private void SaveToken(OAuthToken token, string code)
{
DBAccess dba = new DBAccess();
dba.AddTable(DBConst.C3010A00);
dba.AddWhere(DBConst.C3010A03, code);
dba.AddWhere(DBConst.C3010A04, OAuthClient.KUAIPAN);
dba.AddWhere(DBConst.C3010A05, CharUtil.Text2DB(token.UserId));
dba.AddDeleteBatch();
dba.ReInit();
dba.AddTable(DBConst.C3010A00);
dba.AddParam(DBConst.C3010A01, 0);
dba.AddParam(DBConst.C3010A02, HashUtil.UtcTimeInHex(false));
dba.AddParam(DBConst.C3010A03, code);
dba.AddParam(DBConst.C3010A04, OAuthClient.KUAIPAN);
dba.AddParam(DBConst.C3010A05, CharUtil.Text2DB(token.UserId));
dba.AddParam(DBConst.C3010A06, KuaipanServer.CONSUMER_KEY);
dba.AddParam(DBConst.C3010A07, KuaipanServer.CONSUMER_SECRET);
dba.AddParam(DBConst.C3010A08, CharUtil.Text2DB(token.Token));
dba.AddParam(DBConst.C3010A09, CharUtil.Text2DB(token.Secret));
dba.AddParam(DBConst.C3010A0A, 1);
dba.AddParam(DBConst.C3010A0B, DBConst.SQL_NOW, false);
dba.AddParam(DBConst.C3010A0C, DBConst.SQL_NOW, false);
dba.AddInsertBatch();
dba.ExecuteBatch();
}
/// <summary>
/// 修改口令
/// </summary>
/// <param name="name"></param>
/// <param name="oldPass"></param>
/// <param name="newPass"></param>
/// <returns></returns>
public bool WsSignPk(string name, string oldPass, string newPass, XmlWriter writer)
{
var dba = new DBAccess();
dba.AddTable(DBConst.C3010400);
dba.AddColumn(DBConst.C3010402);
dba.AddWhere(DBConst.C3010400, CharUtil.Text2DB(name));
var dt = dba.ExecuteSelect();
if (dt.Rows.Count != 1)
{
writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!");
return false;
}
string code = dt.Rows[0][DBConst.C3010402] as string;
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddColumn(DBConst.APWD0002);
dba.AddColumn(DBConst.APWD0003);
dba.AddWhere(DBConst.APWD0001, code);
dba.AddSort(DBConst.APWD0002, true);
dt = dba.ExecuteSelect();
if (dt.Rows.Count != 4)
{
writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!");
return false;
}
string data = dt.Rows[0][DBConst.APWD0003] as string;
if (string.IsNullOrEmpty(data))
{
writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!");
return false;
}
byte[] b = Convert.FromBase64String(data);
string info = dt.Rows[0][DBConst.APWD0003] as string;
string main = dt.Rows[0][DBConst.APWD0003] as string;
string safe = dt.Rows[0][DBConst.APWD0003] as string;
// 已有口令校验
if (info != Digest(name, oldPass, b))
{
writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!");
return false;
}
// 口令
byte[] k = GenK(name, code, oldPass);
// 向量
byte[] v = GenV(name, code, oldPass);
byte[] t = Convert.FromBase64String(main);
#region AES 加密
AesManaged aes1 = new AesManaged();
using (MemoryStream mStream = new MemoryStream())
{
using (CryptoStream cStream = new CryptoStream(mStream, aes1.CreateDecryptor(k, v), CryptoStreamMode.Write))
{
cStream.Write(t, 0, t.Length);
cStream.FlushFinalBlock();
t = mStream.ToArray();
}
}
aes1.Clear();
#endregion
new Random().NextBytes(b);
// 口令
k = GenK(name, code, newPass);
// 向量
v = GenV(name, code, newPass);
#region AES 加密
AesManaged aes2 = new AesManaged();
using (MemoryStream mStream = new MemoryStream())
{
using (CryptoStream cStream = new CryptoStream(mStream, aes2.CreateEncryptor(k, v), CryptoStreamMode.Write))
{
cStream.Write(t, 0, t.Length);
cStream.FlushFinalBlock();
t = mStream.ToArray();
}
}
aes1.Clear();
#endregion
// 摘要用户登录信息
info = Digest(name, newPass, b);
data = Convert.ToBase64String(b);
main = Convert.ToBase64String(t);
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddWhere(DBConst.APWD0001, code);
dba.AddDeleteBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Data");
dba.AddParam(DBConst.APWD0003, data);
dba.AddInsertBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Info");
dba.AddParam(DBConst.APWD0003, info);
dba.AddInsertBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Main");
dba.AddParam(DBConst.APWD0003, main);
dba.AddInsertBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Safe");
dba.AddParam(DBConst.APWD0003, safe);
dba.AddInsertBatch();
dba.ExecuteBatch();
writer.WriteElementString("Code", code);
writer.WriteElementString("Data", data);
writer.WriteElementString("Info", info);
writer.WriteElementString("Main", main);
writer.WriteElementString("Safe", safe);
return true;
}
/// <summary>
/// 用户注册
/// </summary>
/// <returns></returns>
public bool WsSignUp(string name, string pass, XmlWriter writer)
{
name = name.ToLower();
Random r = new Random();
// 口令
byte[] t = new byte[72];
int i = 0;
byte[] a = Encoding.UTF8.GetBytes(_Code);
Array.Copy(a, 0, t, i, a.Length);
i += a.Length;
_Salt = new byte[16];
r.NextBytes(_Salt);
Array.Copy(_Salt, 0, t, i, _Salt.Length);
i += _Salt.Length;
_Keys = new byte[32];
r.NextBytes(_Keys);
Array.Copy(_Keys, 0, t, i, _Keys.Length);
i += _Keys.Length;
_Mask = CharUtil.GenerateUserChar();
a = Encoding.UTF8.GetBytes(_Mask);
Array.Copy(a, 0, t, i, a.Length);
#region AES 加密
byte[] k = GenK(name, _Code, pass);
byte[] v = GenV(name, _Code, pass);
AesManaged aes = new AesManaged();
using (MemoryStream mStream = new MemoryStream())
{
using (CryptoStream cStream = new CryptoStream(mStream, aes.CreateEncryptor(k, v), CryptoStreamMode.Write))
{
cStream.Write(t, 0, t.Length);
cStream.FlushFinalBlock();
t = mStream.ToArray();
}
}
aes.Clear();
#endregion
DBAccess dba = new DBAccess();
dba.AddTable(DBConst.APWD0000);
dba.AddWhere(DBConst.APWD0001, _Code);
dba.AddDeleteBatch();
a = new byte[256];
r.NextBytes(a);
string data = Convert.ToBase64String(a);
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, _Code);
dba.AddParam(DBConst.APWD0002, "Data");
dba.AddParam(DBConst.APWD0003, data);
dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
dba.AddInsertBatch();
string info = Digest(name, pass, a);
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, _Code);
dba.AddParam(DBConst.APWD0002, "Info");
dba.AddParam(DBConst.APWD0003, info);
dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
dba.AddInsertBatch();
string main = Convert.ToBase64String(t);
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, _Code);
dba.AddParam(DBConst.APWD0002, "Main");
dba.AddParam(DBConst.APWD0003, main);
dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
dba.AddInsertBatch();
string safe = "";
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, _Code);
dba.AddParam(DBConst.APWD0002, "Safe");
dba.AddParam(DBConst.APWD0003, safe);
dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
dba.AddInsertBatch();
dba.ExecuteBatch();
a = new byte[256];
new Random().NextBytes(a);
writer.WriteElementString("Code", _Code);
writer.WriteElementString("Data", data);
writer.WriteElementString("Info", info);
writer.WriteElementString("Main", main);
writer.WriteElementString("Safe", safe);
return true;
}
public void InitUserData()
{
#region 数据初始化
DBAccess dba = new DBAccess();
dba.AddTable(DBConst.ACAT0200);
dba.AddWhere(DBConst.ACAT0202, Code);
dba.AddDeleteBatch();
dba.ReInit();
dba.AddParam(DBConst.ACAT0201, DBConst.ACAT0201, false);
dba.AddParam(DBConst.ACAT0202, Code);
dba.AddParam(DBConst.ACAT0203, DBConst.ACAT0203, false);
dba.AddParam(DBConst.ACAT0204, DBConst.ACAT0204, false);
dba.AddParam(DBConst.ACAT0205, DBConst.ACAT0205, false);
dba.AddParam(DBConst.ACAT0206, DBConst.ACAT0206, false);
dba.AddParam(DBConst.ACAT0207, DBConst.ACAT0207, false);
dba.AddParam(DBConst.ACAT0208, DBConst.ACAT0208, false);
dba.AddParam(DBConst.ACAT0209, DBConst.ACAT0209, false);
dba.AddParam(DBConst.ACAT020A, DBConst.ACAT020A, false);
dba.AddParam(DBConst.ACAT020B, DBConst.ACAT020B, false);
dba.AddParam(DBConst.ACAT020C, 1);
dba.AddParam(DBConst.ACAT020D, 1);
dba.AddWhere(DBConst.ACAT0202, IUser.AMON_CODE);
dba.AddBackupBatch(DBConst.ACAT0200, DBConst.ACAT0200);
dba.ReInit();
dba.AddTable(DBConst.APWD0300);
dba.AddWhere(DBConst.APWD0303, Code);
dba.AddDeleteBatch();
dba.ReInit();
dba.AddParam(DBConst.APWD0301, DBConst.APWD0301, false);
dba.AddParam(DBConst.APWD0302, DBConst.APWD0302, false);
dba.AddParam(DBConst.APWD0303, Code);
dba.AddParam(DBConst.APWD0304, DBConst.APWD0304, false);
dba.AddParam(DBConst.APWD0305, DBConst.APWD0305, false);
dba.AddParam(DBConst.APWD0306, DBConst.APWD0306, false);
dba.AddParam(DBConst.APWD0307, DBConst.APWD0307, false);
dba.AddParam(DBConst.APWD0308, DBConst.APWD0308, false);
dba.AddParam(DBConst.APWD0309, DBConst.APWD0309, false);
dba.AddParam(DBConst.APWD030A, DBConst.APWD030A, false);
dba.AddParam(DBConst.APWD030B, 1);
dba.AddParam(DBConst.APWD030C, 1);
dba.AddWhere(DBConst.APWD0303, IUser.AMON_CODE);
dba.AddBackupBatch(DBConst.APWD0300, DBConst.APWD0300);
dba.ReInit();
dba.AddTable(DBConst.AUDC0100);
dba.AddWhere(DBConst.AUDC0102, Code);
dba.AddDeleteBatch();
dba.ReInit();
dba.AddParam(DBConst.AUDC0101, DBConst.AUDC0101, false);
dba.AddParam(DBConst.AUDC0102, Code);
dba.AddParam(DBConst.AUDC0103, DBConst.AUDC0103, false);
dba.AddParam(DBConst.AUDC0104, DBConst.AUDC0104, false);
dba.AddParam(DBConst.AUDC0105, DBConst.AUDC0105, false);
dba.AddParam(DBConst.AUDC0106, DBConst.AUDC0106, false);
dba.AddParam(DBConst.AUDC0107, DBConst.AUDC0107, false);
dba.AddParam(DBConst.AUDC0108, DBConst.AUDC0108, false);
dba.AddParam(DBConst.AUDC0109, DBConst.AUDC0109, false);
dba.AddParam(DBConst.AUDC010A, 1);
dba.AddParam(DBConst.AUDC010B, 1);
dba.AddWhere(DBConst.AUDC0102, IUser.AMON_CODE);
dba.AddBackupBatch(DBConst.AUDC0100, DBConst.AUDC0100);
dba.ExecuteBatch();
#endregion
}
