tsai
/
abp-next-admin2
mirror of https://github.com/colinin/abp-next-admin.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
这是基于vue-vben-admin 模板适用于abp vNext的前端管理项目
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2820 Commits
68 Branches
53 Tags
74 MiB
 
 
 
 
 
 
Tree: bdc7e6cf3e
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'bdc7e6cf3e'
${ noResults }
abp-next-admin2/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.Sms/README.EN.md

2.8 KiB
Raw Blame History

LINGYUN.Abp.OpenIddict.Sms

ABP version NuGet

Introduction

LINGYUN.Abp.OpenIddict.Sms is an SMS verification extension module for OpenIddict, providing authentication functionality based on phone numbers and SMS verification codes.

简体中文

Features

  • SMS Verification Code Authentication

    • Support for phone number login
    • Support for SMS verification code validation
    • Support for multi-tenant authentication

  • User Management Integration

    • Support for finding users by phone number
    • Support for account lockout policy
    • Support for failed attempt counting

  • Security Logging

    • Record login attempts
    • Record verification code failures
    • Record account lockouts

  • Localization Support

    • Integrated with ABP localization framework
    • Support for custom error messages

Installation

dotnet add package LINGYUN.Abp.OpenIddict.Sms

Usage

  1. Add [DependsOn(typeof(AbpOpenIddictSmsModule))] to your module class.

  2. Configure OpenIddict server:

public override void PreConfigureServices(ServiceConfigurationContext context)
{
    PreConfigure<OpenIddictServerBuilder>(builder =>
    {
        // Allow SMS verification code authentication flow
        builder.AllowSmsFlow();
    });
}
  1. Usage example:
POST /connect/token
Content-Type: application/x-www-form-urlencoded

grant_type=sms&
phone_number=13800138000&
phone_verify=123456&
scope=openid profile

Parameters

  • phone_number (required)

    • Phone number
    • Must be a valid phone number format

  • phone_verify (required)

    • SMS verification code
    • Must be a valid verification code

  • scope (optional)

    • Requested permission scopes
    • Defaults include openid profile

Error Codes

  • invalid_grant
    • GrantTypeInvalid - Authorization type not allowed
    • PhoneVerifyInvalid - Phone verification code invalid or expired
    • PhoneOrTokenCodeNotFound - Phone number or verification code not provided
    • PhoneNumberNotRegister - Phone number not registered

Notes

  • Phone number must be registered
  • Verification codes have limited validity
  • Failed verifications increase failure count
  • Multiple verification failures may lead to account lockout
  • All authentication operations are recorded in security logs
  • HTTPS is recommended in production environments