/// <summary>
/// 验证登录状态
/// </summary>
/// <param name="account">登录账号</param>
/// <param name="password">登录密码</param>
/// <param name="r">登录随机数</param>
/// <returns></returns>
public (bool Status, string Message, string Token, Entities.SysUser User) ValidateUser(string account, string password, string r)
{
var user = GetByAccount(account);
if (user == null)
{
return(false, "用户名或密码错误", null, null);
}
if (!user.Enabled)
{
return(false, "该账号已被冻结", null, null);
}
if (user.LoginLock)
{
if (user.AllowLoginTime.HasValue && user.AllowLoginTime > DateTime.Now)
{
var waitMin = (user.AllowLoginTime - DateTime.Now).Value.Minutes + 1;
return(false, "您的账号已被锁定,请您" + waitMin + "分钟后再使用", null, null);
}
}
var md5Password = EncryptorHelper.Md5(user.Password + r);
if (password.Equals(md5Password, StringComparison.InvariantCultureIgnoreCase))
{
user.LoginLock = false;
user.LoginFailedNum = 0;
user.AllowLoginTime = null;
user.LastLoginTime = DateTime.Now;
user.LastIpAddress = "";
//登陆日志
user.SysUserLoginLogs.Add(new SysUserLoginLog
{
Id = Guid.NewGuid(),
IpAddress = "",
LoginTime = DateTime.Now,
Message = "登陆成功"
});
//TODO单点登录移除旧的Token
var userToken = new SysUserToken
{
Id = Guid.NewGuid(),
ExpireTime = DateTime.Now.AddDays(15)
};
user.SysUserTokens.Add(userToken);
_sysUserRepository.DbContext.SaveChanges();
return(true, "登录成功", userToken.Id.ToString(), user);
}
else
{
//登陆日志
user.SysUserLoginLogs.Add(new SysUserLoginLog
{
Id = Guid.NewGuid(),
IpAddress = "",
LoginTime = DateTime.Now,
Message = "登陆密码错误"
});
user.LoginFailedNum++;
if (user.LoginFailedNum > 5)
{
user.LoginLock = true;
user.AllowLoginTime = DateTime.Now.AddMinutes(15);
}
_sysUserRepository.DbContext.SaveChanges();
}
return(false, "用户名或密码错误", null, null);
}