tsai
/
abp-next-admin2
mirror of https://github.com/colinin/abp-next-admin.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
这是基于vue-vben-admin 模板适用于abp vNext的前端管理项目
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2888 Commits
72 Branches
54 Tags
77 MiB
 
 
 
 
 
 
Tree: ac7a940a9e
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ac7a940a9e'
${ noResults }
abp-next-admin2/docs/wiki/模块化设计/功能模块/账户管理模块/账户管理模块.md

13 KiB
Raw Blame History

账户管理模块

**本文档引用的文件** - [AccountAppService.cs](file://aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN/Abp/Account/AccountAppService.cs) - [AccountController.cs](file://aspnet-core/modules/account/LINGYUN.Abp.Account.Web/Areas/Account/Controllers/AccountController.cs) - [Login.cshtml.cs](file://aspnet-core/modules/account/LINGYUN.Abp.Account.Web/Pages/Account/Login.cshtml.cs) - [AbpAccountWebOAuthModule.cs](file://aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/AbpAccountWebOAuthModule.cs) - [AccountEmailSender.cs](file://aspnet-core/modules/account/LINGYUN.Abp.Account.Emailing/LINGYUN/Abp/Account/Emailing/AccountEmailSender.cs) - [AccountOAuthSettingDefinitionProvider.cs](file://aspnet-core/modules/account/LINGYUN.Abp.Account.OAuth/LINGYUN/Abp/Account/OAuth/Settings/AccountOAuthSettingDefinitionProvider.cs) - [AccountSettingDefinitionProvider.cs](file://aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/Settings/AccountSettingDefinitionProvider.cs) - [VerifyAuthenticatorCode.cshtml.cs](file://aspnet-core/modules/account/LINGYUN.Abp.Account.Web/Pages/Account/VerifyAuthenticatorCode.cshtml.cs) - [AccountContainer.cs](file://aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN/Abp/Account/AccountContainer.cs)

目录

  1. 项目结构
  2. 核心组件
  3. 账户生命周期管理
  4. Web界面实现
  5. API接口设计
  6. 身份认证服务集成
  7. 账户安全策略
  8. 账户信息维护
  9. 邮件模板集成
  10. 配置指南
  11. 扩展点说明

项目结构

账户管理模块采用分层架构设计,包含多个子模块,每个子模块负责不同的功能领域。模块主要分为应用层、契约层、HTTP API层、Web界面层、OAuth集成层和邮件服务层。

graph TB
subgraph "账户管理模块"
A[Account.Application] --> B[业务逻辑实现]
C[Account.Application.Contracts] --> D[数据传输对象]
E[Account.HttpApi] --> F[API控制器]
G[Account.Web] --> H[Web界面]
I[Account.Web.OAuth] --> J[第三方登录]
K[Account.Emailing] --> L[邮件服务]
M[Account.Templates] --> N[邮件模板]
end

图示来源

  • AccountAppService.cs
  • AccountController.cs
  • AccountEmailSender.cs

本节来源

  • AccountAppService.cs
  • AccountController.cs

核心组件

账户管理模块的核心组件包括账户应用服务、账户控制器、邮件发送服务和OAuth集成模块。这些组件协同工作,实现了完整的账户管理功能。

classDiagram
class AccountAppService {
+RegisterAsync(WeChatRegisterDto input)
+RegisterAsync(PhoneRegisterDto input)
+ResetPasswordAsync(PhoneResetPasswordDto input)
+SendPhoneSigninCodeAsync(SendPhoneSigninCodeDto input)
+SendEmailSigninCodeAsync(SendEmailSigninCodeDto input)
+GetTwoFactorProvidersAsync(GetTwoFactorProvidersInput input)
}
class AccountController {
+RegisterAsync(WeChatRegisterDto input)
+RegisterAsync(PhoneRegisterDto input)
+ResetPasswordAsync(PhoneResetPasswordDto input)
+SendPhoneSigninCodeAsync(SendPhoneSigninCodeDto input)
+SendEmailSigninCodeAsync(SendEmailSigninCodeDto input)
+GetTwoFactorProvidersAsync(GetTwoFactorProvidersInput input)
}
class AccountEmailSender {
+SendMailLoginVerifyCodeAsync(string code, string userName, string emailAddress)
+SendEmailConfirmLinkAsync(Guid userId, string userEmail, string confirmToken, string appName)
}
class AbpAccountWebOAuthModule {
+AddGitHub(options)
+AddQQ(options)
+AddWeixin(options)
+AddWorkWeixin(options)
+AddBilibili(options)
}
AccountController --> AccountAppService : "依赖"
AccountAppService --> AccountEmailSender : "使用"
AbpAccountWebOAuthModule --> AccountAppService : "集成"

图示来源

  • AccountAppService.cs
  • AccountController.cs
  • AccountEmailSender.cs
  • AbpAccountWebOAuthModule.cs

本节来源

  • AccountAppService.cs
  • AccountController.cs
  • AccountEmailSender.cs

账户生命周期管理

账户管理模块提供了完整的用户账户生命周期管理功能,包括注册、登录、密码管理和账户注销等核心功能。

注册流程

系统支持多种注册方式,包括微信小程序注册、手机号注册和邮箱注册。注册流程遵循严格的安全验证机制。

sequenceDiagram
participant 用户 as "用户"
participant AccountAppService as "AccountAppService"
participant UserManager as "UserManager"
participant SecurityTokenCache as "SecurityTokenCache"
participant EmailSender as "EmailSender"
用户->>AccountAppService : 提交注册信息
AccountAppService->>AccountAppService : 验证邮箱格式
AccountAppService->>AccountAppService : 检查是否允许自注册
AccountAppService->>UserManager : 创建用户账户
UserManager-->>AccountAppService : 返回用户对象
AccountAppService->>UserManager : 添加默认角色
AccountAppService->>SecurityTokenCache : 生成安全令牌
SecurityTokenCache-->>AccountAppService : 返回令牌
AccountAppService->>EmailSender : 发送邮箱确认链接
EmailSender-->>用户 : 发送确认邮件
AccountAppService->>AccountAppService : 保存安全日志
AccountAppService-->>用户 : 注册成功响应

图示来源

  • AccountAppService.cs
  • AccountEmailSender.cs

密码管理

系统提供了完整的密码管理功能,包括密码重置、密码修改和密码强度验证。

sequenceDiagram
participant 用户 as "用户"
participant AccountAppService as "AccountAppService"
participant UserManager as "UserManager"
participant SecurityTokenCache as "SecurityTokenCache"
用户->>AccountAppService : 请求重置密码
AccountAppService->>UserManager : 查询用户信息
AccountAppService->>SecurityTokenCache : 检查是否重复发送
SecurityTokenCache-->>AccountAppService : 返回检查结果
AccountAppService->>UserManager : 生成二次认证码
UserManager-->>AccountAppService : 返回验证码
AccountAppService->>AccountAppService : 发送短信验证码
AccountAppService->>SecurityTokenCache : 缓存验证码状态
用户->>AccountAppService : 提交验证码和新密码
AccountAppService->>UserManager : 验证验证码
UserManager-->>AccountAppService : 返回验证结果
AccountAppService->>UserManager : 生成重置密码Token
AccountAppService->>UserManager : 重置密码
UserManager-->>AccountAppService : 返回操作结果
AccountAppService->>SecurityTokenCache : 移除缓存项
AccountAppService->>AccountAppService : 保存安全日志
AccountAppService-->>用户 : 密码重置成功

图示来源

  • AccountAppService.cs

本节来源

  • AccountAppService.cs

Web界面实现

账户管理模块的Web界面基于Razor Pages技术实现,提供了用户友好的交互体验。

登录界面

登录界面支持多种登录方式,包括密码登录、手机验证码登录和二维码登录。

flowchart TD
Start([登录页面加载]) --> CheckConfig["检查配置"]
CheckConfig --> EnableLocalLogin{"本地登录启用?"}
EnableLocalLogin --> |否| ShowExternalOnly["仅显示外部登录"]
EnableLocalLogin --> |是| ShowAllLogin["显示所有登录方式"]
ShowAllLogin --> PasswordLogin["密码登录"]
ShowAllLogin --> PhoneLogin["手机验证码登录"]
ShowAllLogin --> QrCodeLogin["二维码登录"]
ShowAllLogin --> ExternalLogin["第三方登录"]
PasswordLogin --> ValidateInput["验证输入"]
PhoneLogin --> SendCode["发送验证码"]
QrCodeLogin --> GenerateQrCode["生成二维码"]
ExternalLogin --> Redirect["重定向到第三方"]
ValidateInput --> Authenticate["身份验证"]
SendCode --> WaitCode["等待用户输入"]
GenerateQrCode --> WaitScan["等待用户扫描"]
Authenticate --> Result{"验证结果"}
Result --> |成功| RedirectSuccess["重定向到目标页面"]
Result --> |失败| ShowError["显示错误信息"]
WaitCode --> InputCode["用户输入验证码"]
InputCode --> VerifyCode["验证验证码"]
VerifyCode --> Result
WaitScan --> ScanResult{"扫描结果"}
ScanResult --> |成功| RedirectSuccess
ScanResult --> |失败| ShowError
RedirectSuccess --> End([登录完成])
ShowError --> End

图示来源

  • Login.cshtml.cs

注册界面

注册界面提供了完整的用户注册流程,包括信息填写、验证码验证和协议确认。

flowchart TD
Start([注册页面加载]) --> CheckConfig["检查配置"]
CheckConfig --> EnableRegister{"允许注册?"}
EnableRegister --> |否| ShowError["显示注册禁用"]
EnableRegister --> |是| ShowForm["显示注册表单"]
ShowForm --> FillInfo["填写用户信息"]
FillInfo --> ValidateEmail["验证邮箱格式"]
ValidateEmail --> SendCode["发送验证码"]
SendCode --> WaitCode["等待用户输入"]
WaitCode --> InputCode["用户输入验证码"]
InputCode --> VerifyCode["验证验证码"]
VerifyCode --> AgreeTerms["同意服务条款"]
AgreeTerms --> SubmitForm["提交注册表单"]
SubmitForm --> CreateAccount["创建账户"]
CreateAccount --> SendConfirm["发送确认邮件"]
SendConfirm --> ShowSuccess["显示注册成功"]
ShowSuccess --> End([注册完成])
VerifyCode --> |失败| ShowError
ShowError --> End

图示来源

  • Login.cshtml.cs

本节来源

  • Login.cshtml.cs

API接口设计

账户管理模块提供了RESTful API接口,支持前后端分离架构。

API端点

接口路径 HTTP方法 功能描述 请求参数 响应类型
/api/account/wechat/register POST 微信注册 WeChatRegisterDto void
/api/account/phone/register POST 手机注册 PhoneRegisterDto void
/api/account/phone/reset-password PUT 重置密码 PhoneResetPasswordDto void
/api/account/phone/send-signin-code POST 发送登录验证码 SendPhoneSigninCodeDto void
/api/account/email/send-signin-code POST 发送邮箱登录验证码 SendEmailSigninCodeDto void
/api/account/phone/send-register-code POST 发送注册验证码 SendPhoneRegisterCodeDto void
/api/account/phone/send-password-reset-code POST 发送密码重置验证码 SendPhoneResetPasswordCodeDto void
/api/account/two-factor-providers GET 获取双因素认证提供者 GetTwoFactorProvidersInput ListResultDto

本节来源

  • AccountController.cs

身份认证服务集成

账户管理模块与身份认证服务深度集成,支持多种认证方式。

认证流程

sequenceDiagram
participant 客户端 as "客户端"
participant AccountController as "AccountController"
participant SignInManager as "SignInManager"
participant UserManager as "UserManager"
participant IdentitySecurityLogManager as "IdentitySecurityLogManager"
客户端->>AccountController : 提交登录请求
AccountController->>SignInManager : 密码登录验证
SignInManager->>UserManager : 查询用户信息
UserManager-->>SignInManager : 返回用户对象
SignInManager->>SignInManager : 验证密码
SignInManager-->>AccountController : 返回验证结果
AccountController->>IdentitySecurityLogManager : 保存安全日志
IdentitySecurityLogManager-->>AccountController : 操作结果
AccountController-->>客户端 : 登录响应

图示来源

  • [AccountController.cs](file://aspnet-core/modules/account/LINGYUN.Abp.Account.Web/Areas/Account/Controllers/AccountController.cs