feat(account): 增加当前用户安全日志查询

aspnet-core/modules/account/LINGYUN.Abp.Account.Application.Contracts/LINGYUN/Abp/Account/Dto/GetUserClaimStateDto.cs

@@ -0,0 +1,7 @@
+namespace LINGYUN.Abp.Account;
+
+public class GetUserClaimStateDto
+{
+    public bool IsBound { get; set; }
+    public string Value { get; set; }
+}

aspnet-core/modules/account/LINGYUN.Abp.Account.Application.Contracts/LINGYUN/Abp/Account/Dto/SecurityLogDto.cs

@@ -0,0 +1,29 @@
+using System;
+using Volo.Abp.Application.Dtos;
+
+namespace LINGYUN.Abp.Account;
+
+public class SecurityLogDto : ExtensibleEntityDto<Guid>
+{
+    public string ApplicationName { get; set; }
+
+    public string Identity { get; set; }
+
+    public string Action { get; set; }
+
+    public Guid? UserId { get; set; }
+
+    public string UserName { get; set; }
+
+    public string TenantName { get; set; }
+
+    public string ClientId { get; set; }
+
+    public string CorrelationId { get; set; }
+
+    public string ClientIpAddress { get; set; }
+
+    public string BrowserInfo { get; set; }
+
+    public DateTime CreationTime { get; set; }
+}

aspnet-core/modules/account/LINGYUN.Abp.Account.Application.Contracts/LINGYUN/Abp/Account/Dto/SecurityLogGetListInput.cs

@@ -0,0 +1,15 @@
+using System;
+using Volo.Abp.Application.Dtos;
+
+namespace LINGYUN.Abp.Account;
+
+public class SecurityLogGetListInput : PagedAndSortedResultRequestDto
+{
+    public DateTime? StartTime { get; set; }
+    public DateTime? EndTime { get; set; }
+    public string ApplicationName { get; set; }
+    public string Identity { get; set; }
+    public string ActionName { get; set; }
+    public string ClientId { get; set; }
+    public string CorrelationId { get; set; }
+}

aspnet-core/modules/account/LINGYUN.Abp.Account.Application.Contracts/LINGYUN/Abp/Account/IMyClaimAppService.cs

@@ -5,5 +5,22 @@ namespace LINGYUN.Abp.Account;
 
 public interface IMyClaimAppService : IApplicationService
 {
+    /// <summary>
+    /// 变更头像
+    /// </summary>
+    /// <param name="input"></param>
+    /// <returns></returns>
     Task ChangeAvatarAsync(ChangeAvatarInput input);
+    /// <summary>
+    /// 查询绑定状态
+    /// </summary>
+    /// <param name="claimType"></param>
+    /// <returns></returns>
+    Task<GetUserClaimStateDto> GetStateAsync(string claimType);
+    /// <summary>
+    /// 重置绑定状态
+    /// </summary>
+    /// <param name="claimType"></param>
+    /// <returns></returns>
+    Task ResetAsync(string claimType);
 }

aspnet-core/modules/account/LINGYUN.Abp.Account.Application.Contracts/LINGYUN/Abp/Account/IMyProfileAppService.cs

@@ -11,13 +11,13 @@ public interface IMyProfileAppService : IApplicationService
     /// 获取验证器信息
     /// </summary>
     /// <returns></returns>
-    Task<AuthenticatorDto> GetAuthenticator();
+    Task<AuthenticatorDto> GetAuthenticatorAsync();
     /// <summary>
     /// 验证验证器代码
     /// </summary>
     /// <param name="input"></param>
     /// <returns></returns>
-    Task<AuthenticatorRecoveryCodeDto> VerifyAuthenticatorCode(VerifyAuthenticatorCodeInput input);
+    Task<AuthenticatorRecoveryCodeDto> VerifyAuthenticatorCodeAsync(VerifyAuthenticatorCodeInput input);
     /// <summary>
     /// 获取会话列表
     /// </summary>
@@ -34,7 +34,7 @@ public interface IMyProfileAppService : IApplicationService
     /// 重置验证器
     /// </summary>
     /// <returns></returns>
-    Task ResetAuthenticator();
+    Task ResetAuthenticatorAsync();
     /// <summary>
     /// 获取二次认证状态
     /// </summary>

aspnet-core/modules/account/LINGYUN.Abp.Account.Application.Contracts/LINGYUN/Abp/Account/IMySecurityLogAppService.cs

@@ -0,0 +1,14 @@
+using System;
+using System.Threading.Tasks;
+using Volo.Abp.Application.Dtos;
+
+namespace LINGYUN.Abp.Account;
+
+public interface IMySecurityLogAppService
+{
+    Task<PagedResultDto<SecurityLogDto>> GetListAsync(SecurityLogGetListInput input);
+
+    Task<SecurityLogDto> GetAsync(Guid id);
+
+    Task DeleteAsync(Guid id);
+}

aspnet-core/modules/account/LINGYUN.Abp.Account.Application.Contracts/LINGYUN/Abp/Account/Localization/Resources/en.json

@@ -16,6 +16,7 @@
     "DisplayName:WeChatCode": "Wechat login code",
     "DisplayName:AuthenticatorCode": "Authenticator Code",
     "TwoFactor": "Two factor authentication",
+    "TwoFactor:Enabled": "TwoFactor Enabled",
     "TwoFactor:Email": "Email",
     "TwoFactor:Phone": "Phone",
     "TwoFactor:Authenticator": "Authenticator",
@@ -43,6 +44,11 @@
     "YourAuthenticatorIsSuccessfullyReset": "Your authenticator reset was successful.",
     "Steps:PreStep": "Pre Step",
     "Steps:NextStep": "Next Step",
-    "Steps:Done": "Done"
+    "Steps:Done": "Done",
+    "PersonalSessions": "Personal sessions",
+    "ProfileTab:Session": "Sessions",
+    "ProfileTab:TwoFactor": "TwoFactor",
+    "ProfileTab:Authenticator": "Authenticator",
+    "ProfileTab:SecurityLog": "Security Log"
   }
 }

aspnet-core/modules/account/LINGYUN.Abp.Account.Application.Contracts/LINGYUN/Abp/Account/Localization/Resources/zh-Hans.json

@@ -16,6 +16,7 @@
     "DisplayName:WeChatCode": "微信登录凭证",
     "DisplayName:AuthenticatorCode": "验证代码",
     "TwoFactor": "双因素身份验证",
+    "TwoFactor:Enabled": "启用双因素认证",
     "TwoFactor:Email": "邮箱验证",
     "TwoFactor:Phone": "手机验证",
     "TwoFactor:Authenticator": "验证码验证",
@@ -43,6 +44,11 @@
     "YourAuthenticatorIsSuccessfullyReset": "您的验证器重置成功.",
     "Steps:PreStep": "上一步",
     "Steps:NextStep": "下一步",
-    "Steps:Done": "完成"
+    "Steps:Done": "完成",
+    "PersonalSessions": "我的会话",
+    "ProfileTab:Session": "会话管理",
+    "ProfileTab:TwoFactor": "双因素身份验证",
+    "ProfileTab:Authenticator": "身份验证程序",
+    "ProfileTab:SecurityLog": "安全日志"
   }
 }

aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN.Abp.Account.Application.csproj

@@ -19,11 +19,12 @@
 	</ItemGroup>
 
 	<ItemGroup>
+		<ProjectReference Include="..\..\..\framework\auditing\LINGYUN.Abp.AuditLogging\LINGYUN.Abp.AuditLogging.csproj" />
 		<ProjectReference Include="..\..\..\framework\settings\LINGYUN.Abp.Settings\LINGYUN.Abp.Settings.csproj" />
 		<ProjectReference Include="..\..\..\framework\wechat\LINGYUN.Abp.WeChat.MiniProgram\LINGYUN.Abp.WeChat.MiniProgram.csproj" />
 		<ProjectReference Include="..\..\identity\LINGYUN.Abp.Identity.Domain\LINGYUN.Abp.Identity.Domain.csproj" />
 		<ProjectReference Include="..\LINGYUN.Abp.Account.Application.Contracts\LINGYUN.Abp.Account.Application.Contracts.csproj" />
-		<ProjectReference Include="..\LINGYUN.Abp.Account.Templates\LINGYUN.Abp.Account.Templates.csproj" />
+		<ProjectReference Include="..\LINGYUN.Abp.Account.Emailing\LINGYUN.Abp.Account.Emailing.csproj" />
 	</ItemGroup>
 
 </Project>

aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN/Abp/Account/AbpAccountApplicationModule.cs

@@ -1,6 +1,11 @@
-using LINGYUN.Abp.Account.Templates;
+using LINGYUN.Abp.Account.Emailing;
+using LINGYUN.Abp.Account.Emailing.Localization;
 using LINGYUN.Abp.Identity;
 using LINGYUN.Abp.WeChat.MiniProgram;
+using Microsoft.Extensions.DependencyInjection;
+using Volo.Abp.Account.Localization;
+using Volo.Abp.AutoMapper;
+using Volo.Abp.Localization;
 using Volo.Abp.Modularity;
 using Volo.Abp.UI.Navigation.Urls;
 using Volo.Abp.VirtualFileSystem;
@@ -10,13 +15,20 @@ namespace LINGYUN.Abp.Account;
 [DependsOn(
     typeof(Volo.Abp.Account.AbpAccountApplicationModule),
     typeof(AbpAccountApplicationContractsModule),
-    typeof(AbpAccountTemplatesModule),
+    typeof(AbpAccountEmailingModule),
     typeof(AbpIdentityDomainModule),
     typeof(AbpWeChatMiniProgramModule))]
 public class AbpAccountApplicationModule : AbpModule
 {
     public override void ConfigureServices(ServiceConfigurationContext context)
     {
+        context.Services.AddAutoMapperObjectMapper<AbpAccountApplicationModule>();
+
+        Configure<AbpAutoMapperOptions>(options =>
+        {
+            options.AddMaps<AbpAccountApplicationModule>(validate: true);
+        });
+
         Configure<AbpVirtualFileSystemOptions>(options =>
         {
             options.FileSets.AddEmbedded<AbpAccountApplicationModule>();
@@ -26,5 +38,12 @@ public class AbpAccountApplicationModule : AbpModule
         {
             options.Applications["MVC"].Urls[AccountUrlNames.EmailConfirm] = "Account/EmailConfirm";
         });
+
+        Configure<AbpLocalizationOptions>(options =>
+        {
+            options.Resources
+                .Get<AccountResource>()
+                .AddBaseTypes(typeof(AccountEmailingResource));
+        });
     }
 }

aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN/Abp/Account/AbpAccountMapperProfile.cs

@@ -0,0 +1,12 @@
+using AutoMapper;
+using LINGYUN.Abp.AuditLogging;
+
+namespace LINGYUN.Abp.Account;
+
+public class AbpAccountMapperProfile : Profile
+{
+    public AbpAccountMapperProfile()
+    {
+        CreateMap<SecurityLog, SecurityLogDto>(MemberList.Destination);
+    }
+}

aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN/Abp/Account/AccountAppService.cs

@@ -7,7 +7,6 @@ using LINGYUN.Abp.WeChat.MiniProgram;
 using LINGYUN.Abp.WeChat.OpenId;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Caching.Distributed;
-using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Options;
 using System;
 using System.ComponentModel.DataAnnotations;
@@ -15,7 +14,6 @@ using System.Linq;
 using System.Text;
 using System.Threading.Tasks;
 using Volo.Abp;
-using Volo.Abp.Account;
 using Volo.Abp.Application.Dtos;
 using Volo.Abp.Caching;
 using Volo.Abp.Clients;

aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN/Abp/Account/AccountApplicationServiceBase.cs

@@ -17,6 +17,7 @@ public abstract class AccountApplicationServiceBase : ApplicationService
     protected AccountApplicationServiceBase()
     {
         LocalizationResource = typeof(AccountResource);
+        ObjectMapperContext = typeof(AbpAccountApplicationModule);
     }
 
     protected async virtual Task<IdentityUser> GetCurrentUserAsync()

aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN/Abp/Account/MyClaimAppService.cs

@@ -59,4 +59,28 @@ public class MyClaimAppService : AccountApplicationServiceBase, IMyClaimAppServi
 
         await CurrentUnitOfWork.SaveChangesAsync();
     }
+
+    public async virtual Task<GetUserClaimStateDto> GetStateAsync(string claimType)
+    {
+        var user = await GetCurrentUserAsync();
+
+        var userClaim = user.Claims.FirstOrDefault(x => x.ClaimType == claimType);
+
+        return new GetUserClaimStateDto
+        {
+            IsBound = userClaim != null,
+            Value = userClaim?.ClaimValue,
+        };
+    }
+
+    public async virtual Task ResetAsync(string claimType)
+    {
+        var user = await GetCurrentUserAsync();
+
+        var seeyonLoginClaim = user.Claims.FirstOrDefault(x => x.ClaimType == claimType);
+        if (seeyonLoginClaim != null)
+        {
+            (await UserManager.RemoveClaimAsync(user, seeyonLoginClaim.ToClaim())).CheckErrors();
+        }
+    }
 }

aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN/Abp/Account/MyProfileAppService.cs

@@ -7,11 +7,9 @@ using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Caching.Distributed;
 using Microsoft.Extensions.Options;
 using System;
-using System.Collections.Generic;
 using System.Linq;
 using System.Net;
 using System.Text;
-using System.Text.Encodings.Web;
 using System.Threading.Tasks;
 using System.Web;
 using Volo.Abp;
@@ -172,11 +170,13 @@ public class MyProfileAppService : AccountApplicationServiceBase, IMyProfileAppS
         var sender = LazyServiceProvider.LazyGetRequiredService<IAccountEmailConfirmSender>();
 
         await sender.SendEmailConfirmLinkAsync(
-            user,
+            user.Id,
+            user.Email,
             confirmToken,
             input.AppName,
             input.ReturnUrl,
-            input.ReturnUrlHash);
+            input.ReturnUrlHash,
+            user.TenantId);
     }
 
     public async virtual Task ConfirmEmailAsync(ConfirmEmailInput input)
@@ -186,7 +186,7 @@ public class MyProfileAppService : AccountApplicationServiceBase, IMyProfileAppS
         var user = await UserManager.GetByIdAsync(CurrentUser.GetId());
 
         // 字符编码错误
-        var confirmToken = WebUtility.UrlDecode(input.ConfirmToken.Replace("%20", "%2B"));
+        var confirmToken = HttpUtility.UrlDecode(input.ConfirmToken); ;
         (await UserManager.ConfirmEmailAsync(user, confirmToken)).CheckErrors();
 
         await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
@@ -196,7 +196,7 @@ public class MyProfileAppService : AccountApplicationServiceBase, IMyProfileAppS
         });
     }
 
-    public async virtual Task<AuthenticatorDto> GetAuthenticator()
+    public async virtual Task<AuthenticatorDto> GetAuthenticatorAsync()
     {
         await IdentityOptions.SetAsync();
 
@@ -228,7 +228,7 @@ public class MyProfileAppService : AccountApplicationServiceBase, IMyProfileAppS
         };
     }
 
-    public async virtual Task<AuthenticatorRecoveryCodeDto> VerifyAuthenticatorCode(VerifyAuthenticatorCodeInput input)
+    public async virtual Task<AuthenticatorRecoveryCodeDto> VerifyAuthenticatorCodeAsync(VerifyAuthenticatorCodeInput input)
     {
         await IdentityOptions.SetAsync();
 
@@ -257,7 +257,7 @@ public class MyProfileAppService : AccountApplicationServiceBase, IMyProfileAppS
         };
     }
 
-    public async virtual Task ResetAuthenticator()
+    public async virtual Task ResetAuthenticatorAsync()
     {
         await IdentityOptions.SetAsync();
 

aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN/Abp/Account/MySecurityLogAppService.cs

@@ -0,0 +1,51 @@
+using LINGYUN.Abp.AuditLogging;
+using Microsoft.AspNetCore.Authorization;
+using System;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using Volo.Abp.Application.Dtos;
+using Volo.Abp.Users;
+
+namespace LINGYUN.Abp.Account;
+
+[Authorize]
+public class MySecurityLogAppService : AccountApplicationServiceBase, IMySecurityLogAppService
+{
+    protected ISecurityLogManager SecurityLogManager { get; }
+    public MySecurityLogAppService(ISecurityLogManager securityLogManager)
+    {
+        SecurityLogManager = securityLogManager;
+    }
+    public async virtual Task<SecurityLogDto> GetAsync(Guid id)
+    {
+        var securityLog = await SecurityLogManager.GetAsync(id, includeDetails: true);
+
+        return ObjectMapper.Map<SecurityLog, SecurityLogDto>(securityLog);
+    }
+
+    public async virtual Task<PagedResultDto<SecurityLogDto>> GetListAsync(SecurityLogGetListInput input)
+    {
+        var userId = CurrentUser.GetId();
+        var securityLogCount = await SecurityLogManager
+            .GetCountAsync(input.StartTime, input.EndTime,
+                input.ApplicationName, input.Identity, input.ActionName,
+                userId, null, input.ClientId, input.CorrelationId
+            );
+
+        var securityLogs = await SecurityLogManager
+            .GetListAsync(input.Sorting, input.MaxResultCount, input.SkipCount,
+                input.StartTime, input.EndTime,
+                input.ApplicationName, input.Identity, input.ActionName,
+                userId, null, input.ClientId, input.CorrelationId,
+                includeDetails: false
+            );
+
+        return new PagedResultDto<SecurityLogDto>(securityLogCount,
+            ObjectMapper.Map<List<SecurityLog>, List<SecurityLogDto>>(securityLogs));
+    }
+
+    public async virtual Task DeleteAsync(Guid id)
+    {
+        await SecurityLogManager.DeleteAsync(id);
+    }
+}

aspnet-core/modules/account/LINGYUN.Abp.Account.HttpApi/LINGYUN/Abp/Account/MyClaimController.cs

@@ -1,4 +1,5 @@
 using Asp.Versioning;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using System.Threading.Tasks;
 using Volo.Abp;
@@ -7,10 +8,11 @@ using Volo.Abp.AspNetCore.Mvc;
 
 namespace LINGYUN.Abp.Account;
 
-[RemoteService(Name = AccountRemoteServiceConsts.RemoteServiceName)]
+[Authorize]
 [Area("account")]
 [ControllerName("Claim")]
-[Route("/api/account/my-claim")]
+[Route($"/api/{AccountRemoteServiceConsts.ModuleName}/my-claim")]
+[RemoteService(Name = AccountRemoteServiceConsts.RemoteServiceName)]
 public class MyClaimController : AbpControllerBase, IMyClaimAppService
 {
     private readonly IMyClaimAppService _service;
@@ -23,8 +25,22 @@ public class MyClaimController : AbpControllerBase, IMyClaimAppService
 
     [HttpPost]
     [Route("change-avatar")]
-    public async virtual Task ChangeAvatarAsync(ChangeAvatarInput input)
+    public virtual Task ChangeAvatarAsync(ChangeAvatarInput input)
+    {
+        return _service.ChangeAvatarAsync(input);
+    }
+
+    [HttpGet]
+    [Route("state/{claimType}")]
+    public virtual Task<GetUserClaimStateDto> GetStateAsync(string claimType)
+    {
+        return _service.GetStateAsync(claimType);
+    }
+
+    [HttpDelete]
+    [Route("reset/{claimType}")]
+    public virtual Task ResetAsync(string claimType)
     {
-        await _service.ChangeAvatarAsync(input);
+        return _service.ResetAsync(claimType);
     }
 }

aspnet-core/modules/account/LINGYUN.Abp.Account.HttpApi/LINGYUN/Abp/Account/MyProfileController.cs

@@ -1,5 +1,6 @@
 using Asp.Versioning;
 using LINGYUN.Abp.Identity;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using System.Threading.Tasks;
 using Volo.Abp;
@@ -9,10 +10,11 @@ using Volo.Abp.AspNetCore.Mvc;
 
 namespace LINGYUN.Abp.Account;
 
-[RemoteService(Name = AccountRemoteServiceConsts.RemoteServiceName)]
+[Authorize]
 [Area("account")]
 [ControllerName("Profile")]
-[Route("/api/account/my-profile")]
+[Route($"/api/{AccountRemoteServiceConsts.ModuleName}/my-profile")]
+[RemoteService(Name = AccountRemoteServiceConsts.RemoteServiceName)]
 public class MyProfileController : AbpControllerBase, IMyProfileAppService
 {
     protected IMyProfileAppService MyProfileAppService { get; }
@@ -81,22 +83,22 @@ public class MyProfileController : AbpControllerBase, IMyProfileAppService
 
     [HttpGet]
     [Route("authenticator")]
-    public virtual Task<AuthenticatorDto> GetAuthenticator()
+    public virtual Task<AuthenticatorDto> GetAuthenticatorAsync()
     {
-        return MyProfileAppService.GetAuthenticator();
+        return MyProfileAppService.GetAuthenticatorAsync();
     }
 
     [HttpPost]
     [Route("verify-authenticator-code")]
-    public virtual Task<AuthenticatorRecoveryCodeDto> VerifyAuthenticatorCode(VerifyAuthenticatorCodeInput input)
+    public virtual Task<AuthenticatorRecoveryCodeDto> VerifyAuthenticatorCodeAsync(VerifyAuthenticatorCodeInput input)
     {
-        return MyProfileAppService.VerifyAuthenticatorCode(input);
+        return MyProfileAppService.VerifyAuthenticatorCodeAsync(input);
     }
 
     [HttpPost]
     [Route("reset-authenticator")]
-    public virtual Task ResetAuthenticator()
+    public virtual Task ResetAuthenticatorAsync()
     {
-        return MyProfileAppService.ResetAuthenticator();
+        return MyProfileAppService.ResetAuthenticatorAsync();
     }
 }

aspnet-core/modules/account/LINGYUN.Abp.Account.HttpApi/LINGYUN/Abp/Account/MySecurityLogController.cs

@@ -0,0 +1,45 @@
+using Asp.Versioning;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using System;
+using System.Threading.Tasks;
+using Volo.Abp;
+using Volo.Abp.Account;
+using Volo.Abp.Application.Dtos;
+using Volo.Abp.AspNetCore.Mvc;
+
+namespace LINGYUN.Abp.Account;
+
+[Authorize]
+[Area("account")]
+[ControllerName("SecurityLog")]
+[Route($"/api/{AccountRemoteServiceConsts.ModuleName}/security-logs")]
+[RemoteService(Name = AccountRemoteServiceConsts.RemoteServiceName)]
+public class MySecurityLogController : AbpControllerBase, IMySecurityLogAppService
+{
+    private readonly IMySecurityLogAppService _service;
+    public MySecurityLogController(IMySecurityLogAppService service)
+    {
+        _service = service;
+    }
+
+    [HttpDelete]
+    [Route("{id}")]
+    public virtual Task DeleteAsync(Guid id)
+    {
+        return _service.DeleteAsync(id);
+    }
+
+    [HttpGet]
+    [Route("{id}")]
+    public virtual Task<SecurityLogDto> GetAsync(Guid id)
+    {
+        return _service.GetAsync(id);
+    }
+
+    [HttpGet]
+    public virtual Task<PagedResultDto<SecurityLogDto>> GetListAsync(SecurityLogGetListInput input)
+    {
+        return _service.GetListAsync(input);
+    }
+}