public IActionResult login([FromBody] login value)
{
if (string.IsNullOrEmpty(value.username))
{
return(Ok(new { status = 409, message = "Username/Email Required" }));
}
if (string.IsNullOrEmpty(value.password))
{
return(Ok(new { status = 409, message = "Password Required" }));
}
Authorize auth = new Authorize();
sysUser user = mContext.sysUser.Where(x => x.username == value.username || x.email == value.username).SingleOrDefault();
if (user == null)
{
return(Ok(new { status = 409, message = "Username/email is not found" }));
}
bool validate = auth.validateLoginPassword(value.password, user.password);
if (!validate)
{
return(Ok(new { status = 409, message = "Wrong Password" }));
}
string defaultMenu = mContext.sysModuleRole.Include(x => x.module).Where(x => x.userRoleId == user.roleId && x.isActive == true && x.isDefault == true).Select(x => "/" + x.module.controller + "/" + x.module.view).SingleOrDefault();
HttpContext.Session.SetString("fullname", user.name);
HttpContext.Session.SetInt32("roleId", user.roleId);
return(Ok(new { status = 200, message = defaultMenu }));
}
public Dictionary <string, object> add([FromBody] sysUser user)
{
user.Valid(message, db);
if (message.Count == 0)
{
user.Password = Ricky.Common.EncryptString(user.Password);
user.CreateTime = Ricky.Common.NowDate;
db.sysUsers.Add(user);
db.SaveChanges();
foreach (int RoleId in user.RoleIds)
{
sysUserInRole userRole = new sysUserInRole();
userRole.RoleId = RoleId;
userRole.UserId = user.UserId;
db.sysUserInRoles.Add(userRole);
}
foreach (int EstateId in user.EstateIds)
{
sysUserInEstate userEstate = new sysUserInEstate();
userEstate.EstateId = EstateId;
userEstate.UserId = user.UserId;
db.sysUserInEstates.Add(userEstate);
}
db.SaveChanges();
}
else
{
result["code"] = "failed";
}
result["message"] = message;
return(result);
}
public Dictionary <string, object> Index([FromBody] LoginModel model)
{
if (ModelState.IsValid)
{
string password = Ricky.Common.EncryptString(model.password);
sysUser user = db.sysUsers.FirstOrDefault(w => w.LoginName == model.name && w.Password == password);
if (user != null)
{
user.LastLoginTime = Ricky.Common.NowDate;
user.LastLoginIp = Request.RequestUri.Host;
db.SaveChanges();
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(0, model.name, DateTime.Now,
DateTime.Now.AddHours(12), true, string.Format("{0}&{1}", model.name, model.password),
FormsAuthentication.FormsCookiePath);
result["ticket"] = FormsAuthentication.Encrypt(ticket);
}
else
{
result["code"] = "failed";
result["message"] = new List <string> {
"用户名或密码错误"
};
}
}
else
{
result["code"] = "failed";
result["message"] = GetErrorMessage(ModelState.Values);
}
return(result);
}
protected void Page_Load(object sender, EventArgs e)
{
//为管理员和普通职员分配不同界面
sysUser user = new sysUser();
MSysUser objsysuser = new MSysUser();
objsysuser.UserName = Session["loginName"].ToString();
DataTable dt = user.SelectSysUserByUserName(objsysuser);
if (dt.Rows.Count > 0)
{
if (Convert.ToBoolean(Session["IsSysManager"]))
{
AdminNav1.Visible = true;
UserNav1.Visible = false;
}
else
{
AdminNav1.Visible = false;
UserNav1.Visible = true;
}
}
else
{
Response.Redirect("~/Default.aspx");
}
}
protected void Application_End(object sender, EventArgs e)
{
// 在应用程序关闭时运行的代码
sysUser sysuser = new sysUser();
MSysUser objsysuser = new MSysUser();
objsysuser.UserName = Session["loginName"].ToString();
objsysuser.SignState = false;
sysuser.UpdateSysUserSignStateByUserName(objsysuser);
}
protected override void Initialize(System.Web.Http.Controllers.HttpControllerContext controllerContext)
{
var authorization = controllerContext.Request.Headers.Authorization;
if (authorization != null && !string.IsNullOrEmpty(authorization.Parameter))
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authorization.Parameter);
user = db.sysUsers.FirstOrDefault(w => w.LoginName == ticket.Name);
user.EstateIds = (from b in db.sysUserInEstates where b.UserId == user.UserId select b.EstateId).ToArray();
}
base.Initialize(controllerContext);
}
protected void imgBtnLogonOut_Click(object sender, ImageClickEventArgs e)
{
if (Session["loginName"] != null)
{
sysUser user = new sysUser();
MSysUser objsysuser = new MSysUser();
objsysuser.UserName = Session["loginName"].ToString();
user.UpdateSysUserSignStateByUserName(objsysuser);
}
Session["loginName"] = null;
Response.Redirect("~/Default.aspx");
}
public Dictionary <string, object> modify([FromBody] sysUser user)
{
user.Valid(message, db, false);
if (message.Count == 0)
{
sysUser newUser = db.sysUsers.FirstOrDefault(w => w.UserId == user.UserId);
if (!user.LoginName.Equals(newUser.LoginName) && db.sysUsers.Count(w => w.LoginName == user.LoginName) > 0)
{
message.Add("账户名称已存在");
}
else
{
Ricky.ObjectCopy.Copy <sysUser>(user, newUser, new string[] { "Password", "CreateTime", "IsSuper", "LastLoginIp", "LastLoginTime", "Status" });
if (!string.IsNullOrEmpty(user.Password))
{
newUser.Password = Ricky.Common.EncryptString(user.Password);
}
var a = from b in db.sysUserInRoles where b.UserId == user.UserId select b;
db.sysUserInRoles.RemoveRange(a);
var userOldEsates = from b in db.sysUserInEstates where b.UserId == user.UserId select b;
db.sysUserInEstates.RemoveRange(userOldEsates);
db.SaveChanges();
foreach (int RoleId in user.RoleIds)
{
sysUserInRole userRole = new sysUserInRole();
userRole.RoleId = RoleId;
userRole.UserId = user.UserId;
db.sysUserInRoles.Add(userRole);
}
foreach (int EstateId in user.EstateIds)
{
sysUserInEstate userEstate = new sysUserInEstate();
userEstate.EstateId = EstateId;
userEstate.UserId = user.UserId;
db.sysUserInEstates.Add(userEstate);
}
db.SaveChanges();
}
}
else
{
result["code"] = "failed";
}
result["message"] = message;
return(result);
}
protected void Session_End(object sender, EventArgs e)
{
// 在会话结束时运行的代码。
// 注意: 只有在 Web.config 文件中的 sessionstate 模式设置为
// InProc 时,才会引发 Session_End 事件。如果会话模式设置为 StateServer
// 或 SQLServer,则不会引发该事件。
sysUser sysuser = new sysUser();
MSysUser objsysuser = new MSysUser();
objsysuser.UserName = Session["loginName"].ToString();
objsysuser.SignState = false;
sysuser.UpdateSysUserSignStateByUserName(objsysuser);
Application.Lock();
int iNum = Int32.Parse(Application["online"].ToString()) - 1;
Application.Set("online", iNum);
Application.UnLock();
}
protected void Button1_Click(object sender, EventArgs e)
{
sysUser user = new sysUser();
MSysUser objsysuser = new MSysUser();
objsysuser.UserName = Session["loginName"].ToString();
objsysuser.UserPwd = TextBox1.Text.Trim().ToString();
bool bl = user.UpdateSysUserPwdByUserName(objsysuser);
if (bl)
{
this.ClientScript.RegisterStartupScript(this.GetType(), "", "<script>alert('设置新密码成功!');</script>");
//Response.Write(bc.MessageBox("设置新密码成功!"));
}
else
{
this.ClientScript.RegisterStartupScript(this.GetType(), "", "<script>alert('设置新密码失败!');</script>");
//Response.Write(bc.MessageBox("设置新密码失败!"));
}
}
public Dictionary <string, object> delete(int id)
{
if (db.sysUserLogs.Count(w => w.UserId == id) > 0)
{
result["code"] = "failed";
message.Add("此用户已经存在系统操作,不可删除。");
}
if (result["code"].ToString() == "success")
{
sysUser user = db.sysUsers.FirstOrDefault(w => w.UserId == id);
if (user.IsSuper)
{
result["code"] = "failed";
message.Add("此用户为系统用户,不可删除。");
}
else
{
db.sysUsers.Remove(user);
db.SaveChanges();
}
}
result["message"] = message;
return(result);
}
protected void btnLogin_Click(object sender, EventArgs e)
{
if (Page.IsValid == true)
{
HttpCookie cookie = Request.Cookies["CheckCode"];
if (string.Compare(cookie.Value, Validator.Text.Trim().ToString(), true) != 0)
{
string myscript = @"alert('验证码输入错误,请重新输入验证码!!!');window.location.href='Default.aspx';";
Page.ClientScript.RegisterStartupScript(this.GetType(), "myscript", myscript, true);
return;
}
if (txtPwd.Text == "" && txtName.Text == "")
{
string myscript = @"alert('用户名称和密码不能为空!');window.location.href='Default.aspx';";
Page.ClientScript.RegisterStartupScript(this.GetType(), "myscript", myscript, true);
return;
}
sysUser user = new sysUser();
MSysUser objsysuser = new MSysUser();
objsysuser.UserName = txtName.Text.Trim();
objsysuser.UserPwd = txtPwd.Text.Trim();
if (rdoBtnAdmin.Checked) //系统管理员登录
{
objsysuser.IsSystemManager = true;
DataTable dt = user.SelectSysUserByUserNameAndUserPwd(objsysuser);
if (dt.Rows.Count > 0)
{
//登录成功后,设置登录时间和标识
objsysuser.SignState = true;
objsysuser.LoginTime = DateTime.Now;
user.UpdateSysUserLoginTimeAndSignState(objsysuser);
//存储登录用户名称
Session["loginName"] = objsysuser.UserName;
//存储登录用户身份
Session["IsSysManager"] = true;
//登录成功后,进入系统主页
Response.Redirect("~/SystemDefault.aspx");
}
else
{
string myscript = @"alert('用户名或密码错误!');window.location.href='Default.aspx';";
Page.ClientScript.RegisterStartupScript(this.GetType(), "myscript", myscript, true);
}
}
else //普通操作职员
{
objsysuser.IsSystemManager = false;
DataTable dt = user.SelectSysUserByUserNameAndUserPwd(objsysuser);
if (dt.Rows.Count > 0)
{
//登录成功后,设置登录时间和标识
objsysuser.SignState = true;
objsysuser.LoginTime = DateTime.Now;
user.UpdateSysUserLoginTimeAndSignState(objsysuser);
//存储登录用户名称
Session["loginName"] = objsysuser.UserName;
//存储登录用户身份
Session["IsSysManager"] = false;
//登录成功后,进入系统主页
Response.Redirect("~/SystemDefault.aspx");
}
else
{
string myscript = @"alert('用户名或密码错误!');window.location.href='Default.aspx';";
Page.ClientScript.RegisterStartupScript(this.GetType(), "myscript", myscript, true);
}
}
}
}
