public IHttpActionResult Login()
{
try
{
var request = new AuthenticatedRequest();
var account = request.GetPostString("account");
var password = request.GetPostString("password");
var isAutoLogin = request.GetPostBool("isAutoLogin");
AdministratorInfo adminInfo;
if (!DataProvider.AdministratorDao.Validate(account, password, true, out var userName, out var errorMessage))
{
adminInfo = AdminManager.GetAdminInfoByUserName(userName);
if (adminInfo != null)
{
DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfFailedLogin(adminInfo); // 记录最后登录时间、失败次数+1
}
return(BadRequest(errorMessage));
}
adminInfo = AdminManager.GetAdminInfoByUserName(userName);
DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfLogin(adminInfo); // 记录最后登录时间、失败次数清零
var accessToken = request.AdminLogin(adminInfo.UserName, isAutoLogin);
var expiresAt = DateTime.Now.AddDays(Constants.AccessTokenExpireDays);
var isEnforcePasswordChange = false;
if (ConfigManager.SystemConfigInfo.IsAdminEnforcePasswordChange)
{
if (adminInfo.LastChangePasswordDate == null)
{
isEnforcePasswordChange = true;
}
else
{
var ts = new TimeSpan(DateTime.Now.Ticks - adminInfo.LastChangePasswordDate.Value.Ticks);
if (ts.TotalDays > ConfigManager.SystemConfigInfo.AdminEnforcePasswordChangeDays)
{
isEnforcePasswordChange = true;
}
}
}
return(Ok(new
{
Value = adminInfo,
AccessToken = accessToken,
ExpiresAt = expiresAt,
IsEnforcePasswordChange = isEnforcePasswordChange
}));
}
catch (Exception ex)
{
LogUtils.AddErrorLog(ex);
return(InternalServerError(ex));
}
}
private void InitPage()
{
//单点登录地址
var ssoUrl = ConfigHelper.GetConfigString("SSOUrl");
//获取sid
var sid = Request.QueryString["sid"];
if (string.IsNullOrWhiteSpace(sid))
{
Response.Redirect($"{ssoUrl}/login.aspx?redirecturl={Request.Url.AbsoluteUri}");
}
else
{
try
{
var appId = ConfigHelper.GetConfigString("AppID");
var appSecret = ConfigHelper.GetConfigString("AppSecret");
var userApi = $"{ssoUrl}/sync.ashx?AppID={appId}&AppSecret={appSecret}&type=ssouser&token={sid}";
var resultStr = SendGetHttpRequest(userApi);
//获取用户信息
var result = JsonConvert.DeserializeObject <ResultInfo <UserInfo> >(resultStr);
if (!result.Result)
{
throw new Exception(result.Msg);
}
//匹配并写入当前用户,再登录
var user = result.Data;
if (user == null)
{
throw new Exception("未获取到用户信息");
}
//超级管理员
if (user.LoginName.ToLower() == "admin")
{
user.Id = "admin";
}
//登录到网站系统
var request = new AuthenticatedRequest();
var adminInfo = AdminManager.GetAdminInfoByUserName(user.Id.ToLower());
if (adminInfo == null)
{
throw new Exception("未获取到用户信息");
}
DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfLogin(adminInfo); // 记录最后登录时间、失败次数清零
var accessToken = request.AdminLogin(adminInfo.UserName, false);
var expiresAt = DateTime.Now.AddDays(Constants.AccessTokenExpireDays);
var isRedirect = Request.QueryString["isRedirect"];
if (isRedirect != "false")
{
Response.Redirect("pageInitialization.aspx");
}
}
catch (Exception e)
{
Response.Write("身份认证失败!" + e.Message);
}
//Response.Write(sid);
}
}