public virtual void SignIn(UserBase user, bool createPersistentCookie)
{
var now = DateTime.UtcNow.ToLocalTime();
var ticket = new FormsAuthenticationTicket(
1 /*version*/,
user.UserName,
now,
now.Add(_expirationTimeSpan),
createPersistentCookie,
user.UserName,
FormsAuthentication.FormsCookiePath);
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
cookie.HttpOnly = true;
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
cookie.Secure = FormsAuthentication.RequireSSL;
cookie.Path = FormsAuthentication.FormsCookiePath;
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
_httpContext.Response.Cookies.Add(cookie);
_cachedCustomer = user;
}
//public YpAuthorizeAttribute()
//{
//}
public override void OnAuthorization(AuthorizationContext filterContext)
{
// var builder = new ContainerBuilder();
// var containerManager = new ContainerManager(builder.Build());
// WorkContext = containerManager.Resolve<IWorkContext>();
User = WorkContext.CurrentUser as UserBase;
//用户权限判断
//获取 controller 名称
var controllerName = filterContext.RouteData.Values["controller"].ToString();
//获取 action 名称
var actionName = filterContext.RouteData.Values["action"].ToString();
if (User != null &&
!User.UserRoles.ToList()
.Exists(
ur =>
ur.Role.RoleName == "superAdmin" ||
ur.Role.RolePermissions.ToList()
.Exists(
rp =>
rp.IsAllowed && rp.ControllerAction.ActionName == actionName &&
rp.ControllerAction.ControllerName == controllerName)))
{
//filterContext.HttpContext.Response.StatusCode = 403;
IsAllowed = false;
}
else
{
IsAllowed = true;
}
base.OnAuthorization(filterContext);
}
/// <summary>
/// 设置加密密码
/// </summary>
/// <param name="userBase">用户实体</param>
/// <param name="password">密码</param>
/// <param name="hashName">加密算法(默认MD5)</param>
public static void SetPasswordHashed(UserBase userBase, string password,string hashName = "MD5")
{
string saltString;
var hashstring = EncrypHelper.HashEncrypt(password, hashName, out saltString);
userBase.HashAlgorithm = hashName;
userBase.Password = hashstring;
userBase.PasswordSalt = saltString;
}
public bool ModifyUser(UserBase user)
{
try
{
_userRepository.Update(user);
return true;
}
catch (Exception e)
{
_log.Error(e, "更新用户失败");
return false;
}
}
public bool DeleteUser(UserBase user)
{
try
{
_userRepository.Delete(user);
return true;
}
catch (Exception e)
{
_log.Error(e, "删除用户失败");
return false;
}
}
public UserBase InsertUser(UserBase user)
{
try
{
_userRepository.Insert(user);
return user;
}
catch (Exception e)
{
_log.Error(e,"添加用户失败");
return null;
}
}
public virtual UserBase GetAuthenticatedUser()
{
if (_cachedCustomer != null)
return _cachedCustomer;
if (_httpContext == null ||
_httpContext.Request == null ||
!_httpContext.Request.IsAuthenticated ||
!(_httpContext.User.Identity is FormsIdentity))
{
return null;
}
var formsIdentity = (FormsIdentity)_httpContext.User.Identity;
var customer = GetAuthenticatedCustomerFromTicket(formsIdentity.Ticket);
_cachedCustomer = customer;
return _cachedCustomer;
}
public override void OnAuthorization(HttpActionContext filterContext)
{
// var builder = new ContainerBuilder();
// var containerManager = new ContainerManager(builder.Build());
// WorkContext = containerManager.Resolve<IWorkContext>();
User = WorkContext.CurrentUser as UserBase;
//用户权限判断
//获取 controller 名称
var controllerName = filterContext.ControllerContext.ControllerDescriptor.ControllerType.FullName;
//获取 action 名称
var actionName = filterContext.ActionDescriptor.ActionName;
if (User == null || !DoAuthorized(User.UserRoles.ToList(),controllerName,actionName))
{
//filterContext.Response.StatusCode = HttpStatusCode.Forbidden;
IsAllowed = false;
}
else
{
IsAllowed = true;
}
base.OnAuthorization(filterContext);
}
public HttpResponseMessage AddBroker([FromBody]BrokerModel brokerModel)
{
var validMsg = "";
if (!brokerModel.ValidateModel(out validMsg))
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "数据验证错误,请重新输入"));
}
#region 验证码判断 解密
var strDes = EncrypHelper.Decrypt(brokerModel.Hidm, "Hos2xNLrgfaYFY2MKuFf3g==");//解密
string[] str = strDes.Split('$');
if (str.Count() < 2)
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "验证码错误,请重新发送!"));
}
string source = str[0];//获取验证码和手机号
DateTime date = Convert.ToDateTime(str[1]);//获取发送验证码的时间
DateTime dateNow = Convert.ToDateTime(DateTime.Now.ToLongTimeString());//获取当前时间
TimeSpan ts = dateNow.Subtract(date);
double secMinu = ts.TotalMinutes;//得到发送时间与现在时间的时间间隔分钟数
if (secMinu > 3) //发送时间与接受时间是否大于3分钟
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "你已超过时间验证,请重新发送验证码!"));
}
else
{
// source.Split('#')[0] 验证码
// source.Split('#')[1] 手机号
if (brokerModel.Phone != source.Split('#')[1])//判断手机号是否一致
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "验证码错误,请重新发送!"));
}
if (brokerModel.MobileYzm != source.Split('#')[0])//判断验证码是否一致
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "验证码错误,请重新发送!"));
}
}
#endregion
#region 判断两次密码是否一致
if (brokerModel.Password != brokerModel.SecondPassword)
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "手机号不能为空"));
}
#endregion
#region 判断邀请码是否存在真实 (brokerInfoController 中GetBrokerByInvitationCode方法也同一判断)
MessageDetailEntity messageDetail = null;
if (!string.IsNullOrEmpty(brokerModel.inviteCode))
{
MessageDetailSearchCondition messageSearchcondition = new MessageDetailSearchCondition
{
InvitationCode = brokerModel.inviteCode,
Title = "推荐经纪人"
};
messageDetail = _MessageService.GetMessageDetailsByCondition(messageSearchcondition).FirstOrDefault();//判断邀请码是否存在
if (messageDetail == null)
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "邀请码错误!"));
}
}
#endregion
#region UC用户创建 杨定鹏 2015年5月28日14:52:48
var user = _userService.GetUserByName(brokerModel.UserName);
if(user!=null)
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "用户名已经存在"));
}
var condition = new BrokerSearchCondition
{
OrderBy = EnumBrokerSearchOrderBy.OrderById,
State = 1,
Phone = brokerModel.Phone
};
//判断user表和Broker表中是否存在用户名
int user2 = _brokerService.GetBrokerCount(condition);
if (user2 != 0) return PageHelper.toJson(PageHelper.ReturnValue(false, "手机号已经存在"));
var brokerRole = _roleService.GetRoleByName("user");
//User权限缺少时自动添加
if (brokerRole == null)
{
brokerRole = new Role
{
RoleName = "user",
RolePermissions = null,
Status = RoleStatus.Normal,
Description = "刚注册的用户默认归为普通用户user"
};
}
var newUser = new UserBase
{
UserName = brokerModel.UserName,
Password = brokerModel.Password,
RegTime = DateTime.Now,
NormalizedName = brokerModel.UserName.ToLower(),
//注册用户添加权限
UserRoles = new List<UserRole>(){new UserRole()
{
Role = brokerRole
}},
Status = 0
};
PasswordHelper.SetPasswordHashed(newUser, brokerModel.Password);
#endregion
#region Broker用户创建 杨定鹏 2015年5月28日14:53:32
var model = new BrokerEntity();
model.UserId = _userService.InsertUser(newUser).Id;
model.Brokername = brokerModel.Phone;
model.Nickname = brokerModel.Nickname;
model.Phone = brokerModel.Phone;
model.Totalpoints = 0;
model.Amount = 0;
model.Usertype = EnumUserType.普通用户;
model.Regtime = DateTime.Now;
model.State = 1;
model.Adduser = 0;
model.Addtime = DateTime.Now;
model.Upuser = 0;
model.Uptime = DateTime.Now;
//判断初始等级是否存在,否则创建
var level = _levelService.GetLevelsByCondition(new LevelSearchCondition { Name = "默认等级" }).FirstOrDefault();
if (level == null)
{
var levelModel = new LevelEntity
{
Name = "默认等级",
Describe = "系统默认初始创建",
Url = "",
Uptime = DateTime.Now,
Addtime = DateTime.Now,
};
_levelService.Create(levelModel);
}
model.Level = level;
var newBroker = _brokerService.Create(model);
#endregion
#region 推荐经纪人
if (!string.IsNullOrEmpty(brokerModel.inviteCode))
{
//添加经纪人
var entity = new RecommendAgentEntity
{
PresenteebId = newBroker.Id,
Qq = newBroker.Qq.ToString(),
Agentlevel = newBroker.Agentlevel,
Brokername = newBroker.Brokername,
Phone = newBroker.Phone,
Regtime = DateTime.Now,
Broker = _brokerService.GetBrokerById(Convert.ToInt32(messageDetail.InvitationId)),
Uptime = DateTime.Now,
Addtime = DateTime.Now,
};
_recommendagentService.Create(entity);
}
#endregion
return PageHelper.toJson(PageHelper.ReturnValue(true, "注册成功"));
}
public HttpResponseMessage SignUp([FromBody] UserModel model)
{
var user = _userService.GetUserByName(model.UserName);
if (user != null)
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "用户名已经存在"));
}
var newUser = new UserBase
{
UserName = model.UserName,
Password = model.Password,
RegTime = DateTime.Now,
NormalizedName = model.UserName.ToLower(),
Status = 0
};
PasswordHelper.SetPasswordHashed(newUser, model.Password);
if (_userService.InsertUser(newUser).Id <= 0)
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "注册用户失败,请重试"));
}
return PageHelper.toJson(PageHelper.ReturnValue(true, "注册成功"));
}
public HttpResponseMessage ExternalLoginOrAdd([FromBody]UserModel model)
{
if(!string.IsNullOrEmpty( model.Phone) && !string.IsNullOrEmpty( model.Password))
{
//1 先判断手机号是否存在
var condition = new BrokerSearchCondition
{
State = 1,
Phone = model.Phone
};
//判断Broker表中是否存在手机号
int brokerCount = _brokerService.GetBrokerCount(condition);
if (brokerCount != 0)
{
//存在 就进行登录
#region 登录
BrokerEntity broker = _brokerService.GetBrokersByCondition(condition).FirstOrDefault();
if (broker == null)
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "手机号或密码错误"));
}
var user = _userService.FindUser(broker.UserId);
if (user == null)
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "用户名或密码错误"));
}
if (!PasswordHelper.ValidatePasswordHashed(user, model.Password))
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "用户名或密码错误"));
}
_authenticationService.SignIn(user, model.Remember);
return PageHelper.toJson(PageHelper.ReturnValue(true, "ok"));
#endregion
}
else //不存在 就进行注册
{
#region UC用户创建 杨定鹏 2015年5月28日14:52:48
var brokerRole = _roleService.GetRoleByName("user");
//User权限缺少时自动添加
if (brokerRole == null)
{
brokerRole = new Role
{
RoleName = "user",
RolePermissions = null,
Status = RoleStatus.Normal,
Description = "刚注册的用户默认归为普通用户user"
};
}
var newUser = new UserBase
{
UserName = model.Phone,
Password = model.Password,
RegTime = DateTime.Now,
NormalizedName = model.Phone,
//注册用户添加权限
UserRoles = new List<UserRole>(){new UserRole()
{
Role = brokerRole
}},
Status = 0
};
PasswordHelper.SetPasswordHashed(newUser, model.Password);
#endregion
#region Broker用户创建 杨定鹏 2015年5月28日14:53:32
var models = new BrokerEntity();
models.UserId = _userService.InsertUser(newUser).Id;
models.Brokername = model.Phone;
models.Nickname = model.Phone;
models.Phone = model.Phone;
models.Totalpoints = 0;
models.Amount = 0;
models.Usertype = EnumUserType.普通用户;
models.Regtime = DateTime.Now;
models.State = 1;
models.Adduser = 0;
models.Addtime = DateTime.Now;
models.Upuser = 0;
models.Uptime = DateTime.Now;
//判断初始等级是否存在,否则创建
var level = _levelService.GetLevelsByCondition(new LevelSearchCondition { Name = "默认等级" }).FirstOrDefault();
if (level == null)
{
var levelModel = new LevelEntity
{
Name = "默认等级",
Describe = "系统默认初始创建",
Url = "",
Uptime = DateTime.Now,
Addtime = DateTime.Now,
};
_levelService.Create(levelModel);
}
models.Level = level;
var newBroker = _brokerService.Create(models);
#endregion
return PageHelper.toJson(PageHelper.ReturnValue(true, "ok"));
}
}
return PageHelper.toJson(PageHelper.ReturnValue(false, "请填写手机号和密码"));
}
public HttpResponseMessage AddMember([FromBody]MemberModel memberModel)
{
var validMsg = "";
if (!memberModel.ValidateModel(out validMsg))
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "数据验证错误,请重新输入"));
}
if (memberModel.Password != memberModel.SecondPassword)
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "两次密码输入不一致"));
}
var user = _userService.GetUserByName(memberModel.UserName);
if (user != null)
{
return PageHelper.toJson(PageHelper.ReturnValue(false, "用户名已经存在"));
}
var condition = new MemberSearchCondition
{
OrderBy = EnumMemberSearchOrderBy.OrderById,
Phone = memberModel.Phone
};
//判断user表和member表中是否存在用户名
int user2 = _memberService.GetMemberCount(condition);
if (user2 != 0) return PageHelper.toJson(PageHelper.ReturnValue(false, "手机号已经存在"));
var memRole = _roleService.GetRoleByName("user");
//User权限缺少时自动添加
if (memRole == null)
{
memRole = new Role
{
RoleName = "user",
RolePermissions = null,
Status = RoleStatus.Normal,
Description = "刚注册的用户默认归为普通用户user"
};
}
var newUser = new UserBase
{
UserName = memberModel.UserName,
Password = memberModel.Password,
RegTime = DateTime.Now,
NormalizedName = memberModel.UserName.ToLower(),
//注册用户添加权限
UserRoles = new List<UserRole>(){new UserRole()
{
Role = memRole
}},
Status = 0
};
PasswordHelper.SetPasswordHashed(newUser, memberModel.Password);
var model = new MemberEntity();
model.UserId = _userService.InsertUser(newUser).Id;
model.RealName = memberModel.UserName;
model.UserName = memberModel.UserName;
model.Phone = memberModel.Phone;
model.Points=0;
model.IdentityNo="";
model.Icq="";
model.PostNo="";
model.AccountNumber=0;
model.AddTime=DateTime.Now;
model.Gender=EnumGender.Male;
model.UpdTime =DateTime.Now;
model.UpdUser=0;
var newMember = _memberService.Create(model);
return PageHelper.toJson(PageHelper.ReturnValue(true, "注册成功"));
}
public virtual void SignOut()
{
_cachedCustomer = null;
FormsAuthentication.SignOut();
}
public HttpResponseMessage AddBroker([FromBody]BrokerModel brokerModel)
{
if (string.IsNullOrEmpty(brokerModel.UserName)) return PageHelper.toJson(PageHelper.ReturnValue(false, "用户名不能为空"));
if (string.IsNullOrEmpty(brokerModel.Password)) return PageHelper.toJson(PageHelper.ReturnValue(false, "密码不能为空"));
if (string.IsNullOrEmpty(brokerModel.Phone)) return PageHelper.toJson(PageHelper.ReturnValue(false, "手机号不能为空"));
// 创建推荐用户
var condition = new BrokerSearchCondition
{
OrderBy = EnumBrokerSearchOrderBy.OrderById,
Phone = brokerModel.Phone
};
//判断user表和Broker表中是否存在用户名
int user2 = _brokerService.GetBrokerCount(condition);
if (user2 != 0) return PageHelper.toJson(PageHelper.ReturnValue(false, "用户名已经存在"));
//检测规则表中是否存在权限,不存在则添加
var role = "broker";
switch (brokerModel.UserType)
{
case EnumUserType.经纪人:
role = "broker";
break;
case EnumUserType.商家:
role = "merchant";
break;
case EnumUserType.场秘:
role = "secretary";
break;
case EnumUserType.带客人员:
role = "waiter";
break;
case EnumUserType.普通用户:
role = "user";
break;
case EnumUserType.管理员:
role = "admin";
break;
case EnumUserType.财务:
role = "accountant";
break;
}
var brokerRole = _roleService.GetRoleByName(role);
//User权限缺少时自动添加
if (brokerRole == null)
{
brokerRole = new Role
{
RoleName = role,
RolePermissions = null,
Status = RoleStatus.Normal,
Description = "后台添加新权限类别:" + role
};
}
var newUser = new UserBase
{
UserName = brokerModel.UserName,
Password = brokerModel.Password,
RegTime = DateTime.Now,
NormalizedName = brokerModel.UserName.ToLower(),
//注册用户添加权限
UserRoles = new List<UserRole>(){new UserRole()
{
Role = brokerRole
}},
Status = 0
};
PasswordHelper.SetPasswordHashed(newUser, brokerModel.Password);
var model = new BrokerEntity();
model.UserId = _userService.InsertUser(newUser).Id;
model.Brokername = brokerModel.UserName;
model.Phone = brokerModel.Phone;
model.Totalpoints = 0;
model.Amount = 0;
model.Usertype = brokerModel.UserType;
model.Regtime = DateTime.Now;
model.State = 1;
model.Adduser = 0;
model.Addtime = DateTime.Now;
model.Upuser = 0;
model.Uptime = DateTime.Now;
//判断初始等级是否存在,否则创建
var level = _levelService.GetLevelsByCondition(new LevelSearchCondition { Name = "默认等级" }).FirstOrDefault();
if (level == null)
{
var levelModel = new LevelEntity
{
Name = "默认等级",
Describe = "系统默认初始创建",
Url = "",
Uptime = DateTime.Now,
Addtime = DateTime.Now,
};
_levelService.Create(levelModel);
}
model.Level = level;
_brokerService.Create(model);
return PageHelper.toJson(PageHelper.ReturnValue(true, "注册成功"));
}
/// <summary>
/// 验证密码
/// </summary>
/// <param name="userBase">用户实体</param>
/// <param name="password">密码</param>
/// <returns>是否通过</returns>
public static bool ValidatePasswordHashed(UserBase userBase, string password)
{
return EncrypHelper.ValidateHashValue(password, userBase.PasswordSalt, userBase.Password, userBase.HashAlgorithm);
}
