public async Task <StringWrapper> Authenticate(RequestUserLogin request)
{
var user = await dbContext
.Users
.AsTracking()
.Where(r => r.PhoneNumber == request.PhoneNumber)
.FirstOrDefaultAsync();
if (user == null)
{
throw new RecordNotFoundException(nameof(User));
}
if (user.LoginTokenValue == null)
{
throw new NoLoginTokenException();
}
if (DateTime.Now > user.LoginTokenExpirationTime)
{
throw new TokenExpiredException();
}
if (user.LoginTokenValue != request?.LoginToken)
{
throw new InvalidRequestException("Wrong token");
}
////--
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString(CultureInfo.InvariantCulture))
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var sessionToken = tokenHandler.WriteToken(token);
////--
user.LoginTokenValue = null;
user.SessionToken = sessionToken;
await dbContext.SaveChangesAsync();
return(new StringWrapper {
Value = sessionToken
});
}
public ResponseUserLogin UserCheck([FromBody] RequestUserLogin request)
{
try
{
UserBLL bll = new UserBLL();
return(bll.UserCheck(request));
}
catch (Exception ex)
{
throw new HttpResponseException(
Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.Message));
}
}
public static void ValidateAndNormalizeAuthentication(RequestUserLogin request)
{
if (!General.IsDigitsOnly(request.LoginToken))
{
throw new InvalidValueException(nameof(RequestUserLogin.LoginToken), request.LoginToken);
}
General.ValidateStringLength(
nameof(RequestUserLogin.LoginToken),
request.LoginToken,
Settings.Services.LoginTokenLength,
Settings.Services.LoginTokenLength,
false);
request.PhoneNumber = General.ConvertPhoneNoTo12Char(
nameof(request.PhoneNumber),
request.PhoneNumber);
}
public ResponseUserLogin UserCheck(RequestUserLogin request)
{
ResponseUserLogin response = new ResponseUserLogin();
using (cnn = GetConnection())
{
var ts = cnn.BeginTransaction();
try
{
string pass = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(request.Password, "MD5");
var users = cnn.Query <TKS_FAS_User>(@"select * from tks_fas_user where
userName=@UserName and password=@Password",
new { UserName = request.UserName, Password = pass }, ts).ToList();
if (users.Count() == 0)
{
throw new NormalException("用户名或者密码错误");
}
TKS_FAS_User user = users[0];
if (user.Status == "0")
{
throw new NormalException("您的账号已被停用");
}
ts.Commit();
response.IsSuccess = true;
response.Id = user.Id;
response.UserName = user.UserName;
response.TrueName = user.TrueName;
response.Message = "校验成功";
return(response);
}
catch (Exception ex)
{
ts.Rollback();
return(this.DealException(response, ex) as ResponseUserLogin);
}
}
}
public RespondUserLogin Login(RequestUserLogin model)
{
throw new NotImplementedException();
}
public async Task <IActionResult> Authenticate([FromBody] RequestUserLogin request)
{
return(await ExecuteAsync(
() => service.Authenticate(request),
() => UserValidation.ValidateAndNormalizeAuthentication(request)));
}
public ResponseUserLogin UserLogin(RequestUserLogin request)
{
ResponseUserLogin response = new ResponseUserLogin();
using (cnn = GetConnection())
{
var ts = cnn.BeginTransaction();
try
{
string pass = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(request.Password, "MD5");
var users = cnn.Query <TKS_FAS_UserExt>(@"select A.*,B.NodeId ,C.Name as NodeName from tks_fas_user
A left join TKS_FAS_User2Node B on A.id=b.UserId
left join TKS_FAS_Node C on B.NodeId=c.id where
A.userName=@UserName and A.password=@Password",
new { UserName = request.UserName, Password = pass }, ts).ToList();
if (users.Count() == 0)
{
users = cnn.Query <TKS_FAS_UserExt>(@"select A.*,B.NodeId ,C.Name as NodeName from tks_fas_user
A left join TKS_FAS_User2Node B on A.id=b.UserId
left join TKS_FAS_Node C on B.NodeId=c.id where
A.Mobile=@Mobile and A.password=@Password",
new { Mobile = request.Mobile, Password = pass }, ts).ToList();
if (users.Count() == 0)
{
throw new NormalException("用户名或者密码错误");
}
}
TKS_FAS_UserExt user = users[0];
if (user.Status == "0")
{
throw new NormalException("您的账号已被停用");
}
//token
cnn.Execute("delete from tks_fas_token where userid=@UserId and source='WEB'", new { UserId = user.Id }, ts);
TKS_FAS_Token token = new TKS_FAS_Token();
token.Id = Guid.NewGuid().ToString("N");
token.UserId = user.Id;
token.Token = Guid.NewGuid().ToString("N");
token.ActiveTime = DateTime.Now;
token.Source = "WEB";
cnn.Insert <TKS_FAS_Token>(token, ts);
ts.Commit();
response.IsSuccess = true;
response.Id = user.Id;
response.Sex = user.Sex;
response.Token = token.Token;
response.UserName = user.UserName;
response.TrueName = user.TrueName;
response.NodeName = user.NodeName;
response.Message = "登陆成功";
return(response);
}
catch (Exception ex)
{
ts.Rollback();
return(this.DealException(response, ex) as ResponseUserLogin);
}
}
}
public ResponseUserLogin_WX WXLogin(RequestUserLogin request)
{
ResponseUserLogin_WX response = new ResponseUserLogin_WX();
using (cnn = GetConnection())
{
var ts = cnn.BeginTransaction();
try
{
var users = cnn.Query <TKS_FAS_MobileVerification>(@"select * from TKS_FAS_MobileVerification where Status='OP' and CodeType='WX_Regist' and Mobile=@Mobile and VerCode=@VerCode",
new { Mobile = request.Mobile, VerCode = request.VerCode }, ts).FirstOrDefault();
if (users == null)
{
response.IsSuccess = false;
response.Message = "验证码失效";
return(response);
}
else
{
string userid = "";
string role = ConfigurationManager.AppSettings["GZQY-ADMIN"];
cnn.Execute("update TKS_FAS_MobileVerification set Status='SE' where Id=@Id", new { Id = users.Id }, ts);
UserBLL bll = new UserBLL();
string sql = @"select * from TKS_FAS_User where mobile=@Mobile";
var user = cnn.Query <TKS_FAS_User>(sql, new { Mobile = request.Mobile }, ts).FirstOrDefault();
if (user != null)
{
userid = user.Id;
response.user = user;
//判断是否有企业主角色,没有则添加企业主角色权限
var QY = cnn.Query <TKS_FAS_User2Role>(@"select * from TKS_FAS_User2Role where UserId=@UserId and RoleId=@RoleId", new { UserId = user.Id, RoleId = role }, ts).FirstOrDefault();
if (QY == null)
{
TKS_FAS_User2Role u2r = new TKS_FAS_User2Role();
u2r.Id = Guid.NewGuid().ToString();
u2r.UserId = user.Id;
u2r.RoleId = role;//雇主企业管理员角色ID,注册默认;
cnn.Insert <TKS_FAS_User2Role>(u2r, ts);
}
response.IsSuccess = true;
//response.UserType = "0";//有关联的企业账套,直接登录进入主页面
response.Message = "登陆成功";
}
else
{
//创建企业主账号,赋予企业主角色权限
TKS_FAS_User newuser = new TKS_FAS_User();
newuser.Id = Guid.NewGuid().ToString("N");
newuser.UserName = request.Mobile;
newuser.TrueName = request.Mobile;
//newuser.Sex = request.User.Sex;
newuser.Mobile = request.Mobile;
string pass = System.Web.Security.FormsAuthentication.
HashPasswordForStoringInConfigFile("123456", "MD5");
newuser.Password = pass;
newuser.Status = "1";//启用
newuser.CreateUser = "******";
newuser.CreateDate = DateTime.Now;
cnn.Insert <TKS_FAS_User>(newuser, ts);
TKS_FAS_User2Role u2r = new TKS_FAS_User2Role();
u2r.Id = Guid.NewGuid().ToString();
u2r.UserId = newuser.Id;
u2r.RoleId = role;//雇主企业管理员角色ID,注册默认;
cnn.Insert <TKS_FAS_User2Role>(u2r, ts);
response.user = newuser;
response.IsSuccess = true;
response.Message = "登陆成功";
userid = newuser.Id;
}
//token
cnn.Execute("delete from tks_fas_token where userid=@UserId and source='WXAPP'", new { UserId = userid }, ts);
TKS_FAS_Token token = new TKS_FAS_Token();
token.Id = Guid.NewGuid().ToString("N");
token.UserId = userid;
token.Token = Guid.NewGuid().ToString("N");
token.ActiveTime = DateTime.Now;
token.Source = "WXAPP";
cnn.Insert <TKS_FAS_Token>(token, ts);
ts.Commit();
response.Token = token.Token;
return(response);
}
}
catch (Exception ex)
{
ts.Rollback();
return(this.DealException(response, ex) as ResponseUserLogin_WX);
}
}
}
