protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { //Response.Redirect("Maintenance.aspx"); if (Request.QueryString.Count > 0 && Request.QueryString["email"] != null && Request.QueryString["pwd"] != null) { Session.Clear(); string uname = DataSecurity.Decrypt(Request.QueryString["email"].ToString()); string pwd = "ABC"; //DataSecurity.Decrypt(Request.QueryString["pwd"].ToString()); userlogin(uname, pwd); } if (GlobalVarables.isAuthenticated(Session)) { if (Request.QueryString.Count > 0 && Request.QueryString["From"] != null && Request.QueryString["From"].ToString() == "Cart") { Response.Redirect("~/MemberPanel/Repurchase_1.aspx"); } else { Response.Redirect("~/MemberPanel/DashBoard.aspx"); //Response.Redirect("~/MemberPanel/PromotrackerNov.aspx"); //Response.Redirect("~/MemberPanel/PromotionFeb.aspx"); //Response.Redirect("~/MemberPanel/AprilPromoTracker.aspx"); //Response.Redirect("~/MemberPanel/AnualBonanza.aspx"); } } } }
private void btnOK_Click(object sender, System.Web.UI.ImageClickEventArgs e) { //确定修改密码 try { if (txtOldPwd.Text.Length == 0 || txtNewPwd.Text.Length == 0 || txtConfirmPwd.Text.Length == 0) { throw new BusinessException("UpdatePwd", "不能为空!"); } if (txtOldPwd.Text.Equals(txtNewPwd.Text)) { throw new BusinessException("UpdatePwd", "新老密码一样!"); } if (!txtNewPwd.Text.Equals(txtConfirmPwd.Text)) { throw new BusinessException("UpdatePwd", "确认密码和新密码不一致!"); } if (!txtOldPwd.Text.Equals(DataSecurity.Decrypt(oper.cnvcOperPwd))) { throw new BusinessException("UpdatePwd", "输入的旧密码错误!"); } oper.cnvcOperPwd = DataSecurity.Encrypt(txtNewPwd.Text); SysManageFacade.UpdatePwd(oper); Popup("密码修改成功!"); //更新会话 Session[ConstApp.S_OPER] = oper; } catch (Exception ex) { Popup(ex.Message); } }
async void DatosUsuario() { usuarios = await data.GetUsuarios(); userID = usuarios.Where(x => x.UsuarioNombreReal == _usuario).Select(y => y.UsuarioID).FirstOrDefault(); perfilUsuario = await data.GetUsuario(userID); txtNombreRealPerfil.Text = perfilUsuario.UsuarioNombreReal; txtCorreoPerfil.Text = perfilUsuario.UsuarioCorreo; txtUsuarioPerfil.Text = perfilUsuario.UsuarioNombre; txtClavePerfil.Text = DataSecurity.Decrypt(perfilUsuario.UsuarioClave, "sblw-3hn8-sqoy19"); }
private void btnOK_Click(object sender, System.Web.UI.ImageClickEventArgs e) { //确定修改密码 try { if (txtOldPwd.Text.Length == 0 || txtNewPwd.Text.Length == 0 || txtConfirmPwd.Text.Length == 0) { throw new BusinessException("UpdatePwd", "不能为空!"); } if (txtOldPwd.Text.Equals(txtNewPwd.Text)) { throw new BusinessException("UpdatePwd", "新老密码一样!"); } if (!txtNewPwd.Text.Equals(txtConfirmPwd.Text)) { throw new BusinessException("UpdatePwd", "确认密码和新密码不一致!"); } if (Session[ConstValue.LOGIN_USER_SESSION] == null) { throw new BusinessException("UpdatePwd", "请先登录!"); } Oper oper = (Oper)Session[ConstValue.LOGIN_USER_SESSION]; if (!txtOldPwd.Text.Equals(DataSecurity.Decrypt(oper.cnvcPwd))) { throw new BusinessException("UpdatePwd", "输入的旧密码错误!"); } oper.cnvcPwd = DataSecurity.Encrypt(txtNewPwd.Text); Dept curDept = Session[ConstValue.LOGIN_DEPT_SESSION] as Dept; Oper curOper = Session[ConstValue.LOGIN_USER_SESSION] as Oper; BusiLog busiLog = new BusiLog(); busiLog.cndOperDate = DateTime.Now; busiLog.cnnSerial = Guid.NewGuid(); busiLog.cnvcOperName = curOper.cnvcOperName; busiLog.cnvcComments = "修改密码:" + oper.cnvcOperName; busiLog.cnvcDeptID = curDept.cnvcDeptID; busiLog.cnvcDeptName = curDept.cnvcDeptName; busiLog.cnvcOperType = "BS006"; busiLog.cnvcSource = "网站"; OperFacade.UpdatePwd(oper, busiLog); Session[ConstValue.LOGIN_USER_SESSION] = oper; Popup("密码修改成功!"); } catch (Exception ex) { Popup(ex.Message); } }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { DatabaseContext dbContext = new DatabaseContext(); string userName = context.UserName; string password = context.Password; if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(password)) { context.SetError("invalid_grant", "Invalid credentials"); return; } User user = dbContext.Users.Where(x => x.UserName == context.UserName).SingleOrDefault(); var identity = new ClaimsIdentity(context.Options.AuthenticationType); if (user != null) { UserDTO userDTO = UserDTO.From(user); string existingPassword = DataSecurity.Decrypt(user.Password); if (password != existingPassword) { context.SetError("invalid_grant", "Provided username and password is incorrect"); return; } UserRole userRole = dbContext.UserRoles.Where(x => x.UserId == user.Id).SingleOrDefault(); if (userRole != null) { identity.AddClaim(new Claim(ClaimTypes.Role, userRole.Role.Name)); identity.AddClaim(new Claim("username", user.UserName)); identity.AddClaim(new Claim(ClaimTypes.Email, user.UserName)); identity.AddClaim(new Claim(ClaimTypes.UserData, user.Id.ToString())); identity.AddClaim(new Claim("userId", user.Id.ToString())); var props = new AuthenticationProperties(new Dictionary <string, string> { { "username", userName }, { "role", userRole.Role.Name }, { "id", userDTO.Id.ToString() } }); if (userDTO.Role != null && userDTO.Role.Count > 0) { foreach (RoleDTO role in userDTO.Role) { if (role.Accesses != null && role.Accesses.Count > 0) { List <MenuDTO> menuList = role.Accesses.ToList(); foreach (MenuDTO menu in menuList) { identity.AddClaim(new Claim(ClaimTypes.Webpage, menu.ControllerName + "$%" + menu.ActionName)); } } } } string urlAPI = string.Format("api/Menu/GetByGeneralAccess?generalAccess=1"); var generlAccessMenu = dbContext.Menus.Where(x => x.IsGeneralAccess == true).ToList(); if (generlAccessMenu.Count > 0) { IList <MenuDTO> generlAccessMenuDTO = MenuDTO.From(generlAccessMenu); if (generlAccessMenuDTO != null && generlAccessMenuDTO.Count > 0) { foreach (MenuDTO menu in generlAccessMenuDTO) { identity.AddClaim(new Claim(ClaimTypes.Webpage, menu.ControllerName + "$%" + menu.ActionName)); } } } var ticket = new AuthenticationTicket(identity, props); context.Validated(ticket); context.Request.Context.Authentication.SignIn(identity); } else { context.SetError("invalid_grant", "Existing user not set any Role(s)"); return; } } else { context.SetError("invalid_grant", "Provided username and password is incorrect"); return; } }
public bool ValidatePassword(string pass) { string confirmPass = DataSecurity.Decrypt(this.Password); return(pass == confirmPass); }