private async Task SignInProcess(vwCHIS_Sys_Login login, int stationId, int?departId, string loginExtMobile)
{
var userPrincipal = await GetSignInPrincipalAsync(login, stationId, departId, loginExtMobile);
await HttpContext.SignInAsync(Global.AUTHENTICATION_SCHEME, userPrincipal,
new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddDays(120),
IsPersistent = true,
AllowRefresh = true
});
}
internal async Task <ClaimsPrincipal> GetSignInPrincipalAsync(vwCHIS_Sys_Login login, int stationId, int?departId, string loginExtMobile = "")
{
//登录注册信息写入 ------------------------------------------------------------------
//注册登记信息
var claims = new List <Claim>();
Action <string, object> claimsAdd = (key, val) =>
{
string v = "";
if (val is DateTime || val is DateTime?)
{
v = ((DateTime)val).Ticks.ToString();
}
else if (val is IEnumerable <int> )
{
v = string.Join(",", (IEnumerable <int>)val);
}
else if (val is IEnumerable <string> )
{
v = string.Join(",", (IEnumerable <string>)val);
}
else
{
v = Ass.P.PStr(val);
}
claims.Add(new Claim(key, v));
};
claims.Add(new Claim(ClaimTypes.NameIdentifier, login.CustomerId.ToString(), ClaimValueTypes.Integer, Global.AUTHENTICATION_ISSUER));
claims.Add(new Claim(ClaimTypes.Name, login.CustomerName ?? "", ClaimValueTypes.String, Global.AUTHENTICATION_ISSUER));
// claims.Add(new Claim(ClaimTypes.Role, userLoginData.RoleName ?? "", ClaimValueTypes.String, Global.AUTHENTICATION_ISSUER));
claimsAdd("LoginId", login.LoginId);
claimsAdd("OpId", login.CustomerId);
claimsAdd("DoctorId", login.DoctorId);
claimsAdd("OpMan", login.CustomerName);
var cus = await _db.vwCHIS_Code_Customer.AsNoTracking().FirstOrDefaultAsync(m => m.CustomerID == login.CustomerId);
claimsAdd("Gender", cus.Gender);
claimsAdd("Birthday", cus.Birthday ?? DateTime.Today);
var docr = await _db.vwCHIS_Code_Doctor.AsNoTracking().FirstOrDefaultAsync(m => m.CustomerId == login.CustomerId && m.DoctorId == login.DoctorId);
claimsAdd("PostTitleName", docr.PostTitleName);
claimsAdd("PhotoUrlDef", docr.PhotoUrlDef);
claimsAdd("DoctorAppId", docr.DoctorAppId);//app端的用户Id
var ws = _db.CHIS_Code_WorkStation.Find(stationId);
claimsAdd("StationId", stationId);
claimsAdd("DrugStoreStationId", ws.DrugStoreStationId ?? stationId); //药品药房Id
claimsAdd("StationName", ws.StationName); //工作站名称
claimsAdd("StationTypeId", ws.StationTypeId);
claimsAdd("LoginTime", DateTime.Now);
claimsAdd("IsCanTreat", ws.IsCanTreat);
claimsAdd("IsManageUnit", ws.IsManageUnit);
var stationIds = _db.CHIS_Sys_Rel_DoctorStations.AsNoTracking().Where(m => m.StationIsEnable && m.DoctorId == login.DoctorId).Select(m => m.StationId);
claimsAdd("MyAllowStationIds", stationIds);
var sonStationIds = _db.CHIS_Code_WorkStation.AsNoTracking().Where(m => m.ParentStationID == stationId).Select(m => m.StationID);
claimsAdd("MySonStations", sonStationIds);
departId = departId ?? findDepartId(login.DoctorId.Value, stationId);
var depart = departId.HasValue ? _db.CHIS_Code_Department.Find(departId) : null;
claimsAdd("SelectedDepartmentId", departId);//选择的部门
claimsAdd("SelectedDepartmentName", depart?.DepartmentName);
var myroleids = _db.CHIS_Sys_Rel_DoctorStationRoles.AsNoTracking().Where(m => m.DoctorId == login.DoctorId && m.StationId == stationId && m.MyRoleIsEnable && m.MyStationIsEnable).Select(m => m.RoleId.Value);
claimsAdd("MyRoleIds", myroleids);
var myrolekeys = _db.CHIS_SYS_Role.AsNoTracking().Where(m => myroleids.Contains(m.RoleID)).Select(m => m.RoleKey);
claimsAdd("MyRoleNames", myrolekeys);
//辅助登录
if (login.NeedLoginExt)
{
var loginExt = _loginSvr.GetLoginExt(loginExtMobile, login.LoginId);
if (loginExt == null)
{
throw new Exception("登录信息没有获取到");
}
if (!loginExt.LoginExtEnabled)
{
throw new Exception("该用户已禁用");
}
//辅助登录
claimsAdd("LoginExtId", loginExt.LoginExtId);
claimsAdd("LoginExtMobile", loginExt.LoginExtMobile);
claimsAdd("LoginExtName", loginExt.LoginExtName);
claimsAdd("LoginExtFuncKeys", _loginSvr.GetLoginExtFuncKeys(loginExt.LoginExtId));
}
else
{
claimsAdd("LoginExtId", 0);
claimsAdd("LoginExtMobile", "");
claimsAdd("LoginExtName", "");
claimsAdd("LoginExtFuncKeys", "");
}
var userIdentity = new ClaimsIdentity(Global.AUTHENTICATION_CLAIMS_IDENTITY);//其他都可以,主要獲取時候方便
userIdentity.AddClaims(claims);
//驗證書
var userPrincipal = new ClaimsPrincipal(userIdentity);
return(userPrincipal);
}
public async Task <IActionResult> Login(Models.ViewModel.HisLoginViewModel model)
{
try
{
bool rlt = false;
//解密传入的登录数据
Func <string, HisLoginViewModel, (bool, HisLoginViewModel)> decriptModel = (type, m) =>
{
if (type == "STEP2" || type == "STEPEXT")
{
//验证解密数据
string[] dd = Ass.Data.Secret.Decript(m.LoadEncipt, Ass.Data.Secret.GetDynamicEncriptCode(m.BaseTimeTicks)).Split('|');
if (dd[0] == m.LoginName)
{
m.LoginPassword = dd[1];
rlt = true;
}
else
{
throw new Exception("数据加密校验错误 002");
}
}
return(rlt, m);
};
vwCHIS_Sys_Login login = null;
//判断传入的数据,是否是初次传入(有密码,没有加密串)
//使用传入的数据后,对密码会进行MD5加密处理,对用户名和密码进行3des加密处理
string sendType = "";
if (!string.IsNullOrEmpty(model.LoginPassword) && !string.IsNullOrEmpty(model.LoadEncipt) && !model.IsNeedLoginExt)
{
sendType = "STEP2";
}
if (!string.IsNullOrEmpty(model.LoginPassword) && string.IsNullOrEmpty(model.LoadEncipt))
{
sendType = "STEP1";
}
if (model.IsNeedLoginExt)
{
sendType = "STEPEXT";
}
if (string.IsNullOrEmpty(sendType))
{
throw new Exception("数据加密校验错误 001");
}
if (sendType == "STEP1" || sendType == "STEPEXT")
{
if (!ModelState.IsValid)
{
return(View(model));
}
var mrlt = decriptModel(sendType, model);
login = CheckHisLogin_PwdCheck(mrlt.Item2, mrlt.Item1);
}
var stations = GetUserAllowedStations(model.LoginName);
if (stations.Count() == 0)
{
ModelState.AddModelError("", "该用户没有工作站信息"); return(View());
}
if (model.StationId == 0)
{
if (stations.Count() > 1)
{
if (sendType == "STEP1")
{
ViewBag.Stations = stations;
ViewBag.StationTree = new Code.Managers.UserFrameManager().GetStationsTree(stations);
model.BaseTimeTicks = DateTime.Now.Ticks;
model.LoadEncipt = Ass.Data.Secret.Encript(string.Format("{0}|{1}", model.LoginName, Ass.Data.Secret.MD5(model.LoginPassword))
, Ass.Data.Secret.GetDynamicEncriptCode(DateTime.Now.Ticks)); //数据加密
model.LoginPassword = Ass.Data.Secret.Encript(model.LoginPassword, Global.SYS_ENCRIPT_PWD); //密码加密
ViewBag.DoctorId = GetLoginInfoName(model.LoginName).DoctorId; //医生的Id
return(View("selectStation", model));
}
}
if (stations.Count() == 1)
{
model.StationId = stations.FirstOrDefault().StationID;
}
}
//如果需要重登录系统
if (login != null && login.NeedLoginExt)
{
ViewBag.loginExtItems = _loginSvr.GetLoginExtsOfThis(login.LoginId).Where(m => m.LoginExtEnabled)
.Select(m => new Microsoft.AspNetCore.Mvc.Rendering.SelectListItem
{
Value = m.LoginExtMobile,
Text = $"{m.LoginExtName}({m.LoginExtMobile})"
});
ViewBag.loginStationStoreInfo = _loginSvr.GetStationStoreInfo(model.StationId, login.DoctorId.Value);
if (sendType == "STEP1")
{
model.BaseTimeTicks = DateTime.Now.Ticks;
model.LoadEncipt = Ass.Data.Secret.Encript(string.Format("{0}|{1}", model.LoginName, Ass.Data.Secret.MD5(model.LoginPassword))
, Ass.Data.Secret.GetDynamicEncriptCode(DateTime.Now.Ticks)); //数据加密
model.LoginPassword = Ass.Data.Secret.Encript(model.LoginPassword, Global.SYS_ENCRIPT_PWD); //密码加密
}
model.IsNeedLoginExt = true;
if (model.LoginExtPwd.IsEmpty() && model.LoginExtMobile.IsEmpty())
{
return(View("loginExtInput", model));
}
else
{
if (!_loginSvr.CheckLoginExtPwd(login.LoginId, model.LoginExtMobile, model.LoginExtPwd, out Exception exx))
{
if (exx != null)
{
ModelState.AddModelError("", exx.Message);
}
else
{
ModelState.AddModelError("", "错误的密码!");
}
return(View("loginExtInput", model));
}
}
}
if (!stations.Select(m => m.StationID).Contains(model.StationId))
{
ModelState.AddModelError("", "该用户没有被授权到指定工作站"); return(View());
}
if (sendType == "STEP1")
{
model.LoginPassword = Ass.Data.Secret.MD5(model.LoginPassword);
}
model = decriptModel(sendType, model).Item2;
var customerId = await CheckHisLogin(model);
if (customerId <= 0)
{
throw new Exception("获取用户数据失败");
}
if (customerId > 0)
{
await Logger.WriteInfoAsync("HomeLogin", "Login", $"用户({model.LoginName})登录成功,工作站({model.StationId})");
return(RedirectToAction("LoginedDefault")); //登录到默认页面
}
return(View(model));
}
catch (Exception ex)
{
if (ex.InnerException != null)
{
ex = ex.InnerException;
}
var rlt = ex.Message;
rlt = rlt.Replace("ChisAdmin", "[数据账户]").Replace("CHIS", "[天使数据库]");
ModelState.AddModelError("", rlt);
await Logger.WriteErrorAsync("HomeLogin", "Login", ex);
return(View(model));
}
}
