public void LoginAsync(string loginName, string password, Action <DataResponse <LoginedUser>, Exception> callback) { RpcRoot.JsonRpc.PostAsync( _controllerName, nameof(IUserController.Login), RpcUser.GetSignData(loginName, password), new object(), callback); }
protected bool IsValidAdmin <TResponse>(ISignableData data, out TResponse response, out UserData user) where TResponse : ResponseBase, new() { user = null; if (!WebApiRoot.UserSet.IsReadied) { string message = "服务器用户集启动中,请稍后"; response = ResponseBase.NotExist <TResponse>(message); return(false); } ClientSignData query = ClientSign; if (!Timestamp.IsInTime(query.Timestamp)) { response = ResponseBase.Expired <TResponse>(); return(false); } if (!string.IsNullOrEmpty(query.LoginName)) { user = WebApiRoot.UserSet.GetUser(query.UserId); } if (user == null && !string.IsNullOrEmpty(query.LoginName)) { user = WebApiRoot.UserSet.GetUser(query.UserId); } if (user == null) { string message = "用户不存在"; response = ResponseBase.NotExist <TResponse>(message); return(false); } else if (!user.IsAdmin()) { string message = "对不起,您不是超管"; response = ResponseBase.NotExist <TResponse>(message); return(false); } string mySign = RpcUser.CalcSign(user.LoginName, user.Password, query.Timestamp, data); if (query.Sign != mySign) { string message = "登录名或密码错误"; response = ResponseBase.Forbidden <TResponse>(message); Write.DevDebug(() => $"{message} sign:{query.Sign} mySign:{mySign}"); return(false); } response = null; return(true); }
private static bool IsValidUser( ClientSignData clientSign, ISignableData data, bool isLoginAction, out ResponseBase response, out UserData user) { user = null; if (!AppRoot.UserSet.IsReadied) { string message = "服务器用户集启动中,请稍后"; response = ResponseBase.NotExist(message); return(false); } if (!Timestamp.IsInTime(clientSign.Timestamp)) { response = ResponseBase.Expired(); return(false); } if (!string.IsNullOrEmpty(clientSign.LoginName)) { user = AppRoot.UserSet.GetUser(clientSign.UserId); } if (user == null) { string message = "用户不存在"; response = ResponseBase.NotExist(message); return(false); } if (isLoginAction) { if (!AppRoot.UserSet.CheckLoginTimes(clientSign.LoginName)) { response = ResponseBase.Forbidden("对不起,您的尝试太过频繁"); return(false); } } string mySign = RpcUser.CalcSign(user.LoginName, user.Password, clientSign.Timestamp, data); if (clientSign.Sign != mySign) { string message = "签名错误:1. 可能因为登录名或密码错误;2. 可能因为软件版本过期需要升级软件。"; response = ResponseBase.Forbidden(message); return(false); } response = null; return(true); }
protected bool IsValidUser <TResponse>(ISignableData data, out TResponse response, out UserData user) where TResponse : ResponseBase, new() { user = null; if (!WebApiRoot.UserSet.IsReadied) { string message = "服务器用户集启动中,请稍后"; response = ResponseBase.NotExist <TResponse>(message); return(false); } ClientSignData query = ClientSign; if (!Timestamp.IsInTime(query.Timestamp)) { response = ResponseBase.Expired <TResponse>(); return(false); } // 对于User来说LoginName可以是LoginName、Email、Mobile if (!string.IsNullOrEmpty(query.LoginName)) { user = WebApiRoot.UserSet.GetUser(UserId.Create(query.LoginName)); } if (user == null) { string message = "用户不存在"; response = ResponseBase.NotExist <TResponse>(message); return(false); } if (user.IsAdmin()) { response = null; return(true); } string mySign = RpcUser.CalcSign(user.LoginName, user.Password, query.Timestamp, data); if (query.Sign != mySign) { string message = "签名错误:1. 可能因为登录名或密码错误;2. 可能因为软件版本过期需要升级软件,请将软件升级到最新版本再试。"; response = ResponseBase.Forbidden <TResponse>(message); return(false); } response = null; return(true); }
public void LoginAsync(string loginName, string password, Action <DataResponse <LoginedUser>, Exception> callback) { RpcRoot.PostAsync(RpcRoot.OfficialServerHost, RpcRoot.OfficialServerPort, _controllerName, nameof(IUserController.Login), RpcUser.GetSignData(loginName, password), new SignRequest(), callback); }