NopCommerce学习笔记 一.17303476

架构

语言包

下载language_pack.xml
自己修改，不同版本可能会出现有一些菜单或表单字段没有完全汉化，自己添加补充完就行了。
导入language_pack.xml

到数据库中找到LocaleStringResource这个表，查看一下这个表中LanguageId，1是英文，2是中文。实际上可以在这个表直接给做修改，将本地化语言对应写到
ResouceValue字段中即可。

直接修改数据库，刷新页面发现并没有更新。猜测这块是用了缓存的，待后面继续研究。

源码研究

1. 登录
   Nop.Web中找到Infrastructure下的RouteProvider里，Login路由指向Customer控制器下的Login Action。
   再去Nop.Web下的Controller目录中找到CustomerController.cs，查看LoginAction的内容。从里面的代码可以看出，所有的业务逻辑实现在
   Nop.Services/Customers 下的CustomerRegistrationService.cs内。下面是这个方法的实现。

从方法的实现可以看到，先去判断用户是否存在（一次判断用户是否存在、用户是否被删除、用户是否未激活、是否未注册）。然后再去匹配密码，
如果密码有错误的话，就增加尝试次数。达到指定次数后就锁定一段时间。 登录成功以后，再去判断用户的权限。

        /// <summary>
        /// Validate customer
        /// </summary>
        /// <param name="usernameOrEmail">Username or email</param>
        /// <param name="password">Password</param>
        /// <returns>
        /// A task that represents the asynchronous operation
        /// The task result contains the result
        /// </returns>
        public virtual async Task<CustomerLoginResults> ValidateCustomerAsync(string usernameOrEmail, string password)
        {
            var customer = _customerSettings.UsernamesEnabled ?
                await _customerService.GetCustomerByUsernameAsync(usernameOrEmail) :
                await _customerService.GetCustomerByEmailAsync(usernameOrEmail);

            if (customer == null)
                return CustomerLoginResults.CustomerNotExist;
            if (customer.Deleted)
                return CustomerLoginResults.Deleted;
            if (!customer.Active)
                return CustomerLoginResults.NotActive;
            //only registered can login
            if (!await _customerService.IsRegisteredAsync(customer))
                return CustomerLoginResults.NotRegistered;
            //check whether a customer is locked out
            if (customer.CannotLoginUntilDateUtc.HasValue && customer.CannotLoginUntilDateUtc.Value > DateTime.UtcNow)
                return CustomerLoginResults.LockedOut;

            if (!PasswordsMatch(await _customerService.GetCurrentPasswordAsync(customer.Id), password))
            {
                //wrong password
                customer.FailedLoginAttempts++;
                if (_customerSettings.FailedPasswordAllowedAttempts > 0 &&
                    customer.FailedLoginAttempts >= _customerSettings.FailedPasswordAllowedAttempts)
                {
                    //lock out
                    customer.CannotLoginUntilDateUtc = DateTime.UtcNow.AddMinutes(_customerSettings.FailedPasswordLockoutMinutes);
                    //reset the counter
                    customer.FailedLoginAttempts = 0;
                }

                await _customerService.UpdateCustomerAsync(customer);

                return CustomerLoginResults.WrongPassword;
            }

            var selectedProvider = await _permissionService.AuthorizeAsync(StandardPermissionProvider.EnableMultiFactorAuthentication, customer)
                ? await _genericAttributeService.GetAttributeAsync<string>(customer, NopCustomerDefaults.SelectedMultiFactorAuthenticationProviderAttribute)
                : null;
            var store = await _storeContext.GetCurrentStoreAsync();
            var methodIsActive = await _multiFactorAuthenticationPluginManager.IsPluginActiveAsync(selectedProvider, customer, store.Id);
            if (methodIsActive)
                return CustomerLoginResults.MultiFactorAuthenticationRequired;

            if (!string.IsNullOrEmpty(selectedProvider))
                _notificationService.WarningNotification(await _localizationService.GetResourceAsync("MultiFactorAuthentication.Notification.SelectedMethodIsNotActive"));

            //update login details
            customer.FailedLoginAttempts = 0;
            customer.CannotLoginUntilDateUtc = null;
            customer.RequireReLogin = false;
            customer.LastLoginDateUtc = DateTime.UtcNow;
            await _customerService.UpdateCustomerAsync(customer);

            return CustomerLoginResults.Successful;
        }