hotline/src/Hotline/Identity/IdentityDomainService.cs

using Hotline.Share.Dtos.Identity;
using Microsoft.Extensions.Logging;
using XF.Domain.Cache;
using XF.Domain.Dependency;

namespace Hotline.Identity;

public class IdentityDomainService : IIdentityDomainService, IScopeDependency
{
    private readonly ITypedCache<AccountNonce> _cacheAccountNonce;
    private readonly ILogger<IdentityDomainService> _logger;

    public IdentityDomainService(
        ITypedCache<AccountNonce> cacheAccountNonce,
        ILogger<IdentityDomainService> logger)
    {
        _cacheAccountNonce = cacheAccountNonce;
        _logger = logger;
    }

    /// <summary>
    /// 校验用户是否真实
    /// </summary>
    /// <param name="request"></param>
    /// <returns></returns>
    public bool IsIdentityReal(LoginWithSignatureRequest request)
    {
        /*
             *时间戳timestamp与服务器时间戳相差不能超过60s大于服务器时间戳
               随机数nonce60s内不能重复
             */
        if (string.IsNullOrEmpty(request.Nonce)) return false;
        var now = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
        _logger.LogInformation($"now:{now}, req:{request.Timestamp}");
        if (request.Timestamp > now) return false;
        if ((now - request.Timestamp) >= 60) return false;
        var nonce = _cacheAccountNonce.Get(request.Username)?.Nonce;
        _logger.LogInformation($"nonce:{nonce}, reqnonce:{request.Nonce}");
        if (!string.IsNullOrEmpty(nonce) && string.CompareOrdinal(nonce, request.Nonce) == 0) return false;
        return true;
    }

    /// <summary>
    /// 设置账户随机数
    /// </summary>
    /// <param name="username"></param>
    /// <param name="nonce"></param>
    public void SetAccountNonce(string username, string nonce)
    {
        _cacheAccountNonce.Set(username, new AccountNonce(nonce), TimeSpan.FromSeconds(60));
    }
}