public void SetTheme(string theme, string userUid)
{
FapUser user = _dbContext.Get <FapUser>(userUid);
user.Theme = theme;
_dbContext.Update <FapUser>(user);
}
/// <summary>
/// 更新最后登录时间
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public FapUser UpdateLastLoginTime(FapUser user)
{
string sql = "update FapUser set LastLoginTime=@lastTime, passwordtrytimes=@tryTimes where id=@id";
_dbContext.Execute(sql, new DynamicParameters(new { lastTime = user.LastLoginTime, tryTimes = user.PasswordTryTimes, id = user.Id }));
return(user);
}
public JsonResult ResetPassword(string op, string np, string cp)
{
PasswordHasher pwdHasher = new PasswordHasher();
string msg = string.Empty;
string oriPwd = op;
string newPwd = np;
string confirmPwd = cp;
FapUser user = _dbContext.Get <FapUser>(_applicationContext.UserUid);
if (!pwdHasher.VerifyHashedPassword(user.UserPassword, oriPwd))
{
msg = GetOrAddPageMultiLanguageContent("login_page_ori_password_error", "原始密码错误");
}
else
{
if (newPwd != confirmPwd)
{
msg = GetOrAddPageMultiLanguageContent("login_page_password_confirm_error", "两次输入密码不一致");
}
else
{
user.UserPassword = pwdHasher.HashPassword(newPwd);
user.PasswordTryTimes = 0;
_dbContext.Update <FapUser>(user);
msg = GetOrAddPageMultiLanguageContent("login_page_password_modifysuccess", "修改密码成功");
}
}
return(Json(ResponseViewModelUtils.Sueecss(msg)));
}
/// <summary>
/// 更新实体对象前
/// </summary>
public override void BeforeEntityUpdate(object entity)
{
if (entity != null && entity is FapUser)
{
FapUser user = (FapUser)entity;
string orginPassword = user.UserPassword;
if (orginPassword.IsPresent() && orginPassword.Length < 80)
{
user.UserPassword = passwordHasher.HashPassword(orginPassword);
}
}
}
/// <summary>
/// 添加尝试次数
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public FapUser AddTryTimes(FapUser user)
{
user.PasswordTryTimes += 1;
//大于5次就冻结
if (user.PasswordTryTimes > 5)
{
user.IsLocked = 1;
}
string sql = "update FapUser set passwordtrytimes=@trytimes,islocked=@islocked where id=@id";
_dbContext.Execute(sql, new DynamicParameters(new { trytimes = user.PasswordTryTimes, islocked = user.IsLocked, id = user.Id }));
return(user);
}
private void AddUser(string loginName, string fid)
{
//登录名
if (loginName.IsPresent())
{
if (!_appDomain.UserSet.TryGetValueByUserName(loginName, out FapUser user))
{
user = new FapUser();
user.UserCode = user.UserName = loginName;
user.UserIdentity = fid;
user.EnableState = 1;
user.IsLocked = 0;
_dbContext.Insert <FapUser>(user);
}
}
}
public bool TryGetValueByUserName(string userName, out FapUser fapUser)
{
if (!_initialized)
{
Init();
}
var result = _allUsers.FirstOrDefault <FapUser>(f => f.UserName.Equals(userName, StringComparison.CurrentCultureIgnoreCase));
if (result != null)
{
fapUser = result;
return(true);
}
fapUser = null;
return(false);
}
public bool TryGetValue(string fid, out FapUser fapUser)
{
if (!_initialized)
{
Init();
}
var result = _allUsers.FirstOrDefault <FapUser>(f => f.Fid == fid);
if (result != null)
{
fapUser = result;
return(true);
}
fapUser = null;
return(false);
}
/// <summary>
/// 新增实体对象前
/// </summary>
public override void BeforeEntityInsert(object entity)
{
if (entity != null && entity is FapUser)
{
FapUser user = (FapUser)entity;
string orginPassword = user.UserPassword;
if (orginPassword.IsPresent())
{
user.UserPassword = passwordHasher.HashPassword(orginPassword);
}
else
{
//配置默认密码
string password = _provider.GetService <IFapConfigService>().GetSysParamValue("employee.user.password");
if (password.IsMissing())
{
password = "******";
}
password = passwordHasher.HashPassword(password);
user.UserPassword = password;
}
}
}
public async Task <IActionResult> Logon(string username, string userpwd, string language, string returnUrl)
{
string errorMsg = string.Empty;
string currLanguage = language.IsMissing() ? "ZhCn" : language;
//管理员账号
var developer = FapPlatformConstants.Administrator;
//获取用户
FapUser loginUser = _loginService.Login(username);
Employee emp = null;
LocalRedirectResult errorResult = CheckUser();
if (errorResult != null)
{
return(errorResult);
}
LoginLogging();
var claimsPrincipal = CreateClaimsPrincipal();
var authenticationProperties = CreateAuthenticationProperties();
//设置当前角色为普通员工
//_applicationContext.CurrentRoleUid =FapPlatformConstants.CommonUserRoleFid;
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
claimsPrincipal, authenticationProperties).ConfigureAwait(false);
return(Redirect());
LocalRedirectResult CheckUser()
{
PasswordHasher passwordHasher = new PasswordHasher();
if (loginUser == null)
{
errorMsg = GetOrAddPageMultiLanguageContent("login_page_no_exist_user", "不存在此用户");
}
else if (loginUser.EnableState == 0)
{
errorMsg = GetOrAddPageMultiLanguageContent("login_page_forbidden_user", "该账户已被禁用");
}
else if (loginUser.IsLocked == 1)
{
errorMsg = GetOrAddPageMultiLanguageContent("login_page_lock_user", "该账户暂被锁定");
}
else if (!passwordHasher.VerifyHashedPassword(loginUser.UserPassword, userpwd))
{
errorMsg = GetOrAddPageMultiLanguageContent("login_page_password_error", "密码不正确");
//增加尝试次数,超过5次冻结
_loginService.AddTryTimes(loginUser);
}
else if (loginUser.UserIdentity.IsMissing() && loginUser.UserName != developer)
{
errorMsg = GetOrAddPageMultiLanguageContent("login_page_no_mapping_employee", "此用户没有关联人员信息");
}
else
{
if (loginUser.UserIdentity.IsMissing())
{
if (loginUser.UserName.EqualsWithIgnoreCase(developer))
{
emp = new Employee {
Fid = "00000000000000000000", EmpCode = "Administrator", EmpName = "Administrator"
};
}
else
{
errorMsg = GetOrAddPageMultiLanguageContent("login_page_no_find_mapping_employee", "用户关联的人员不存在");
}
}
else
{
emp = _dbContext.QueryFirstOrDefault <Employee>("select Fid,EmpCode,EmpName,DeptUid,DeptCode,EmpPhoto,GroupUid,OrgUid from Employee where Fid=@Fid", new Dapper.DynamicParameters(new { Fid = loginUser.UserIdentity }), true);
if (emp == null)
{
errorMsg = GetOrAddPageMultiLanguageContent("login_page_no_find_mapping_employee", "用户关联的人员不存在");;
}
}
}
if (errorMsg.IsPresent())
{
string loginUrl = _configService.GetSysParamValue(LoginUrl);// FapPlatformConfig.PlatformLoginUrl;
if (loginUrl.IsMissing())
{
loginUrl = "~/";
}
return(LocalRedirect(loginUrl + "?msg=" + System.Net.WebUtility.UrlEncode(errorMsg)));
}
return(null);
}
void LoginLogging()
{
//更新最近登录时间
loginUser.LastLoginTime = DateTimeUtils.CurrentDateTimeStr;
loginUser.PasswordTryTimes = 0;
_loginService.UpdateLastLoginTime(loginUser);
}
ClaimsPrincipal CreateClaimsPrincipal()
{
//初始化身份卡片
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, loginUser.UserName), //用户名
new Claim(ClaimTypes.UserData, loginUser.Fid), //用户Fid
new Claim(ClaimTypes.NameIdentifier, loginUser.UserIdentity), //员工Fid
new Claim(ClaimTypes.Surname, emp.EmpName), //员工姓名
new Claim(ClaimTypes.PrimarySid, emp.DeptUid ?? "-"), //员工部门
new Claim(ClaimTypes.PrimaryGroupSid, emp.DeptCode ?? ""), //部门编码
new Claim(ClaimTypes.System, emp.DeptUidMC ?? ""), //部门名称
new Claim(ClaimTypes.DenyOnlyPrimaryGroupSid, emp.GroupUid ?? ""), //集团
new Claim(ClaimTypes.DenyOnlyPrimarySid, emp.OrgUid ?? ""), //组织
new Claim(ClaimTypes.Sid, currLanguage), //语言
new Claim(ClaimTypes.Actor, emp.EmpPhoto), //用户图像
new Claim(ClaimTypes.Role, loginUser.UserRole) //角色普通用户
};
//组装身份
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
return(new ClaimsPrincipal(claimsIdentity));
}
AuthenticationProperties CreateAuthenticationProperties()
{
return(new AuthenticationProperties
{
//AllowRefresh = <bool>,
// Refreshing the authentication session should be allowed.
//ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(1),
// The time at which the authentication ticket expires. A
// value set here overrides the ExpireTimeSpan option of
// CookieAuthenticationOptions set with AddCookie.
IsPersistent = true,
// Whether the authentication session is persisted across
// multiple requests. Required when setting the
// ExpireTimeSpan option of CookieAuthenticationOptions
// set with AddCookie. Also required when setting
// ExpiresUtc.
//IssuedUtc = <DateTimeOffset>,
// The time at which the authentication ticket was issued.
//RedirectUri = <string>
// The full path or absolute URI to be used as an http
// redirect response value.
});
}
LocalRedirectResult Redirect()
{
if (returnUrl.IsMissing())
{
if (userpwd == _configService.GetSysParamValue("employee.user.password"))
{
//等于默认密码需要跳转到修改密码页
return(LocalRedirect("~/Home/MainFrame#Home/ResetPassword/1"));
}
else
{
if (_rbacService.IsCEO(emp.Fid))
{
return(LocalRedirect("~/Home/MainFrame#System/Report/CEOChart"));
}
else
{
return(LocalRedirect(_configService.GetSysParamValue(HomeUrl)));
}
}
}
else
{
return(LocalRedirect(HttpUtility.UrlDecode(returnUrl)));
}
}
}
