/// <summary>
        /// 用户登录
        /// </summary>
        /// <param name="loginName"></param>
        /// <param name="Password"></param>
        /// <returns></returns>
        public static LoginReturnInfo Login(string loginName, string Password)
        {
            LoginReturnInfo loginRes = new LoginReturnInfo();
            var             user     = Manage.Open.MembershipFactory.Instance.GetUserByLoginName(loginName);

            if (user == null || string.IsNullOrEmpty(user.ID))
            {
                loginRes.Status  = LoginingStatus.NotExits;
                loginRes.Message = "登录失败,用户名不存在或已被禁用!";
                return(loginRes);
            }
            if (user.UserPassword != (loginName + Define._PASSWORDSPLIT + Password).ToMD5())
            {
                loginRes.Status  = LoginingStatus.NotMatch;
                loginRes.Message = "登录失败,密码错误!";
                return(loginRes);
            }
            //转登录用户信息对象
            UserInfo userInfo = user.Adapter <UserInfo>(new UserInfo());
            //生成用户上下文对象
            LoginUserContext context = CreateUserContext(userInfo);

            //登录信息存session
            HttpContext.Current.Session["userContext_UserID"]    = context.UserID;
            HttpContext.Current.Session["userContext_LoginName"] = context.UserInfo.UserLoginName;
            HttpContext.Current.Session["userContext_md5"]       = (context.UserID + Define._USERCACHEKEY + context.UserInfo.UserLoginName).ToMD5();
            //用户上下文存缓存
            LoginUserCacheStorage.Current.Set(context.UserID, context);

            loginRes.LoginUserContext = context;
            loginRes.Status           = LoginingStatus.Success;
            loginRes.Message          = "登录成功!";
            return(loginRes);
        }
Beispiel #2
0
        /// <summary>
        /// 管理员登录
        /// </summary>
        /// <param name="loginName"></param>
        /// <param name="Password"></param>
        /// <returns></returns>
        public static LoginReturnInfo AdminLogin(string loginName, string Password)
        {
            AdminFacade     facade   = new AdminFacade();
            LoginReturnInfo loginRes = new LoginReturnInfo();

            try
            {
                var user = facade.GetUserByLoginName(loginName);
                if (user == null || string.IsNullOrEmpty(user.ID))
                {
                    loginRes.Status  = LoginingStatus.NotExits;
                    loginRes.Message = "登录失败,管理员不存在或已被禁用!";
                    return(loginRes);
                }
                if (user.UserPassword != Password.ToMD5())
                {
                    loginRes.Status  = LoginingStatus.NotMatch;
                    loginRes.Message = "登录失败,密码错误!";
                    return(loginRes);
                }
                //转登录用户信息对象
                UserInfo userInfo = user.Adapter <UserInfo>(new UserInfo());
                //生成用户上下文对象
                LoginUserContext context = CreateUserContext(userInfo);
                //登录信息存session
                HttpContext.Current.Session["userContext_UserID"]    = context.UserID;
                HttpContext.Current.Session["userContext_LoginName"] = context.UserInfo.UserLoginName;
                HttpContext.Current.Session["userContext_md5"]       = (context.UserID + Define._USERCACHEKEY + context.UserInfo.UserLoginName).ToMD5();
                //用户上下文存缓存
                LoginUserCacheStorage.Current.Set(context.UserID, context);

                loginRes.LoginUserContext = context;
                loginRes.Status           = LoginingStatus.Success;
                loginRes.Message          = "登录成功!";
                return(loginRes);
            }
            catch (Exception ex)
            {
                loginRes.Status  = LoginingStatus.SystemError;
                loginRes.Message = "登录失败,管理员不存在或已被禁用!" + ex.ToString();
                return(loginRes);
            }
        }
Beispiel #3
0
        /// <summary>
        /// 单点登录验证
        /// </summary>
        /// <param name="ticket"></param>
        /// <returns></returns>
        public static LoginReturnInfo SSOLogin(string ticket)
        {
            LoginReturnInfo loginRes = new LoginReturnInfo();

            if (string.IsNullOrEmpty(ticket))
            {
                loginRes.Status  = LoginingStatus.ParameterNeed;
                loginRes.Message = "缺少票据信息";
                return(loginRes);
            }
            ticket = System.Net.WebUtility.HtmlDecode(ticket);

            string userTicket = Extends.RSADecryptString(ticket, Define._PRIVATEKEY);//解密票据

            var tickets = userTicket.Split(';');

            if (tickets.Count() != 5)//票据格式由验证中心规定
            {
                loginRes.Status  = LoginingStatus.ErrorTicket;
                loginRes.Message = "无效票据信息!";
                return(loginRes);
            }
            string   ticket_guid = tickets[0].ToString();                                              //票据guid
            string   UserID      = tickets[1].ToString();                                              //用户编号
            DateTime startTime   = tickets[2].ToString().Convert <DateTime>(DateTime.Now.AddDays(-1)); //生成时间
            DateTime endTime     = tickets[3].ToString().Convert <DateTime>(DateTime.Now.AddDays(-1)); //有效期
            string   ticket_md5  = tickets[4].ToString();                                              //票据有效性验证码

            //票据有效性验证
            if (string.Format("{0}{1}{2}{3}{4}{5}{6}", tickets[0], Define._SSOTICKETKEY, tickets[1], Define._SSOTICKETKEY, tickets[2], Define._SSOTICKETKEY, tickets[3]).ToMD5() != tickets[4])
            {
                loginRes.Status  = LoginingStatus.ErrorTicket;
                loginRes.Message = "非法票据信息!";
                return(loginRes);
            }
            if (DateTime.Now < startTime || DateTime.Now > endTime)
            {
                loginRes.Status  = LoginingStatus.TimeOut;
                loginRes.Message = "票据超时!请重新登录。";
                return(loginRes);
            }
            //本系统登录操作
            var user = Manage.Open.MembershipFactory.Instance.GetUserByID(UserID);

            if (user == null || string.IsNullOrEmpty(user.ID))
            {
                loginRes.Status  = LoginingStatus.NotExits;
                loginRes.Message = "登录失败,用户名不存在或已被禁用!";
                return(loginRes);
            }
            user.UserType = (int)UserType.Users;
            //转登录用户信息对象
            UserInfo userInfo = user.Adapter <UserInfo>(new UserInfo());
            //生成用户上下文对象
            LoginUserContext context = CreateUserContext(userInfo);

            //登录信息存session
            HttpContext.Current.Session["userContext_UserID"]    = context.UserID;
            HttpContext.Current.Session["userContext_LoginName"] = context.UserInfo.UserLoginName;
            HttpContext.Current.Session["userContext_md5"]       = (context.UserID + Define._USERCACHEKEY + context.UserInfo.UserLoginName).ToMD5();
            //用户上下文存缓存
            LoginUserCacheStorage.Current.Set(context.UserID, context);

            loginRes.LoginUserContext = context;
            loginRes.Status           = LoginingStatus.Success;
            loginRes.Message          = "登录成功!";
            return(loginRes);
        }