Beispiel #1
0
        /// <summary>
        /// 验证登陆错误次数.是否锁定
        /// </summary>
        /// <param name="datatime">当前时间</param>
        /// <param name="MinutesCount">多少分钟内</param>
        /// <param name="Number">错误次数</param>
        /// <param name="adminName">管理员登陆名</param>
        /// <returns></returns>
        public bool LoginErrorLock(string adminName, int MinutesCount, int Number)
        {
            string   IP           = EKRequest.GetIP();
            DateTime time_now     = DateTime.Now;
            DateTime time_newdete = time_now.AddMinutes(-MinutesCount);

            return(DBSession.MS_LoginDal.GetCount(p => p.F_IP == IP && p.F_Time >= time_newdete && p.F_Time <= time_now && p.F_AdminName == adminName) > Number);// _BLLLoginBase.GetCount(p => p.F_IP == IP && p.F_Time >= time_newdete && p.F_Time <= time_now && p.F_AdminName == adminName) > Number;
        }
Beispiel #2
0
        /// <summary>
        /// 登陆错误插入数据
        /// </summary>
        public void LoginAddError(string adminName)
        {
            MS_Login login = new MS_Login();

            login.F_AdminName = adminName;
            login.F_IP        = EKRequest.GetIP();
            login.F_Time      = DateTime.Now;
            DBSession.MS_LoginDal.Add(login);
        }
Beispiel #3
0
        /// <summary>
        /// 添加前台用户日志.
        /// </summary>
        /// <param name="level">日志等级</param>
        /// <param name="message">信息说明</param>
        public void AddLogUser(LogLevel level, string message)
        {
            MS_Log m_log = new MS_Log();

            m_log.F_Type      = "user";
            m_log.F_AddTime   = DateTime.Now;
            m_log.F_AdminID   = MS_AdminBLL.AdminID;
            m_log.F_Exception = "";
            m_log.F_Level     = level.ToString();
            m_log.F_Message   = message;
            m_log.F_Source    = EKRequest.GetUrl();
            m_log.F_Thread    = "1";
            m_log.F_IP        = EKRequest.GetIP();

            Add(m_log);
        }
Beispiel #4
0
        /// <summary>
        /// 登录成功
        /// </summary>
        /// <param name="user"></param>
        public void LoginSuccess(MS_Admin admin)
        {
            //更新信息
            admin.F_LastLoginTime = admin.F_ThisLoginTime;
            admin.F_LastLoginIP   = admin.F_ThisLoginIP;

            admin.F_ThisLoginTime = DateTime.Now;
            admin.F_ThisLoginIP   = EKRequest.GetIP();
            admin.F_LoginCount   += 1;
            Update(admin);


            //票证
            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
                                                                             MS_ConfigBLL.AdminPath,
                                                                             DateTime.Now,
                                                                             DateTime.Now.Add(FormsAuthentication.Timeout),
                                                                             true,
                                                                             admin.Kid.ToString(),
                                                                             FormsAuthentication.FormsCookiePath);
            string hashTicket = FormsAuthentication.Encrypt(ticket);

            //写cookie
            HttpCookie adminCookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashTicket);

            adminCookie.HttpOnly = true;
            adminCookie.Expires  = DateTime.Now.Add(FormsAuthentication.Timeout);//分单位
            adminCookie.Domain   = FormsAuthentication.CookieDomain;
            adminCookie.Path     = FormsAuthentication.FormsCookiePath;

            HttpContext.Current.Response.Cookies.Add(adminCookie);
            System.Web.HttpContext.Current.Response.Redirect(FormsAuthentication.DefaultUrl);


            //string userRoles = UserToRole(user); //调用UserToRole方法来获取role字符串
            //FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, user, DateTime.Now, DateTime.Now.AddMinutes(30), false, userRoles, "/");//建立身份验证票对象
            //string HashTicket = FormsAuthentication.Encrypt(Ticket); //加密序列化验证票为字符串
            //HttpCookie UserCookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashTicket);
            ////生成Cookie
            //Context.Response.Cookies.Add(UserCookie); //输出Cookie
            //Context.Response.Redirect(Context.Request["ReturnUrl"]); // 重定向到用户申请的初始页面
        }
Beispiel #5
0
        /// <summary>
        /// 登录
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        protected void btnSubmit_Click(object sender, EventArgs e)
        {
            string adminName = tbxUserName.Text.Trim();
            string password  = tbxPassword.Text.Trim();

            MS_LoginBLL BLLLogin = new MS_LoginBLL();

            //为空
            if (adminName == "")
            {
                Alert.Show("请输入用户名!");
                return;
            }
            if (password == "")
            {
                Alert.Show("请输入密码!");
                return;
            }

            //长度
            if (adminName.Length > 50)
            {
                Alert.Show("用户名过长!");
                return;
            }
            if (password.Length > 50)
            {
                Alert.Show("密码过长!");
                return;
            }

            if (BLLLogin.LoginErrorLock(adminName, 3, 3))
            {
                Alert.Show("登录失败:登陆错误次数超过三次,请过5分钟重新登陆");
                return;
            }
            //MS_AdminBLL BLLAdmin = new MS_AdminBLL();

            MS_Admin m_admin = new MS_AdminBLL().Get(adminName);

            if (m_admin != null && m_admin.F_LoginName == adminName)
            {
                if (EKPasswordUtil.ComparePasswords(m_admin.F_Password, password))
                {
                    if (!m_admin.F_Enabled)
                    {
                        logger.Error("用户: " + m_admin.F_LoginName + " 未启用,请联系管理员!");

                        Alert.Show("用户未启用,请联系管理员!");
                        return;
                    }
                    else
                    {
                        //登录成功
                        logger.Info(String.Format("登录成功:用户“{0}”,登录IP:" + EKRequest.GetIP() + "", m_admin.F_LoginName));
                        new MS_AdminBLL().LoginSuccess(m_admin);
                        return;
                    }
                }
                else
                {
                    BLLLogin.LoginAddError(adminName);
                    logger.Warn(String.Format("登录失败:用户“{0}”密码错误", adminName));
                    Alert.Show("用户名或密码错误!");
                    return;
                }
            }
            else
            {
                BLLLogin.LoginAddError(adminName);
                logger.Warn(String.Format("登录失败:用户“{0}”不存在", adminName));
                Alert.ShowInTop("用户名或密码错误!");
            }
        }