var point = JsonConvert.DeserializeObject<PointModel>(input.Point);
+                    var point = JsonConvert.DeserializeObject<PointModel>(input.Data);
                     var x = await _cache.GetAsync<int>(key);
                     if (Math.Abs(x - point.X) < 5)
                     {
+                        if (deleteCache)
+                        {
+                            await _cache.DelAsync(key);
+                        }
                         return true;
                     }
                     else
                     {
+                        await _cache.DelAsync(key);
                         return false;
                     }
                 }