Ejemplo n.º 1
0
        /// <summary>
        /// 管理后台AD验证
        /// </summary>
        /// <param name="dto"></param>
        /// <returns></returns>
        public async Task <ReturnValueModel> AdminVerifyAsync(VerifyAdminInputDto dto)
        {
            ReturnValueModel rvm = new ReturnValueModel();

            try
            {
                //if (string.IsNullOrEmpty(dto?.Value))
                //{
                //    rvm.Success = false;
                //    rvm.Msg = "请输入账号和密码。";
                //    return rvm;
                //}
                //string a = Encoding.Default.GetString(Convert.FromBase64String(dto.Value));
                //string pattern = @"(\\[^bfrnt\\/‘\""])";
                //var result = System.Text.RegularExpressions.Regex.Replace(a, pattern, "\\$1");
                //VerifyBase verifyAdmin = Json.ToObject<VerifyBase>(result);

                if (string.IsNullOrEmpty(dto?.UserName))
                {
                    rvm.Success = false;
                    rvm.Msg     = "请输入账号。";
                    return(rvm);
                }
                if (string.IsNullOrEmpty(dto?.Password))
                {
                    rvm.Success = false;
                    rvm.Msg     = "请输入密码。";
                    return(rvm);
                }

                var user = await _rep.FirstOrDefaultAsync <UserModel>(s => s != null && s.IsDeleted != 1 && s.ADAccount == dto.UserName.ToUpper());

                //是否系统管理员
                if (user?.Id == "00000000-0000-0000-0000-000000000000")
                {
                    if (user?.Password != dto.Password)
                    {
                        rvm.Success = false;
                        rvm.Msg     = "登录失败。";
                        return(rvm);
                    }
                }
                else
                {
                    //匹配AD白名单
                    var whiteName = await _rep.FirstOrDefaultAsync <BotADWhiteName>(s => s.IsDeleted != 1 && s.ADAccount == dto.UserName);

                    //var isWhiteName = await CheckWhiteName(dto.UserName);
                    if (whiteName == null)
                    {
                        rvm.Success = false;
                        rvm.Msg     = "您输入的账号无权限访问或账号密码不正确。";
                        rvm.Result  = null;
                        LoggerHelper.WriteLogInfo("[CheckWhiteName]:错误------不在白名单");
                        return(rvm);
                    }

                    //验证AD域
                    var verify = await GetVerifyApi(dto.UserName, dto?.Password);

                    if (verify.Success == false)
                    {
                        return(verify);
                    }

                    //var user = await _rep.FirstOrDefaultAsync<UserModel>(s => s != null && s.IsDeleted != 1 && s.ADAccount == dto.UserName.ToUpper());
                    if (user == null)
                    {
                        var id = Guid.NewGuid().ToString();
                        user = new UserModel
                        {
                            Id         = id,
                            ADAccount  = dto.UserName.ToUpper(),
                            Code       = id,
                            IsDeleted  = 0,
                            IsEnabled  = 0,
                            Password   = Guid.NewGuid().ToString(),
                            CreateTime = DateTime.UtcNow.AddHours(8),
                            CreateUser = id,
                        };
                        _rep.Insert <UserModel>(user);
                    }
                    else
                    {
                        if (user.ADAccount != dto.UserName)
                        {
                            user.ADAccount = dto.UserName.ToUpper();
                            _rep.Update(user);
                        }
                    }
                    string roleId   = "002222B5-C4D4-4DD7-9FEE-53201BD2BA55";
                    var    userRole = await _rep.FirstOrDefaultAsync <UserRole>(s => s.IsDeleted != 1 && s.UserId == user.Id && s.RoleId == roleId);

                    //添加审核员权限
                    if (whiteName.ChatAudit == 1 && userRole == null)
                    {
                        _rep.Insert <UserRole>(new UserRole
                        {
                            Id         = Guid.NewGuid().ToString(),
                            SapCode    = user.Code,
                            UserId     = user.Id,
                            RoleId     = roleId,
                            CreateTime = DateTime.UtcNow.AddHours(8),
                            CreateUser = user.Id,
                        });
                    }
                    _rep.SaveChanges();
                }
                string _host   = ConfigurationManager.AppSettings["HostUrl"];
                var    buToken = await new WebClient <string>()
                                 .Post($"{_host}/auth/token")
                                 .Data(new Dictionary <string, object>
                {
                    { "username", user.ADAccount },
                    { "password", user.Password },
                    { "grant_type", "password" },
                    { "CompanyCode", user.CompanyCode ?? "" },
                }).ResultAsync();

                if (string.IsNullOrEmpty(buToken.ToString()))
                {
                    rvm.Msg     = "fail";
                    rvm.Success = false;
                    rvm.Result  = "获取HCP,token失败" + _host;
                    return(rvm);
                }
                dynamic obj = new ExpandoObject();
                obj.BuToken = Json.ToObject <HCPTokenOutDto>(buToken.ToString());

                //生成KBS系统Token
                string kbsHost        = ConfigurationManager.AppSettings["KBSUrl"];
                string loginSecretkey = ConfigurationManager.AppSettings["LoginSecretkey"];
                string sign           = Tool.Sign(new Dictionary <string, object>
                {
                    { "Id", user.Id }
                }, loginSecretkey);
                var kbsToken = await new WebClient <Result>()
                               .Post($"{kbsHost}Account/LoginAD")
                               .JsonData(new LoginADInputDto
                {
                    Sign = sign,
                    Id   = user.Id
                }).ResultFromJsonAsync();
                if (kbsToken?.Code == 0)
                {
                    rvm.Msg     = "fail";
                    rvm.Success = false;
                    rvm.Result  = kbsToken?.Message;
                    return(rvm);
                }
                obj.KbsToken = Json.ToObject <KBSTokenOutDto>(kbsToken.Data.ToString());
                _cacheManager.Set(user.Id.ToString() + "KBS", obj.KbsToken, 12);

                rvm.Msg     = "success";
                rvm.Success = true;
                rvm.Result  = obj;
            }
            catch (Exception ex)
            {
                string error = string.Empty;
                error      += ($"--------------------------------------------------------------------------------");
                error      += ($"[MSG]:{ex.Message};\n");
                error      += ($"[Source]:{ex.Source}\n");
                error      += ($"[StackTrace]:{ex.StackTrace}\n");
                error      += ($"[StackTrace]:{ex.TargetSite.Name}\n");
                error      += ($"--------------------------------------------------------------------------------");
                rvm.Msg     = "fail_";
                rvm.Success = false;
                rvm.Result  = error;
            }

            return(rvm);
        }
Ejemplo n.º 2
0
        public async Task <IHttpActionResult> AdminVerify([FromBody] VerifyAdminInputDto dto)
        {
            var ret = await _aDVerifyService.AdminVerifyAsync(dto);

            return(Ok(ret));
        }