protected override bool IsAuthorized(HttpActionContext actionContext)
{
try
{
string url = actionContext.Request.RequestUri.AbsoluteUri;
string path = actionContext.Request.RequestUri.AbsolutePath;
if (url.EndsWith("PostLogin") || path.Contains("Webapi/"))
{
return(true);
}
var session = HttpContext.Current.Session;
string sessionKey = SystemEnums.login_user.ToString();
if (session != null)
{
if (session[sessionKey] != null)
{
GgcmsMembers m = session[sessionKey] as GgcmsMembers;
if (m.Id > 0)
{
return(true);
}
}
}
return(false);
}
catch
{
return(false);
}
}
// PUT: api/GgcmsCategories/5
public IHttpActionResult Edit(GgcmsMembers info)
{
var oldinfo = Dbctx.GgcmsMembers.Find(info.Id);
if (oldinfo == null)
{
return(BadRequest("信息不存在"));
}
Dbctx.Entry(oldinfo).State = EntityState.Detached;
//Dbctx.GgcmsMembers.Attach(info);
//Dbctx.Entry(info).Property("goods_name").IsModified = true;
//密码为空时,使用旧密码
if (string.IsNullOrWhiteSpace(info.PassWord))
{
info.PassWord = oldinfo.PassWord;
}
var ent = Dbctx.Entry(info);
ent.State = EntityState.Modified;
Dbctx.SaveChanges();
ClearCache();
info.PassWord = "";
return(Ok(info));
}
public IHttpActionResult ModifyPassword(dynamic passData)
{
string oldPassword = passData.oldPassword.ToString();
string newPassword = passData.newPassword.ToString();
string rePassword = passData.rePassword.ToString();
string sessionKey = SystemEnums.login_user.ToString();
if (Session[sessionKey] != null)
{
GgcmsMembers m = Session[sessionKey] as GgcmsMembers;
GgcmsMembers info = Dbctx.GgcmsMembers.Find(m.Id);
if (info.PassWord != oldPassword)
{
return(BadRequest("原密码不正确"));
}
else if (newPassword != rePassword)
{
return(BadRequest("新密码和确认密码不同"));
}
else
{
info.PassWord = newPassword;
var ent = Dbctx.Entry(info);
ent.Property("PassWord").IsModified = true;
Dbctx.SaveChanges();
Session.RemoveAll();
}
return(Ok(info));
}
return(BadRequest("请先登录"));
}
protected override bool IsAuthorized(HttpActionContext actionContext)
{
try
{
string url = actionContext.Request.RequestUri.AbsoluteUri;
string path = actionContext.Request.RequestUri.AbsolutePath;
foreach (string p in whiteList)
{
if (Regex.IsMatch(url, p, RegexOptions.IgnoreCase))
{
return(true);
}
}
var session = HttpContext.Current.Session;
string sessionKey = SystemEnums.login_user.ToString();
if (session != null)
{
if (session[sessionKey] != null)
{
GgcmsMembers m = session[sessionKey] as GgcmsMembers;
if (m.Id > 0)
{
return(true);
}
}
}
return(false);
}
catch
{
return(false);
}
}
// POST: api/GgcmsCategories
public IHttpActionResult Add(GgcmsMembers info)
{
var result = Dbctx.GgcmsMembers.Add(info);
Dbctx.SaveChanges();
ClearCache();
return(Ok(result));
}
// DELETE: api/GgcmsCategories/5
public IHttpActionResult Delete(int id)
{
GgcmsMembers oldinfo = Dbctx.GgcmsMembers.Find(id);
if (oldinfo == null)
{
return(BadRequest("信息不存在"));
}
//List<int> idlist = GetDeleteIds(oldinfo.ticket_key);
//var query = Dbctx.ticket_information.Where(x => idlist.Contains(x.id));
Dbctx.GgcmsMembers.Remove(oldinfo);
Dbctx.SaveChanges();
ClearCache();
return(Ok(oldinfo));
}
//[GgcmsAuthorizeAttribute("vip")]
public IHttpActionResult PostLogin(dynamic linfo)
{
string username = linfo.username;
string password = linfo.password;
string captcha = linfo.captcha;
string sessionKey = SystemEnums.captcha.ToString();
if (Session[sessionKey] != null)
{
string sn_captcha = Session[sessionKey].ToString();
if (sn_captcha.ToLower() != captcha.ToLower())
{
return(BadRequest("验证码不正确"));
}
}
else
{
return(BadRequest("验证码不正确"));
}
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(BadRequest("用户名和密码不能为空"));
}
var member = from c in ggcmsDb.GgcmsMembers
where c.UserName == username
select c;
GgcmsMembers m = member.FirstOrDefault <GgcmsMembers>();
if (m == null)
{
return(BadRequest("用户名或密码错误,请检查!"));
}
else
{
string md5pass = Tools.getMd5Hash(m.PassWord + captcha);
if (md5pass != password)
{
return(BadRequest("用户名或密码错误,请检查..."));
}
}
m.PassWord = "";
Session.Add(SystemEnums.login_user.ToString(), m);
return(Ok(m));
}
