public IHttpActionResult Login() { try { var request = new AuthenticatedRequest(); var account = request.GetPostString("account"); var password = request.GetPostString("password"); var isAutoLogin = request.GetPostBool("isAutoLogin"); AdministratorInfo adminInfo; if (!DataProvider.AdministratorDao.Validate(account, password, true, out var userName, out var errorMessage)) { adminInfo = AdminManager.GetAdminInfoByUserName(userName); if (adminInfo != null) { DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfFailedLogin(adminInfo); // 记录最后登录时间、失败次数+1 } return(BadRequest(errorMessage)); } adminInfo = AdminManager.GetAdminInfoByUserName(userName); DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfLogin(adminInfo); // 记录最后登录时间、失败次数清零 var accessToken = request.AdminLogin(adminInfo.UserName, isAutoLogin); var expiresAt = DateTime.Now.AddDays(Constants.AccessTokenExpireDays); var isEnforcePasswordChange = false; if (ConfigManager.SystemConfigInfo.IsAdminEnforcePasswordChange) { if (adminInfo.LastChangePasswordDate == null) { isEnforcePasswordChange = true; } else { var ts = new TimeSpan(DateTime.Now.Ticks - adminInfo.LastChangePasswordDate.Value.Ticks); if (ts.TotalDays > ConfigManager.SystemConfigInfo.AdminEnforcePasswordChangeDays) { isEnforcePasswordChange = true; } } } return(Ok(new { Value = adminInfo, AccessToken = accessToken, ExpiresAt = expiresAt, IsEnforcePasswordChange = isEnforcePasswordChange })); } catch (Exception ex) { LogUtils.AddErrorLog(ex); return(InternalServerError(ex)); } }
private void InitPage() { //单点登录地址 var ssoUrl = ConfigHelper.GetConfigString("SSOUrl"); //获取sid var sid = Request.QueryString["sid"]; if (string.IsNullOrWhiteSpace(sid)) { Response.Redirect($"{ssoUrl}/login.aspx?redirecturl={Request.Url.AbsoluteUri}"); } else { try { var appId = ConfigHelper.GetConfigString("AppID"); var appSecret = ConfigHelper.GetConfigString("AppSecret"); var userApi = $"{ssoUrl}/sync.ashx?AppID={appId}&AppSecret={appSecret}&type=ssouser&token={sid}"; var resultStr = SendGetHttpRequest(userApi); //获取用户信息 var result = JsonConvert.DeserializeObject <ResultInfo <UserInfo> >(resultStr); if (!result.Result) { throw new Exception(result.Msg); } //匹配并写入当前用户,再登录 var user = result.Data; if (user == null) { throw new Exception("未获取到用户信息"); } //超级管理员 if (user.LoginName.ToLower() == "admin") { user.Id = "admin"; } //登录到网站系统 var request = new AuthenticatedRequest(); var adminInfo = AdminManager.GetAdminInfoByUserName(user.Id.ToLower()); if (adminInfo == null) { throw new Exception("未获取到用户信息"); } DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfLogin(adminInfo); // 记录最后登录时间、失败次数清零 var accessToken = request.AdminLogin(adminInfo.UserName, false); var expiresAt = DateTime.Now.AddDays(Constants.AccessTokenExpireDays); var isRedirect = Request.QueryString["isRedirect"]; if (isRedirect != "false") { Response.Redirect("pageInitialization.aspx"); } } catch (Exception e) { Response.Write("身份认证失败!" + e.Message); } //Response.Write(sid); } }