修正错误
This commit is contained in:
parent
29e1de60b4
commit
09136a7806
|
@ -116,7 +116,7 @@ public class ApplicationDbContext(DbContextOptions<ApplicationDbContext> options
|
|||
NormalizedName = roleName.ToUpperInvariant(),
|
||||
ApiPermissions =
|
||||
["1","2","3","4","5", "6", "7", "8", "9", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "20","21","22","23","24","25","26","27","28","29","30","31","32","33","34","35"],
|
||||
RouterPermissions = ["1", "2", "3", "4","5","6","7","8","9","10","11","12","13","14","15","16"]
|
||||
RouterPermissions = ["1", "3", "4","5","6","7","8","9","10","11","12","13","14","15","16"]
|
||||
});
|
||||
}
|
||||
|
||||
|
|
|
@ -81,6 +81,17 @@ public class AccountController(
|
|||
user.Id
|
||||
});
|
||||
}
|
||||
//创建修改密码令牌
|
||||
var tokenPassword = await userManager.GeneratePasswordResetTokenAsync(user);
|
||||
if (user.PasswordExpiredDate == null || user.PasswordExpiredDate < DateTimeOffset.Now)
|
||||
{
|
||||
//返回402
|
||||
return StatusCode(402,new
|
||||
{
|
||||
tokenPassword,
|
||||
user.Id,
|
||||
});
|
||||
}
|
||||
var roles = await userManager.GetRolesAsync(user);
|
||||
var roleId = roles.ToList()[0]; // 直接获取角色ID列表
|
||||
var claimsIdentity = new ClaimsIdentity(new[]
|
||||
|
@ -90,16 +101,7 @@ public class AccountController(
|
|||
new Claim(ClaimTypes.Role, roleId.ToLower()) // 将角色ID列表转换为逗号分隔的字符串
|
||||
});
|
||||
var token = tokenHelper.GenerateToken(claimsIdentity);
|
||||
if (user.PasswordExpiredDate == null || user.PasswordExpiredDate < DateTimeOffset.Now)
|
||||
{
|
||||
//返回402
|
||||
return StatusCode(402,new
|
||||
{
|
||||
token,
|
||||
user.Id,
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
return Ok(new
|
||||
{
|
||||
user.NickName,
|
||||
|
@ -128,32 +130,14 @@ public class AccountController(
|
|||
return Ok("邮件已发送");
|
||||
}
|
||||
[HttpGet("ChangePassword")]
|
||||
public async Task<IActionResult> ChangePassword([FromQuery] string currentPassword,[FromQuery] string newPassword)
|
||||
public async Task<IActionResult> ChangePassword([FromQuery] string userId, [FromQuery] string token,[FromQuery] string newPassword)
|
||||
{
|
||||
// 获取当前经过身份验证的用户
|
||||
var authenticatedUser = await userManager.GetUserAsync(HttpContext.User);
|
||||
|
||||
var authenticatedUser = await userManager.FindByIdAsync(userId);
|
||||
if (authenticatedUser == null)
|
||||
{
|
||||
return BadRequest("用户未登录");
|
||||
return BadRequest("用户不存在");
|
||||
}
|
||||
|
||||
// 检查当前密码是否正确
|
||||
var isCurrentPasswordValid = await userManager.CheckPasswordAsync(authenticatedUser, currentPassword);
|
||||
if (!isCurrentPasswordValid)
|
||||
{
|
||||
return BadRequest("当前密码不正确");
|
||||
}
|
||||
|
||||
// 检查新密码是否与旧密码相同
|
||||
if (currentPassword == newPassword)
|
||||
{
|
||||
return BadRequest("新密码不能与旧密码相同");
|
||||
}
|
||||
|
||||
// 生成密码重置令牌
|
||||
var token = await userManager.GeneratePasswordResetTokenAsync(authenticatedUser);
|
||||
|
||||
// 重置密码
|
||||
var result = await userManager.ResetPasswordAsync(authenticatedUser, token, newPassword);
|
||||
|
||||
|
|
|
@ -21,10 +21,15 @@ public class RoteController(
|
|||
var rotes = role!.RouterPermissions.ToList();
|
||||
//获取路由列表
|
||||
var apiPermissions = dbContext.RotePermissions.ToList().Where(x => rotes.Any(y => y == x.Id.ToString())).Select(x=>x.Router).ToList();
|
||||
//如果rotes 中包括*
|
||||
if (rotes.Contains("*"))
|
||||
{
|
||||
return Ok("权限验证通过");
|
||||
}
|
||||
//将path全部小写
|
||||
path = path.ToLower();
|
||||
//使用正则匹配
|
||||
var firstOrDefault = apiPermissions.FirstOrDefault(x => Regex.IsMatch(path,x));
|
||||
return Ok(firstOrDefault != null ? new ApiResponse(ApiResponseState.Success) : new ApiResponse(ApiResponseState.Forbidden));
|
||||
return Ok(firstOrDefault != null ? Ok("权限验证通过") : Unauthorized("你不具有访问此资源的权力"));
|
||||
}
|
||||
}
|
|
@ -43,9 +43,6 @@
|
|||
<None Update="app.db">
|
||||
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
|
||||
</None>
|
||||
<None Update="apptemp.db">
|
||||
<CopyToOutputDirectory>Never</CopyToOutputDirectory>
|
||||
</None>
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
"dotnetRunMessages": true,
|
||||
"launchBrowser": false,
|
||||
"launchUrl": "swagger",
|
||||
"applicationUrl": "http://192.168.0.13:5253",
|
||||
"applicationUrl": "http://127.0.0.1:5000",
|
||||
"environmentVariables": {
|
||||
"ASPNETCORE_ENVIRONMENT": "Development"
|
||||
}
|
||||
|
|
|
@ -20,5 +20,5 @@
|
|||
"Secret": "p4Qzf/+GPP/XNLalZGCzwlelOl6skiFZscj6iZ6rZZE=",
|
||||
"Issuer": "LoongPanel",
|
||||
"Audience": "LoongPanel",
|
||||
"PubLicApi": "/Api/Account/Login;/Api/Account/VerifyEmail;/Api/Account/ForgotPassword;/Api/Account/ResetPassword;"
|
||||
"PubLicApi": "/Api/Account/Login;/Api/Account/VerifyEmail;/Api/Account/ForgotPassword;/Api/Account/ResetPassword;/Api/Account/ChangePassword"
|
||||
}
|
||||
|
|
Binary file not shown.
|
@ -1,9 +1,7 @@
|
|||
import type {HttpType} from "~/types/baseType";
|
||||
import {defineNuxtRouteMiddleware} from "#app";
|
||||
import {useToast} from 'vue-toastification'
|
||||
|
||||
interface RouteBackType extends HttpType<any> {
|
||||
}
|
||||
|
||||
|
||||
export default defineNuxtRouteMiddleware(async (to, from) => {
|
||||
const toast = useToast();
|
||||
|
@ -21,9 +19,8 @@ export default defineNuxtRouteMiddleware(async (to, from) => {
|
|||
|
||||
// 获取当前导航路径
|
||||
const currentPath = to.path;
|
||||
|
||||
try {
|
||||
const response = await $fetch('/Api/Rote/RoteVerify', {
|
||||
await $fetch('/Api/Rote/RoteVerify', {
|
||||
method: 'GET',
|
||||
headers: {
|
||||
'Authorization': 'Bearer ' + token
|
||||
|
@ -31,27 +28,10 @@ export default defineNuxtRouteMiddleware(async (to, from) => {
|
|||
baseURL: runtimeConfig.public.baseUrl,
|
||||
params: {'path': currentPath}
|
||||
});
|
||||
|
||||
// 直接从响应中获取状态码
|
||||
const data = response as HttpType<any>;
|
||||
if (data.code !== 200) {
|
||||
toast.error('未登录', {timeout: 3000})
|
||||
|
||||
if (data.code === 403) {
|
||||
if (to.path === from.path) {
|
||||
return navigateTo("/Home");
|
||||
}
|
||||
return navigateTo(from.path);
|
||||
}
|
||||
|
||||
return navigateTo("/SignIn");
|
||||
}
|
||||
} catch (error) {
|
||||
// 处理错误情况
|
||||
console.error('请求验证路由时发生错误:', error);
|
||||
toast.error('请求错误', {timeout: 3000})
|
||||
return navigateTo("/SignIn");
|
||||
// 如果验证成功,继续导航
|
||||
return true;
|
||||
} catch (err) {
|
||||
toast.error('权限不足', {timeout: 3000});
|
||||
return navigateTo("/error/403");
|
||||
}
|
||||
|
||||
return true;
|
||||
});
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
<script setup lang="ts">
|
||||
definePageMeta({
|
||||
layout: 'login',
|
||||
middleware: ['auth']
|
||||
})
|
||||
//导入yup
|
||||
import * as yup from 'yup'
|
||||
|
@ -9,16 +8,13 @@ import {useToast} from "vue-toastification";
|
|||
import Vcode from 'vue3-puzzle-vcode';
|
||||
//创建表单
|
||||
const form = reactive({
|
||||
currentPassword:'',
|
||||
password: '',
|
||||
confirmPassword: ''
|
||||
})
|
||||
const userId = useRoute().query.id;
|
||||
const isShow=ref(false);
|
||||
const toast=useToast()
|
||||
const schema = yup.object().shape({
|
||||
currentPassword:yup.string()
|
||||
.required('密码为必填项')
|
||||
.min(8, '密码至少需要8个字符'),
|
||||
password: yup.string()
|
||||
.required('密码为必填项')
|
||||
.min(8, '密码至少需要8个字符')
|
||||
|
@ -53,16 +49,14 @@ const onSuccess=()=>{
|
|||
$fetch('/Api/Account/ChangePassword', {
|
||||
method: 'GET',
|
||||
params:{
|
||||
CurrentPassword:form.currentPassword,
|
||||
userId:userId,
|
||||
NewPassword:form.password,
|
||||
},
|
||||
headers: {
|
||||
'Authorization': 'Bearer ' + useCookie('token').value
|
||||
token:useCookie('tokenPassword').value??""
|
||||
},
|
||||
baseURL: useRuntimeConfig().public.baseUrl,
|
||||
}).then((res) => {
|
||||
//清除临时token
|
||||
useCookie('token').value = ""
|
||||
useCookie('tokenPassword').value = ""
|
||||
toast.success(res)
|
||||
setTimeout(()=>{
|
||||
navigateTo("/SignIn")
|
||||
|
@ -79,15 +73,11 @@ const onSuccess=()=>{
|
|||
<div class="change-password-layout">
|
||||
<Vcode :show="isShow" @success="onSuccess"/>
|
||||
<NuxtLink href="/signIn">< 返回</NuxtLink>
|
||||
<div class="info">
|
||||
<div class="info" v-if="userId">
|
||||
<h1>修改你的密码 👍</h1>
|
||||
<h2>当前账号密码已过期,请重新设置以继续登录</h2>
|
||||
</div>
|
||||
<form class="form-box" @submit.prevent="handleSubmit">
|
||||
<div class="form-item">
|
||||
<label>当前密码</label>
|
||||
<input placeholder="最少8位" required type="password" minlength="8" v-model="form.currentPassword">
|
||||
</div>
|
||||
</div >
|
||||
<form class="form-box" @submit.prevent="handleSubmit" v-if="userId">
|
||||
<div class="form-item">
|
||||
<label>新的密码</label>
|
||||
<input placeholder="最少8位" required type="password" minlength="8" v-model="form.password">
|
||||
|
@ -98,11 +88,12 @@ const onSuccess=()=>{
|
|||
</div>
|
||||
<button type="submit">提交</button>
|
||||
</form>
|
||||
<h1 v-else>!错误的请求</h1>
|
||||
</div>
|
||||
</template>
|
||||
|
||||
<style scoped lang="scss">
|
||||
@import "base";
|
||||
@import "../base";
|
||||
.change-password-layout{
|
||||
display: grid;
|
||||
grid-template-rows: repeat(3,auto);
|
|
@ -60,11 +60,17 @@ const onSuccess = () => {
|
|||
return
|
||||
}
|
||||
if(err.response.status===402){
|
||||
toast.error('登录失败,密码过期,请修改密码')
|
||||
toast.info('登录失败,密码过期,请修改密码')
|
||||
const data=err.response._data
|
||||
useCookie('token').value =data.token;
|
||||
useCookie('tokenPassword').value =data.tokenPassword;
|
||||
setTimeout(()=>{
|
||||
navigateTo(`/changePassword/${data.id}`)
|
||||
navigateTo({
|
||||
path:'/changePassword',
|
||||
query:{
|
||||
id:data.id
|
||||
}
|
||||
|
||||
})
|
||||
},2000)
|
||||
return
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue