public static void SetAuth(string userIndentityKey, string userdescription, string userName, string shopCode)
{
var gubun = new GetUserByUserName
{
UserName = userName,
ShopCode = shopCode
};
var user = BusinessPortal.Load<Business.Entity.User.User>(gubun);
var shop = BusinessPortal.Load<Shop>(new LoadShopCriteria { SysCode = SecurityPortal.ApplicationName, Code = shopCode });
var str = JavaScriptSerializer.Serialize(new App.Framework.Security.User
{
UserId = Convert.ToInt64(userIndentityKey),
UserName = userName,
UserType = user.UserType,
ShopName = shop == null ? string.Empty : shop.Name,
BUCode = shop == null ? string.Empty : shop.BU_CODE,
ShopType = shop == null ? string.Empty : shop.SHOP_TYPE,
ShopCode = shopCode,
UserCode = userName,
UserDescription = userdescription,
IsSysAdmin = true,
IsShopAdmin = true
});
UserIdentityFactory.Instance.SetAuth(userIndentityKey, userName, null, null, null, str);
}
public ActionResult Login(string username, string password, string shop, string returnUrl)
{
try
{
var user = UserExtension.Instance.GetUserInfo(username, shop) as App.Framework.Security.User;
if (user != null)
SecurityPortal.ValidateUser(username,user.UserDescription, password, shop, UserExtension.Instance);
else
throw new SecurityExceptionToUser("用户不存在");
//BusinessPortal.Execute(new SaveAudit()
// {
// ACTION_TYPE = AcionType.LOGIN.ToString(),
// SHOP_CODE = shop,
// USER_ID = UserExtension.Instance.GetUserInfo(username, shop).UserIdentity.AsInt()
// });
GetUserByUserName u = new GetUserByUserName()
{
UserName = username
};
GetUserLoginIp loginIP = new GetUserLoginIp()
{
USER_ID = user.UserId
};
BusinessPortal.Execute(loginIP);
var enableFlag = "false";//System.Configuration.ConfigurationManager.AppSettings["EnableUserLoginLock"];
if (enableFlag.Equals("true", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrEmpty(loginIP.LOGIN_IP) && loginIP.LOGIN_IP != Request.UserHostAddress)
{
FormsAuthentication.SignOut();
throw new SecurityExceptionToUser(string.Format(CSC.Resources.Account.UserLoginedIPFormat, loginIP.LOGIN_IP));
}
UserIP userIp = new UserIP()
{
USER_ID = user.UserId,
IP = Request.UserHostAddress
};
System.Text.RegularExpressions.Regex reg = new System.Text.RegularExpressions.Regex(@"(\d{1,3}.){3}\d{1,3}");
if (reg.IsMatch(userIp.IP))
BusinessPortal.Execute(userIp);
//Initial logon password change
if (SecurityPortal.InitialLogonChangePassword)
{
if (UserExtension.Instance.CheckInitialLogin(user.UserId))
{
var rolteValues = App.Framework.Web.Pager.Util.GetRouteValueDictionary(HttpContext, null);
return RedirectToAction("InitialPwdChange", rolteValues);
}
}
if (string.IsNullOrEmpty(shop))
{
var rolteValues = App.Framework.Web.Pager.Util.GetRouteValueDictionary(HttpContext, null);
return RedirectToAction("LogInToShop", rolteValues);
}
if (string.IsNullOrEmpty(returnUrl))
return Redirect("~/");
return Redirect(returnUrl);
}
catch (SecurityExceptionToUser ex)
{
ModelState.AddModelError("err", ex.Message);
}
return Login();
}
public bool UserIsExists(string userName, string shopCode)
{
var gubun = new GetUserByUserName()
{
UserName = userName,
ShopCode = shopCode
};
var user = BusinessPortal.Load<Business.Entity.User.User>(gubun);
return user != null;
}
public UserBase GetUserInfo(string userName, string shopCode)
{
GetUserByUserName gubun = new GetUserByUserName()
{
UserName = userName,
ShopCode = shopCode
};
CSC.Business.Entity.User.User user = BusinessPortal.Load<CSC.Business.Entity.User.User>(gubun);
if (user == null)
//throw new SecurityExceptionToUser("用户不存在");
throw new SecurityExceptionToUser("Username is invalid");
if (user.FrozenFlag || user.SuspendFlag)
{
throw new SecurityExceptionToUser(CSC.Resources.Account.UserIsLocked);
}
return new App.Framework.Security.User()
{
UserName = user.UserCode,
UserCode = user.UserCode,
UserId = user.UserId,
UserIdentity = user.UserId.ToString(),
UserDescription = user.UserName,
PasswordExpiryDate = user.PwdExpiryDate
};
}