From 079e0c1bc16a9d9e93abc8399762d2938de8c9db Mon Sep 17 00:00:00 2001
From: colin <colin.in@foxmail.com>
Date: Tue, 13 Jan 2026 14:38:21 +0800
Subject: [PATCH] feat(account): Optimize the selection of accounts
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 切换账户登录后记录安全日志
- 修复空对象引用
---
 .../Pages/Account/SelectAccount.cshtml.cs     | 39 ++++++++++++++-----
 1 file changed, 29 insertions(+), 10 deletions(-)

diff --git a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OpenIddict/Pages/Account/SelectAccount.cshtml.cs b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OpenIddict/Pages/Account/SelectAccount.cshtml.cs
index 88cd626db..bfe181731 100644
--- a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OpenIddict/Pages/Account/SelectAccount.cshtml.cs
+++ b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OpenIddict/Pages/Account/SelectAccount.cshtml.cs
@@ -15,9 +15,7 @@ using Volo.Abp.Data;
 using Volo.Abp.Identity;
 using Volo.Abp.MultiTenancy;
 using Volo.Abp.OpenIddict.Localization;
-using Volo.Abp.Users;
 using Volo.Abp.Validation;
-using static LINGYUN.Abp.Account.Web.OpenIddict.Pages.Account.SelectAccountModel;
 
 namespace LINGYUN.Abp.Account.Web.OpenIddict.Pages.Account;
 
@@ -25,6 +23,8 @@ namespace LINGYUN.Abp.Account.Web.OpenIddict.Pages.Account;
 public class SelectAccountModel : AccountPageModel
 {
     private const string LastLoginTimeFieldName = "LastLoginTime";
+    private const string AllowedTenantsFieldName = "AllowedTenants";
+    private const string DefaultDateFormat = "yyyy-MM-dd HH:mm:ss";
 
     [BindProperty(SupportsGet = true)]
     public string RedirectUri { get; set; }
@@ -38,6 +38,8 @@ public class SelectAccountModel : AccountPageModel
 
     public List<UserAccountInfo> AvailableAccounts { get; set; } = new();
 
+    protected IdentityDynamicClaimsPrincipalContributorCache IdentityDynamicClaimsPrincipalContributorCache => LazyServiceProvider.LazyGetRequiredService<IdentityDynamicClaimsPrincipalContributorCache>();
+
     protected IOpenIddictApplicationManager ApplicationManager => LazyServiceProvider.LazyGetRequiredService<IOpenIddictApplicationManager>();
 
     protected ITenantStore TenantStore => LazyServiceProvider.LazyGetRequiredService<ITenantStore>();
@@ -67,6 +69,12 @@ public class SelectAccountModel : AccountPageModel
             return Page();
         }
 
+        Input = new SelectAccountInput
+        {
+            RedirectUri = requestInfo.RedirectUri,
+            ClientId = requestInfo.ClientId,
+        };
+
         var application = await ApplicationManager.FindByClientIdAsync(requestInfo.ClientId);
         ClientName = await ApplicationManager.GetLocalizedDisplayNameAsync(application) ?? requestInfo.ClientId;
 
@@ -152,16 +160,27 @@ public class SelectAccountModel : AccountPageModel
             await SignInManager.SignInAsync(user, rememberMe);
 
             // TODO: date format
-            user.SetProperty(LastLoginTimeFieldName, Clock.Now.ToString("yyyy-MM-dd HH:mm:ss"));
+            user.SetProperty(LastLoginTimeFieldName, Clock.Now.ToString(DefaultDateFormat));
 
             // TODO: ʵ�� RememberSelection
             if (rememberSelection)
             {
-                await SaveAccountSelectionAsync(
-                    Input.ClientId,
-                    user.Id,
-                    user.TenantId);
+                await SaveAccountSelectionAsync(Input.ClientId, user);
             }
+
+            var logContext = new IdentitySecurityLogContext()
+            {
+                Identity = IdentitySecurityLogIdentityConsts.Identity,
+                Action = IdentitySecurityLogActionConsts.LoginSucceeded,
+                UserName = user.UserName,
+                ClientId = Input.ClientId,
+            };
+            logContext.WithProperty("prompt", "select_account");
+
+            await IdentitySecurityLogManager.SaveAsync(logContext);
+
+            // Clear the dynamic claims cache.
+            await IdentityDynamicClaimsPrincipalContributorCache.ClearAsync(user.Id, user.TenantId);
         }
         
         // �ض����ԭʼ��Ȩ����
@@ -234,7 +253,7 @@ public class SelectAccountModel : AccountPageModel
         }
         catch (Exception ex)
         {
-            Logger.LogWarning(ex, "����RedirectUri��������: {message}", ex.Message);
+            Logger.LogWarning(ex, "Parse the error of the RedirectUri parameter: {message}", ex.Message);
             return Task.FromResult<OriginalRequestInfo>(null);
         }
     }
@@ -319,7 +338,7 @@ public class SelectAccountModel : AccountPageModel
         }
 
         var properties = await ApplicationManager.GetPropertiesAsync(application);
-        if (properties.TryGetValue("AllowedTenants", out var allowedTenantsValue))
+        if (properties.TryGetValue(AllowedTenantsFieldName, out var allowedTenantsValue))
         {
             var tenantIds = allowedTenantsValue.ToString().Split(',', StringSplitOptions.RemoveEmptyEntries);
 
@@ -399,7 +418,7 @@ public class SelectAccountModel : AccountPageModel
         }
     }
 
-    protected virtual Task SaveAccountSelectionAsync(string clientId, Guid userId, Guid? tenantId)
+    protected virtual Task SaveAccountSelectionAsync(string clientId, IdentityUser user)
     {
         // TODO: �����û���ǰѡ���˻�, �´�ѡ���˻�ʱĬ��ѡ����˻�
         return Task.CompletedTask;