VCommonCoreExample/VCommonCoreExample/AppServices/Session/SessionService.cs

using Microsoft.AspNetCore.Identity;
using System;
using System.Linq;
using VCommon.Security;
using VCommon.VApplication.Authorization;
using VCommon.VApplication.Security;
using VCommon.VOpenApi.VAspNetCore;
using VCommonCoreExample.AppServices.Basic;
using VCommonCoreExample.AppServices.Session.Dto;
using VCommonCoreExample.Authorization;
using VCommonCoreExample.Caching;
using VCommonCoreExample.Caching.Models;
using VCommonCoreExample.DataStore;
using VCommonCoreExample.Entity;

namespace VCommonCoreExample.AppServices.Session
{
    public interface ISessionService
    {
        string Login(SessionLoginInput input);

        [VServiceAuthorize]
        SessionOutput GetSession();

        [VServiceAuthorize]
        void Logout();
    }

    public class SessionService : DbAppServiceBase, ISessionService
    {
        private readonly UserStore _userStore;
        private readonly SessionCache _sessionCache;
        private readonly PermissionProvider _permissionProvider;

        public SessionService(UserStore userStore, SessionCache sessionCache, PermissionProvider permissionProvider)
        {
            _userStore = userStore;
            _sessionCache = sessionCache;
            _permissionProvider = permissionProvider;
        }

        public string Login(SessionLoginInput input)
        {
            if (VSession.UserId.HasValue) throw new VFriendlyException("您已登录,要更换用户,请退出登录");

            var delayer = new Delayer(immediatelyStart: true);

            var usr = _userStore.GetLoginInfo(input.TenantCode, input.LoginName, out var message);

            if (null == usr)
            {
                delayer.StopAndDelay();
                throw new VFriendlyException(message ?? "登录名错误");
            }

            var match = new PasswordHasher<User>().VerifyHashedPassword(null, usr.Password, input.Password);

            if (PasswordVerificationResult.Failed == match)
            {
                delayer.StopAndDelay();
                throw new VFriendlyException("登录名和密码不匹配");
            }

            if (false == usr.IsEnable)
            {
                delayer.StopAndDelay();
                throw new VFriendlyException("用户未启用");
            }

            var token = RandomStringGenerator.GuidBasedRandomHexString64();

            _sessionCache.Set(token, new SessionCacheModel
            {
                TenantId = usr.TenantId,
                UserId = usr.Id,
                HashedPassword = usr.Password,
                Remember = input.Remember ?? false,
                KickSign = Guid.NewGuid().ToString()
            });

            return token;
        }

        public void Logout()
        {
            _sessionCache.Clear(VSession.Token);
        }

        public SessionOutput GetSession()
        {
            var uid = VSession.GetUserId();
            var tid = VSession.TenantId;

            using var db = GetDbContext();

            var usr = db.Users
                .Where(p => p.IsAbolish == false && p.TenantId == tid && p.Id == uid)
                .Select(p => new { p.Name, p.Roles }).FirstOrDefault();

            if (usr == null) throw new VFriendlyException("找不到用户");

            return new SessionOutput
            {
                TenantId = tid,
                UserId = uid,
                UserName = usr.Name,
                Permissions = _permissionProvider.GetUserPermissionCodes(VSession.TenantId, VSession.GetUserId()),
                //Setting = new Dictionary<string, object>(), //TODO: UserProfileService Setting
            };
        }
    }
}