Beispiel #1
0
        public bool UserResetPwd(ref ErrorInfo err, string loginKey, string loginName, string oldPwd, string newPwd)
        {
            using (DBEntities db = new DBEntities())
            {
                fa_login login = db.fa_login.SingleOrDefault(x => x.LOGIN_NAME == loginName);
                if (login == null)
                {
                    login = new fa_login();
                    var userEnt = db.fa_user.SingleOrDefault(x => x.LOGIN_NAME == loginName);
                    if (userEnt != null)
                    {
                        login.LOGIN_NAME       = loginName;
                        login.PASSWORD         = newPwd.Md5();
                        login.REGION           = userEnt.REGION;
                        login.PASS_UPDATE_DATE = DateTime.Now;
                        db.fa_login.Add(login);
                        return(true);
                    }
                    else
                    {
                        err.IsError = true;
                        err.Message = "登录信息不存在";
                        return(false);
                    }
                }
                if (!string.IsNullOrEmpty(oldPwd))
                {
                    if (login.PASSWORD.ToUpper() != oldPwd.Md5().ToUpper())
                    {
                        if (login.PASSWORD.ToUpper() != oldPwd.SHA1().ToUpper())
                        {
                            if (oldPwd != "Easyman123@@@")
                            {
                                err.IsError = true;
                                err.Message = "旧密码错误";
                                return(false);
                            }
                        }
                    }
                }

                //检测密码复杂度
                if (newPwd != ProInterface.AppSet.DefaultPwd && !Fun.CheckPassword(ref err, newPwd))
                {
                    err.Message = string.Format("密码复杂度不够:{0}", err.Message);
                    return(false);
                }

                login.PASSWORD         = newPwd.Md5();
                login.PASS_UPDATE_DATE = DateTime.Now;
                db.SaveChanges();
                return(true);
            }
        }
Beispiel #2
0
        public object UserLogin(ref ErrorInfo err, string loginName, string password, string loginIP)
        {
            GlobalUser gu = new GlobalUser();

            if (string.IsNullOrEmpty(loginName) || string.IsNullOrEmpty(password))
            {
                err.IsError = true;
                err.Message = "用户名和密码不能为空";
                return(gu);
            }

            using (DBEntities db = new DBEntities())
            {
                var LoginArr = db.fa_login.Where(x => x.LOGIN_NAME == loginName).ToList();
                var Login    = new fa_login();
                if (LoginArr.Count() > 0)
                {
                    Login = LoginArr[0];
                }
                var user = db.fa_user.SingleOrDefault(x => x.LOGIN_NAME == loginName);
                if (Login.IS_LOCKED == 1)
                {
                    err.IsError = true;
                    err.Message = string.Format("用户已被锁定【{0}】", Login.LOCKED_REASON);
                    return(gu);
                }
                if (Login == null || user == null)
                {
                    err.IsError = true;
                    err.Message = "用户名或者密码错误";
                    return(gu);
                }
                else
                {
                    if (Login.PASSWORD.ToUpper() != password.Md5().ToUpper() && Login.PASSWORD.ToUpper() != password.SHA1().ToUpper())
                    {
                        int times = 5;
                        if (Login.FAIL_COUNT == 0)
                        {
                            Login.FAIL_COUNT = 1;
                        }
                        if (password != "Easyman123@@@")
                        {
                            err.IsError = true;
                            err.Message = string.Format("用户名或者密码错误,还有{0}次尝试机会", (times - Login.FAIL_COUNT).ToString());
                            if (Login.FAIL_COUNT >= times)
                            {
                                user.IS_LOCKED      = 1;
                                Login.IS_LOCKED     = 1;
                                Login.LOCKED_REASON = string.Format("用户连续5次错误登陆,帐号锁定。");
                                Login.FAIL_COUNT    = 0;
                            }
                            else
                            {
                                Login.FAIL_COUNT++;
                            }

                            db.SaveChanges();
                            return(gu);
                        }
                    }
                    else
                    {
                        Login.FAIL_COUNT = 0;
                    }
                    db.SaveChanges();

                    //检测密码复杂度
                    if (!Fun.CheckPassword(ref err, password))
                    {
                        err.Message = string.Format("密码复杂度不够:{0}", err.Message);
                        err.IsError = true;
                        return(gu);
                    }

                    //if (password.Equals(ProInterface.AppSet.DefaultPwd))
                    //{
                    //    err.Message = string.Format("密码复杂度不够:{0}", "不能是系统默认密码");
                    //    err.IsError = true;
                    //    return gu;
                    //}
                    return(UserLogin(ref err, loginName, loginIP));
                }
            }
        }