public async Task <StringWrapper> Authenticate(RequestUserLogin request) { var user = await dbContext .Users .AsTracking() .Where(r => r.PhoneNumber == request.PhoneNumber) .FirstOrDefaultAsync(); if (user == null) { throw new RecordNotFoundException(nameof(User)); } if (user.LoginTokenValue == null) { throw new NoLoginTokenException(); } if (DateTime.Now > user.LoginTokenExpirationTime) { throw new TokenExpiredException(); } if (user.LoginTokenValue != request?.LoginToken) { throw new InvalidRequestException("Wrong token"); } ////-- // authentication successful so generate jwt token var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Id.ToString(CultureInfo.InvariantCulture)) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var sessionToken = tokenHandler.WriteToken(token); ////-- user.LoginTokenValue = null; user.SessionToken = sessionToken; await dbContext.SaveChangesAsync(); return(new StringWrapper { Value = sessionToken }); }
public ResponseUserLogin UserCheck([FromBody] RequestUserLogin request) { try { UserBLL bll = new UserBLL(); return(bll.UserCheck(request)); } catch (Exception ex) { throw new HttpResponseException( Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.Message)); } }
public static void ValidateAndNormalizeAuthentication(RequestUserLogin request) { if (!General.IsDigitsOnly(request.LoginToken)) { throw new InvalidValueException(nameof(RequestUserLogin.LoginToken), request.LoginToken); } General.ValidateStringLength( nameof(RequestUserLogin.LoginToken), request.LoginToken, Settings.Services.LoginTokenLength, Settings.Services.LoginTokenLength, false); request.PhoneNumber = General.ConvertPhoneNoTo12Char( nameof(request.PhoneNumber), request.PhoneNumber); }
public ResponseUserLogin UserCheck(RequestUserLogin request) { ResponseUserLogin response = new ResponseUserLogin(); using (cnn = GetConnection()) { var ts = cnn.BeginTransaction(); try { string pass = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(request.Password, "MD5"); var users = cnn.Query <TKS_FAS_User>(@"select * from tks_fas_user where userName=@UserName and password=@Password", new { UserName = request.UserName, Password = pass }, ts).ToList(); if (users.Count() == 0) { throw new NormalException("用户名或者密码错误"); } TKS_FAS_User user = users[0]; if (user.Status == "0") { throw new NormalException("您的账号已被停用"); } ts.Commit(); response.IsSuccess = true; response.Id = user.Id; response.UserName = user.UserName; response.TrueName = user.TrueName; response.Message = "校验成功"; return(response); } catch (Exception ex) { ts.Rollback(); return(this.DealException(response, ex) as ResponseUserLogin); } } }
public RespondUserLogin Login(RequestUserLogin model) { throw new NotImplementedException(); }
public async Task <IActionResult> Authenticate([FromBody] RequestUserLogin request) { return(await ExecuteAsync( () => service.Authenticate(request), () => UserValidation.ValidateAndNormalizeAuthentication(request))); }
public ResponseUserLogin UserLogin(RequestUserLogin request) { ResponseUserLogin response = new ResponseUserLogin(); using (cnn = GetConnection()) { var ts = cnn.BeginTransaction(); try { string pass = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(request.Password, "MD5"); var users = cnn.Query <TKS_FAS_UserExt>(@"select A.*,B.NodeId ,C.Name as NodeName from tks_fas_user A left join TKS_FAS_User2Node B on A.id=b.UserId left join TKS_FAS_Node C on B.NodeId=c.id where A.userName=@UserName and A.password=@Password", new { UserName = request.UserName, Password = pass }, ts).ToList(); if (users.Count() == 0) { users = cnn.Query <TKS_FAS_UserExt>(@"select A.*,B.NodeId ,C.Name as NodeName from tks_fas_user A left join TKS_FAS_User2Node B on A.id=b.UserId left join TKS_FAS_Node C on B.NodeId=c.id where A.Mobile=@Mobile and A.password=@Password", new { Mobile = request.Mobile, Password = pass }, ts).ToList(); if (users.Count() == 0) { throw new NormalException("用户名或者密码错误"); } } TKS_FAS_UserExt user = users[0]; if (user.Status == "0") { throw new NormalException("您的账号已被停用"); } //token cnn.Execute("delete from tks_fas_token where userid=@UserId and source='WEB'", new { UserId = user.Id }, ts); TKS_FAS_Token token = new TKS_FAS_Token(); token.Id = Guid.NewGuid().ToString("N"); token.UserId = user.Id; token.Token = Guid.NewGuid().ToString("N"); token.ActiveTime = DateTime.Now; token.Source = "WEB"; cnn.Insert <TKS_FAS_Token>(token, ts); ts.Commit(); response.IsSuccess = true; response.Id = user.Id; response.Sex = user.Sex; response.Token = token.Token; response.UserName = user.UserName; response.TrueName = user.TrueName; response.NodeName = user.NodeName; response.Message = "登陆成功"; return(response); } catch (Exception ex) { ts.Rollback(); return(this.DealException(response, ex) as ResponseUserLogin); } } }
public ResponseUserLogin_WX WXLogin(RequestUserLogin request) { ResponseUserLogin_WX response = new ResponseUserLogin_WX(); using (cnn = GetConnection()) { var ts = cnn.BeginTransaction(); try { var users = cnn.Query <TKS_FAS_MobileVerification>(@"select * from TKS_FAS_MobileVerification where Status='OP' and CodeType='WX_Regist' and Mobile=@Mobile and VerCode=@VerCode", new { Mobile = request.Mobile, VerCode = request.VerCode }, ts).FirstOrDefault(); if (users == null) { response.IsSuccess = false; response.Message = "验证码失效"; return(response); } else { string userid = ""; string role = ConfigurationManager.AppSettings["GZQY-ADMIN"]; cnn.Execute("update TKS_FAS_MobileVerification set Status='SE' where Id=@Id", new { Id = users.Id }, ts); UserBLL bll = new UserBLL(); string sql = @"select * from TKS_FAS_User where mobile=@Mobile"; var user = cnn.Query <TKS_FAS_User>(sql, new { Mobile = request.Mobile }, ts).FirstOrDefault(); if (user != null) { userid = user.Id; response.user = user; //判断是否有企业主角色,没有则添加企业主角色权限 var QY = cnn.Query <TKS_FAS_User2Role>(@"select * from TKS_FAS_User2Role where UserId=@UserId and RoleId=@RoleId", new { UserId = user.Id, RoleId = role }, ts).FirstOrDefault(); if (QY == null) { TKS_FAS_User2Role u2r = new TKS_FAS_User2Role(); u2r.Id = Guid.NewGuid().ToString(); u2r.UserId = user.Id; u2r.RoleId = role;//雇主企业管理员角色ID,注册默认; cnn.Insert <TKS_FAS_User2Role>(u2r, ts); } response.IsSuccess = true; //response.UserType = "0";//有关联的企业账套,直接登录进入主页面 response.Message = "登陆成功"; } else { //创建企业主账号,赋予企业主角色权限 TKS_FAS_User newuser = new TKS_FAS_User(); newuser.Id = Guid.NewGuid().ToString("N"); newuser.UserName = request.Mobile; newuser.TrueName = request.Mobile; //newuser.Sex = request.User.Sex; newuser.Mobile = request.Mobile; string pass = System.Web.Security.FormsAuthentication. HashPasswordForStoringInConfigFile("123456", "MD5"); newuser.Password = pass; newuser.Status = "1";//启用 newuser.CreateUser = "******"; newuser.CreateDate = DateTime.Now; cnn.Insert <TKS_FAS_User>(newuser, ts); TKS_FAS_User2Role u2r = new TKS_FAS_User2Role(); u2r.Id = Guid.NewGuid().ToString(); u2r.UserId = newuser.Id; u2r.RoleId = role;//雇主企业管理员角色ID,注册默认; cnn.Insert <TKS_FAS_User2Role>(u2r, ts); response.user = newuser; response.IsSuccess = true; response.Message = "登陆成功"; userid = newuser.Id; } //token cnn.Execute("delete from tks_fas_token where userid=@UserId and source='WXAPP'", new { UserId = userid }, ts); TKS_FAS_Token token = new TKS_FAS_Token(); token.Id = Guid.NewGuid().ToString("N"); token.UserId = userid; token.Token = Guid.NewGuid().ToString("N"); token.ActiveTime = DateTime.Now; token.Source = "WXAPP"; cnn.Insert <TKS_FAS_Token>(token, ts); ts.Commit(); response.Token = token.Token; return(response); } } catch (Exception ex) { ts.Rollback(); return(this.DealException(response, ex) as ResponseUserLogin_WX); } } }