😃A simple and practical CMS implemented by .NET + FreeSql;前后端分离、Docker部署、OAtuh2授权登录、自动化部署DevOps、自动同步至Gitee、代码生成器、仿掘金专栏
Home Page: https://vvlog.igeekfan.cn/#/index
License: MIT License
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
重现步骤(可选):
文章设置 是否允许评论,参数有问题,导致 一旦关闭评论即无法打开评论
期望的结果是什么?
修复拼错误
我觉得直接用abp vnext的模块来开发效率要高些,后续的微服务支持也要好些?
重现步骤(可选):
期望的结果是什么?
实际的结果是什么?
描述你希望的支持的新功能?
代码生成器
重现步骤(可选):
-igeekfan.cn-orange){kind=icon}
var row= await _fileRepository.UpdateDiy.Set(a => a.Path, path).ExecuteAffrowsAsync();
描述你希望的支持的新功能?
PgSql 自动创建数据库简单示例:
public static FreeSqlBuilder CreateDatabaseIfNotExistsPgSql(this FreeSqlBuilder @this,
string connectionString = "")
{
if (connectionString == "")
{
connectionString = GetConnectionString(@this);
}
NpgsqlConnectionStringBuilder builder = new NpgsqlConnectionStringBuilder(connectionString);
string createDatabaseSql =
$"DROP DATABASE IF EXISTS \"{builder.Database}\"; CREATE DATABASE \"{builder.Database}\" WITH OWNER = \"{builder.Username}\"";
using NpgsqlConnection cnn = new NpgsqlConnection(
$"Host={builder.Host};Port={builder.Port};Username={builder.Username};Password={builder.Password};Pooling=true");
cnn.Open();
using (NpgsqlCommand cmd = cnn.CreateCommand())
{
cmd.CommandText = createDatabaseSql;
cmd.ExecuteNonQuery();
}
return @this;
}
你期望的 API 是怎样的?
描述你希望的支持的新功能?
你期望的 API 是怎样的?
代码在执行过程中 出现异常 会被UnitOfWorkAsyncInterceptor 的 拦截方法 给拦截掉
重现步骤(可选):
后台登录->个人设置->修改密码 ,代码位置LinCms.Application.Cms.Users:VerifyUserPasswordAsync与ChangePasswordAsync方法
期望的结果是什么?
修改密码成功
实际的结果是什么?
输入正确密码提示密码错误,输入错误密码提示修改成功后,数据未发生改变
已解决方案
代码位置
LinCms.Application.Cms.Users UserService 中ChangePasswordAsync方法
public async Task ChangePasswordAsync(ChangePasswordDto passwordDto)
{
long currentUserId = _currentUser.Id ?? 0;
bool valid = await _userIdentityService.VerifyUserPasswordAsync(currentUserId, passwordDto.OldPassword);
if (!valid)
{
throw new LinCmsException("旧密码不正确");
}
await _userIdentityService.ChangePasswordAsync(currentUserId, passwordDto.NewPassword);
}
LinCms.Application.Cms.Users:ChangePasswordAsync方法
public async Task ChangePasswordAsync(long userId, string newpassword)
{
string encryptPassword = EncryptUtil.Encrypt(newpassword);
var linUserIdentity = await _userIdentityRepository.Where(a => a.CreateUserId == userId).FirstAsync();
linUserIdentity.Credential = encryptPassword;
_ = _userIdentityRepository.Update(linUserIdentity);//.ExecuteUpdatedAsync();
}
上面那个qq第三方登录,SaveQQAsync
应该是。。 IdentityType = LinUserIdentity.QQ,
public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
{
return ConvertIntDateTime(double.Parse(reader.Value.ToString()));
}
public static DateTime ConvertIntDateTime(double milliseconds)
{
return new DateTime(1970, 1, 1).AddMilliseconds(milliseconds);
}
实体类传DateTime,类型为 FormBody,会序列化。存在 异常。
描述你希望的支持的新功能?
功能:
用户付费之后,才能查看完整内容,这个功能有在开发计划里吗?
或者能否给个实现思路?
你期望的 API 是怎样的?
无
描述你希望的支持的新功能?
这样的switch case 还可以 再优化。
你期望的 API 是怎样的?
使用策略者模式减少switch case 语句
[HttpGet("signin-callback")]
public async Task<IActionResult> Home(string provider, string redirectUrl = "")
{
if (string.IsNullOrWhiteSpace(provider))
{
return BadRequest();
}
if (!await HttpContext.IsProviderSupportedAsync(provider))
{
return BadRequest();
}
AuthenticateResult authenticateResult = await _contextAccessor.HttpContext.AuthenticateAsync(provider);
if (!authenticateResult.Succeeded) return Redirect(redirectUrl);
var openIdClaim = authenticateResult.Principal.FindFirst(ClaimTypes.NameIdentifier);
if (openIdClaim == null || string.IsNullOrWhiteSpace(openIdClaim.Value))
return Redirect(redirectUrl);
long id = 0;
switch (provider)
{
case LinUserIdentity.GitHub:
id = await _userCommunityService.SaveGitHubAsync(authenticateResult.Principal, openIdClaim.Value);
break;
case LinUserIdentity.QQ:
id = await _userCommunityService.SaveQQAsync(authenticateResult.Principal, openIdClaim.Value);
break;
case LinUserIdentity.Gitee:
string access_token = authenticateResult.Properties.GetTokenValue("access_token");
string refresh_token = authenticateResult.Properties.GetTokenValue("refresh_token");
string token_type = authenticateResult.Properties.GetTokenValue("token_type");
string expires_at = authenticateResult.Properties.GetTokenValue("expires_at");
id = await _userCommunityService.SaveGiteeAsync(authenticateResult.Principal, openIdClaim.Value);
break;
case LinUserIdentity.WeiXin:
break;
default:
_logger.LogError($"未知的privoder:{provider},redirectUrl:{redirectUrl}");
throw new LinCmsException($"未知的privoder:{provider}!");
}
List<Claim> authClaims = authenticateResult.Principal.Claims.ToList();
LinUser user = await _userRepository.Select.IncludeMany(r => r.LinGroups)
.WhereCascade(r => r.IsDeleted == false).Where(r => r.Id == id).FirstAsync();
if (user == null)
{
throw new LinCmsException("第三方登录失败!");
}
List<Claim> claims = new List<Claim>()
{
new Claim (ClaimTypes.NameIdentifier, user.Id.ToString ()),
new Claim (ClaimTypes.Email, user.Email?? ""),
new Claim (ClaimTypes.GivenName, user.Nickname?? ""),
new Claim (ClaimTypes.Name, user.Username?? ""),
};
user.LinGroups?.ForEach(r =>
{
claims.Add(new Claim(LinCmsClaimTypes.Groups, r.Id.ToString()));
});
//claims.AddRange(authClaims);
string token = _jsonWebTokenService.Encode(claims);
//TODO 生成刷新token
//user.AddRefreshToken(token);
//await _userRepository.UpdateAsync(user);
return Redirect($"{redirectUrl}#login-result?token={token}");
}
/// <summary>
/// 第三方账号绑定回调
/// </summary>
/// <param name="provider"></param>
/// <param name="redirectUrl"></param>
/// <param name="token"></param>
/// <returns></returns>
[HttpGet("signin-bind-callback")]
public async Task<IActionResult> SignInBindCallBack(string provider, string redirectUrl = "", string token = "")
{
if (string.IsNullOrWhiteSpace(provider))
{
return BadRequest();
}
if (!await HttpContext.IsProviderSupportedAsync(provider))
{
return BadRequest();
}
if (token.IsNullOrEmpty() || !token.StartsWith("Bearer "))
{
return Redirect($"{redirectUrl}#bind-result?code={ErrorCode.Fail}&message={HttpUtility.UrlEncode("请先登录")}");
}
else
{
token = token.Remove(0, 7);
}
AuthenticateResult authenticateResult = await _contextAccessor.HttpContext.AuthenticateAsync(provider);
if (!authenticateResult.Succeeded) return Redirect($"{redirectUrl}#bind-result?code=fail&message={authenticateResult.Failure.Message}");
var openIdClaim = authenticateResult.Principal.FindFirst(ClaimTypes.NameIdentifier);
if (openIdClaim == null || string.IsNullOrWhiteSpace(openIdClaim.Value))
return Redirect($"{redirectUrl}#bind-result?code={ErrorCode.Fail}&message={HttpUtility.UrlEncode("未能获取openId")}");
JwtPayload jwtPayload = (JwtPayload)_jsonWebTokenService.Decode(token);
string nameIdentifier = jwtPayload.Claims.FirstOrDefault(r => r.Type == ClaimTypes.NameIdentifier)?.Value;
if (nameIdentifier.IsNullOrWhiteSpace())
{
return Redirect($"{redirectUrl}#bind-result?code={ErrorCode.Fail}&message={HttpUtility.UrlEncode("请先登录")}");
}
long userId = long.Parse(nameIdentifier);
UnifyResponseDto unifyResponseDto;
switch (provider)
{
case LinUserIdentity.GitHub:
unifyResponseDto = await _userCommunityService.BindGitHubAsync(authenticateResult.Principal, openIdClaim.Value, userId);
break;
case LinUserIdentity.QQ:
unifyResponseDto = await _userCommunityService.BindQQAsync(authenticateResult.Principal, openIdClaim.Value, userId);
break;
case LinUserIdentity.Gitee:
unifyResponseDto = await _userCommunityService.BindGiteeAsync(authenticateResult.Principal, openIdClaim.Value, userId);
break;
//case LinUserIdentity.WeiXin:
// break;
default:
_logger.LogError($"未知的privoder:{provider},redirectUrl:{redirectUrl}");
unifyResponseDto = UnifyResponseDto.Error($"未知的privoder:{provider}!");
break;
}
return Redirect($"{redirectUrl}#bind-result?code={unifyResponseDto.Code.ToString()}&message={HttpUtility.UrlEncode(unifyResponseDto.Message.ToString())}");
}
public async Task<UnifyResponseDto> BindGitHubAsync(ClaimsPrincipal principal, string openId, long userId)
{
string name = principal.FindFirst(ClaimTypes.Name)?.Value;
return await this.BindAsync(LinUserIdentity.GitHub, name, openId, userId);
}
public async Task<UnifyResponseDto> BindQQAsync(ClaimsPrincipal principal, string openId, long userId)
{
string nickname = principal.FindFirst(ClaimTypes.Name)?.Value;
return await this.BindAsync(LinUserIdentity.QQ, nickname, openId, userId);
}
public async Task<UnifyResponseDto> BindGiteeAsync(ClaimsPrincipal principal, string openId, long userId)
{
string name = principal.FindFirst(ClaimTypes.Name)?.Value;
return await this.BindAsync(LinUserIdentity.Gitee, name, openId, userId);
}
private async Task<UnifyResponseDto> BindAsync(string identityType, string name, string openId, long userId)
{
LinUserIdentity linUserIdentity = await _userIdentityRepository.Where(r => r.IdentityType == identityType && r.Credential == openId).FirstAsync();
if (linUserIdentity == null)
{
var userIdentity = new LinUserIdentity(identityType, name, openId, DateTime.Now);
userIdentity.CreateUserId = userId;
await _userIdentityRepository.InsertAsync(userIdentity);
return UnifyResponseDto.Success("绑定成功");
}
else
{
return UnifyResponseDto.Error("绑定失败,该用户已绑定其他账号");
}
}
public async Task<long> SaveGitHubAsync(ClaimsPrincipal principal, string openId)
{
xxx
return userId;
}
public async Task<long> SaveQQAsync(ClaimsPrincipal principal, string openId)
{
xxx
return userId;
}
public async Task<long> SaveGiteeAsync(ClaimsPrincipal principal, string openId)
{
xxx
return userId;
}
为了保证系统的安全可靠,比如登录,注册等接口,增加验证码。
感谢开源,我fork后代码改的太多,就没法pr,这里给可能需要的人提供下效果的和思路。
我们想实现的效果是
也许,看到这里,你可能会嗤之以鼻,这个多简单,还用你啰嗦
/// <summary>
/// 删除图书
/// </summary>
/// <remarks>
/// 描述测试 **markdown测试**
///<remarks>
[HttpDelete("{id}")]
[LinCmsAuthorize("删除图书", "图书",Desc = "描述测试 **markdown测试**")]
public async Task<UnifyResponseDto> DeleteAsync(int id)
{
await _bookService.DeleteAsync(id);
return UnifyResponseDto.Success();
}这有问题吗?没有问题。
但是,作为一个强迫症,我是无法容忍自己写两遍一样的东西的,那怎么办呢?
首先,修改 LinCmsAuthorizeAttribute, 增加一个可选的 描述字段
public class LinCmsAuthorizeAttribute : Attribute, IAsyncAuthorizationFilter
{
public string Permission { get; }
public string Module { get; }
public string? Desc { get; set; }
public LinCmsAuthorizeAttribute(string permission, string module)这样,我们就可以删除掉上面的注释了,统统使用注解来完成。
接着,我们给swagger增加一个Filter,使之在找不到注释的时候,使用我们的权限注解,即优先注释。
public class AuthorizeAttrFilter : IOperationFilter
{
public void Apply(OpenApiOperation operation, OperationFilterContext context)
{
var swaggerOperationAttribute =context.MethodInfo.GetCustomAttributes(true).OfType<LinCmsAuthorizeAttribute>().FirstOrDefault();
if (swaggerOperationAttribute == null) return;
if (operation.Summary == null && swaggerOperationAttribute.Permission != null)
operation.Summary = swaggerOperationAttribute.Permission;
if (operation.Description == null && swaggerOperationAttribute.Desc != null)
operation.Description = swaggerOperationAttribute.Desc;
}
}最后,我们应用这个Filter就可以了。
options.CustomOperationIds(apiDesc =>
{
var controllerAction = apiDesc.ActionDescriptor as ControllerActionDescriptor;
return
$"{controllerAction.ControllerName}-{controllerAction.ActionName}-{controllerAction.GetHashCode()}";
});
// 添加这行,应用之~
options.OperationFilter<AuthorizeAttrFilter>();吃水不忘挖井人,希望能起到抛砖引玉的效果
比如存某用户选择的是markdown还是富文本。
name="Article.Editor",
value="markdown" 或 "富文本",
provider_name为"User",
provider_key为用户Id
或存储七牛云的某一个配置
name="Qiniu.AK",
value="asfadsfadf23rft66S4XM2GIK7FGmj7czuYkcAyNGDAc" ,
provider_name为"Qiniu"或自己定义的字符串
provider_key为空
技术频道
分类专栏管理:发布随笔时可选择单个分类。
标签:统计每个标签下多少个文章、多少人关注
随笔
评论
关注
个人主页
设置
消息
http://naotu.baidu.com/file/6532431a2e1f0c37c93c5ffd1dd5b49c?token=87690a9bc64fbae1
分为三种
id name info
1 Admin 系统管理员
2 CmsAdmin 内容管理员
3 User 普通用户
大多数表存在如下8个字段,用于记录行的变化状态,is_deleted为软删除,执行删除操作时,将其状态置为true,默认实体类继承 FullAduitEntity 即可拥有以下8个字段。该设计参考ABP中的实现。FullAduitEntity为泛型,默认id为long类型,FullAduitEntity<Guid>,即可改变主键类型,默认LinUser表主键long,保持create_user_id,delete_user_id,update_user_id都与LinUser的主键相同
id bigint
create_user_id bigint
create_time datetime
is_deleted bit
delete_user_id bigint
delete_time datetime
update_user_id bigint
update_time datetime
重现步骤(可选):
期望的结果是什么?
页面无报错
实际的结果是什么?
报错
版本是刚拉的
完整的表结构文档: https://igeekfan.gitee.io/vovo-docs/dotnetcore/lin-cms/table.html
update lin_user set salt='9fd248c8-e9da-412f-bad9-aa5f7f1d7b80';
update lin_user_identity set credential='IWxIlqMAE3SU3JTogdDAJw==' where identity_type='Password';
重现步骤(可选):
期望的结果是什么?
实际的结果是什么?
我看更新日志都懒的写了,最后的日志部分还是升级到.net5.
验证码接口,一个简单的图片验证码,用于登录时验证。
以base64的形式+tag即唯一值关联(前后端分离,无法存在session中)
重现步骤(可选):
该[FromServices]存在循环依赖
public SubscribeCountDto GetUserSubscribeInfo(long userId, [FromServices] IAuditBaseRepository<UserTag> _userTagRepository)
{
}[19:07:35 ERR] 异常信息:Self referencing loop detected for property '_orm' with type 'FreeSql.MySql.MySqlProvider`1[IFreeSql]'. Path '_userTagRepository.Orm._originalFsql.Ado._util'. | at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.CheckForCircularReference(JsonWriter writer, Object value, JsonProperty property, JsonContract contract, JsonContainerContract containerContract, JsonProperty containerProperty)
at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.CalculatePropertyValues(JsonWriter writer, Object value, JsonContainerContract contract, JsonProperty member, JsonProperty property, JsonContract& memberContract, Object& memberValue)
at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeObject(JsonWriter writer, Object value, JsonObjectContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)
at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeObject(JsonWriter writer, Object value, JsonObjectContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)
at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeObject(JsonWriter writer, Object value, JsonObjectContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)
at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeObject(JsonWriter writer, Object value, JsonObjectContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)
at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeObject(JsonWriter writer, Object value, JsonObjectContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)
at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeDictionary(JsonWriter writer, IDictionary values, JsonDictionaryContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)
at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.Serialize(JsonWriter jsonWriter, Object value, Type objectType)
at Newtonsoft.Json.JsonSerializer.SerializeInternal(JsonWriter jsonWriter, Object value, Type objectType)
at Newtonsoft.Json.JsonConvert.SerializeObjectInternal(Object value, Type type, JsonSerializer jsonSerializer)
at LinCms.Aop.Filter.LogActionFilterAttribute.OnActionExecuting(ActionExecutingContext context) in /src/src/LinCms.Core/Aop/Filter/LogActionFilterAttribute.cs:line 41
at Microsoft.AspNetCore.Mvc.Filters.ActionFilterAttribute.OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
--- End of stack trace from previous location ---
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted) | <s:LinCms.Aop.Filter.LinCmsExceptionFilter>
[19:07:35 INF] Executing JsonResult, writing value of type 'LinCms.Data.UnifyResponseDto'. <s:Microsoft.AspNetCore.Mvc.NewtonsoftJson.NewtonsoftJsonResultExecutor>
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.