Beispiel #1
0
        protected void Button1_Click(object sender, EventArgs e)
        {
            if (Session["CheckCode"] != null && String.Compare(Session["CheckCode"].ToString(), TbCheckCode.Text, true) != 0)
            {
                LbMsg.Text ="验证码错误,请重新输入!";
                return;
            }
            string uk = Session["loginname"].ToString();
            string pk = Session["password"].ToString();
            string un = Request.Form[uk];
            string ps = Request.Form[pk];
            User u = new User { UserName = un, Password = ps,LastLoginIP=RequestContext.Current.UserHostAddress };
            UserStatus s = UserBll.ValidateUser(u);
            if (s != UserStatus.Valid)
            {
                string msg = "";
                switch (s)
                {
                    case UserStatus.None:
                        msg = "无法获取有效的用户信息";
                        break;
                    case UserStatus.Locked:
                        msg = "用户已锁定";
                        break;
                    case UserStatus.Invalid:
                        msg = "用户名或密码错误";
                        break;
                    case UserStatus.OutRetryCount:
                        msg = "超出了密码重试次数,请稍后重试";
                        break;
                }

                LbMsg.Text=msg;
                ChangeId();
                return;
            }

            UserPrincipal principal = new UserPrincipal();
            principal.UserName = u.UserName;
            principal.LastPassword = u.RndPassword;
            string userData = principal.SerializeToString();
            FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, u.UserName, DateTime.Now, DateTime.Now.AddMinutes(20), false, userData);
            CookieManager.CreateUserCookie(authTicket);
            this.Session["UserName"] = u.UserName;

            string url = WebUtility.RequestString("ReturnUrl",string.Empty);
            if (string.IsNullOrEmpty(url))
            {
                url = "Index.aspx";
            }
            else
            {
                url = Server.UrlDecode(url);
            }

            Response.Redirect(url);
        }
Beispiel #2
0
        private UserPrincipal GetUserPrincipal(ClaimsPrincipal principal)
        {
            var login = principal.Claims.Single(x => x.Type == ClaimTypes.NameIdentifier).Value;
            var userId = principal.Claims.Single(x => x.Type == ClaimTypes.Sid).Value;

            var userModel = new UserPrincipal(login);
            userModel.Id = userId;

            return userModel;
        }
Beispiel #3
0
        private void Application_AuthenticateRequest(object sender, EventArgs e)
        {
            HttpApplication application = (HttpApplication)sender;
            HttpContext context = application.Context;
            if (context.Request.Url.GetLeftPart(UriPartial.Path).EndsWith(".aspx", StringComparison.OrdinalIgnoreCase))
            {

                FormsAuthenticationTicket ticket = null;
                string formsCookieName = FormsAuthentication.FormsCookieName;
                string filePath = (context.Request.AppRelativeCurrentExecutionFilePath).ToLower(CultureInfo.CurrentCulture);
                HttpCookie cookie = context.Request.Cookies[formsCookieName];
                if (cookie == null)
                {
                    UserPrincipal principal = new UserPrincipal(new AnonymousAuthenticateIdentity());

                    RequestContext.Current.User = principal;

                }
                else
                {
                    try
                    {
                        ticket = FormsAuthentication.Decrypt(cookie.Value);
                    }
                    catch (ArgumentException)
                    {
                        context.Request.Cookies.Remove(formsCookieName);
                    }
                    catch (CryptographicException)
                    {
                        context.Request.Cookies.Remove(formsCookieName);
                    }
                    if (ticket == null)
                    {
                        UserPrincipal principal2 = new UserPrincipal(new AnonymousAuthenticateIdentity());
                        RequestContext.Current.User = principal2;
                    }
                    else
                    {
                        SlidingExpiration(context, ticket, formsCookieName);
                        UserPrincipal principal3 = UserPrincipal.CreatePrincipal(ticket);

                        if (principal3.Identity.IsAuthenticated)
                        {
                            principal3.UserInfo = UserBll.GetUser(principal3.UserName);
                            principal3.UserId = principal3.UserInfo.UserId;

                            principal3.Roles = principal3.UserInfo.Roles;
                            if (principal3.Roles != null)
                            {
                                principal3.Purviews = new List<string>();
                                foreach (Role r in principal3.Roles)
                                {
                                    if (string.IsNullOrEmpty(r.Purview))
                                    {
                                        continue;
                                    }
                                    principal3.Purviews.AddRange(r.Purview.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries));
                                }
                            }

                            RequestContext.Current.User = principal3;

                        }
                        else
                        {
                            UserPrincipal principal5 = new UserPrincipal(new AnonymousAuthenticateIdentity());

                            RequestContext.Current.User = principal5;
                        }
                    }
                }
            }
        }