/// <summary> /// 检测用户是否为超管用户 /// </summary> /// <returns></returns> public bool CheckUserIsSystemAdminFromHttpContext() { LoginSystemAdminResultViewModel sysAdminUserDtoModel = null; try { //从当前上下文先检索认证的用户信息 if (ApplicationContext.Current.IsSystemAdmin == true) { return(true); } //逆向 支持从 cookie 读取 string ticket = string.Empty; //1 尝试从Cookie读取 if (ApplicationContext.HttpContext.Current.Request.Cookies.ContainsKey(Contanst.Login_Cookie_SystemAdminUserInfo) && ApplicationContext.HttpContext.Current.GetCookie(Contanst.Login_Cookie_SystemAdminUserInfo).IsNotEmpty()) { ticket = ApplicationContext.HttpContext.Current.GetCookie(Contanst.Login_Cookie_SystemAdminUserInfo); } if (ticket.IsNullOrEmpty()) { return(false); } sysAdminUserDtoModel = ticket.FromJsonToObject <LoginSystemAdminResultViewModel>(); if (null != sysAdminUserDtoModel) { #region 验证基础签名 string deSign = string.Empty; try { deSign = DESEncrypt.Decrypt(sysAdminUserDtoModel.Sign); } catch { } if (deSign.IsNullOrEmpty()) { return(false); } string[] arrSign = deSign.Split('|'); long timeSnamp = arrSign[0].ToLong(); int step = arrSign[1].ToInt(); //时间戳之间的间隔不能过长-不可超过8小时 if ((DateTime.Now.ToTimeStampMilliseconds() - timeSnamp) / 1000 > 60 * 60 * 8) { return(false); } #endregion ApplicationContext.Current.IsSystemAdmin = sysAdminUserDtoModel.IsSuccess; } return(ApplicationContext.Current.IsSystemAdmin); } catch (Exception ex) { throw ex; } }
public BusinessViewModelContainer <bool> LoginCheckDyCode(PasswordLoginViewModel model) { BusinessViewModelContainer <bool> viewModel = new BusinessViewModelContainer <bool>(); try { if (model.CheckCode.IsNullOrEmpty()) { return(viewModel); } if (model.Sign.IsNullOrEmpty()) { viewModel.SetFalied("签名不能为空!"); return(viewModel); } string deSign = string.Empty; try { deSign = DESEncrypt.Decrypt(model.Sign); } catch { } if (deSign.IsNullOrEmpty()) { viewModel.SetFalied("签名错误!"); return(viewModel); } string[] arrSign = deSign.Split('|'); long timeSnamp = arrSign[0].ToLong(); int step = arrSign[1].ToInt(); //时间戳之间的间隔不能过长-不可超过5分钟 if ((DateTime.Now.ToTimeStampMilliseconds() - timeSnamp) / 1000 > 5 * 60) { viewModel.SetFalied("登录超时!请重新输入用户名密码!"); return(viewModel); } if (step != 2 || arrSign.Length < 4) { viewModel.SetFalied("登录必须输入密码!请重新输入用户名密码!"); return(viewModel); } string uName = arrSign[2]; string pwd = arrSign[3]; if (string.IsNullOrEmpty(uName) || string.IsNullOrEmpty(pwd)) { viewModel.SetFalied("登录必须输入密码!请重新输入用户名密码!"); return(viewModel); } var sysUser = Singleton <SysAdminService> .Instance .GetSysAdminFirstOrDefaultByCondition(x => x.Uname == uName && x.Upassword == pwd && x.State == true); if (null == sysUser) { viewModel.SetFalied("未知用户!"); return(viewModel); } if (string.IsNullOrEmpty(sysUser.PublicKey)) { viewModel.SetFalied("用户密钥已经失效!请联系管理员!"); return(viewModel); } //进行谷歌身份验证,如果验证通过,那么写入系统用户Cookie //写入凭证 //todo:进行谷歌二阶验证 var tfaProvider = new TwoFactorAuth(); bool validateResult = false; try { validateResult = tfaProvider.VerifyCode(sysUser.PublicKey, model.CheckCode); } catch { } if (true == validateResult) { //验证通过 //1 记录登录日志: var logModel = new SysLogModel { Level = 1, SysUserId = sysUser.Id, //LogType = (int)SysLogTypeEnum.Login, LogContent = $"超管账号:{sysUser.Uname} , 登录系统!", CreateTime = DateTime.Now, IpAddress = base.IpAddress }; Singleton <SysLogService> .Instance.AddOneSysLogModel(logModel); //2 客户端授权并进入后台页面 viewModel.Msg = "成功登录!"; viewModel.Data = true; var sysUserLoginModel = new LoginSystemAdminResultViewModel { AdminUserId = sysUser.Id, IsSuccess = true, Step = 3, Sign = model.Sign//自定义签名 }; string authJson = sysUserLoginModel.ToJson(); //写入用户基本信息Cookie HttpContext.SetCookie(Contanst.Global_Site_Domain_Cookie, Contanst.Login_Cookie_SystemAdminUserInfo, authJson); } else { viewModel.SetFalied("口令已经过期,请重新输入!"); } } catch (Exception ex) { viewModel.SetFalied("验证失败!"); Logger.Error(ex); } return(viewModel); }