protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var logininfo = httpContext.Request.Cookies[Configs.CookieKey_LoginInfo];
if (logininfo == null)
{
return(false);
}
var cookieValue = Encrypts.GetDecryptString(logininfo.Value.ToString());
var cookieValues = cookieValue.Split(new char[] { '_' });
if (cookieValues == null || cookieValues.Length != 3)
{
return(false);
}
try
{
var accountId = Guid.Parse(cookieValues[0]);
var randomString = cookieValues[1].ToString();
var ticks = long.Parse(cookieValues[2]);
DateTime dtNow = DateTime.UtcNow;
DateTime dtToken = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddMilliseconds(ticks);
var totalMinutes = (dtNow - dtToken).TotalMinutes;
if ((dtNow - dtToken).TotalMinutes > 35)//长时间没访问
{
return(false);
}
string redisKey = $"{Configs.PlateForm}:AccountInfo:{accountId}";
accountInfo = RedisHelper.Get <AccountInfo>(Configs.RedisIndex_Web, redisKey);
if (accountInfo == null)
{
return(false);
}
if (accountInfo.Token != randomString)
{
return(false);
}
if (accountInfo.Status == (byte)AccountStatus.Disabled)
{
return(false);
}
if ((dtNow - dtToken).TotalMinutes > 5)//最少5分钟更新一次cookie和Redis
{
httpContext.Response.Cookies.Add(httpContext.Request.Cookies[Configs.CookieKey_LoginInfo]);
httpContext.Response.Cookies[Configs.CookieKey_LoginInfo].Value = Encrypts.GetEncryptString(accountId.ToString() + "_" + randomString);
httpContext.Response.Cookies[Configs.CookieKey_LoginInfo].HttpOnly = true;
RedisHelper.KeyExpire(Configs.RedisIndex_Web, redisKey, TimeSpan.FromDays(1));
}
httpContext.Request.Headers.Add("useraccountId", accountId.ToString());
return(AuthorizeRedirect(httpContext, accountInfo.Status));
}
catch (Exception ex)
{
return(false);
}
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var account = await new AccountComponent().GetAccountByUsernameAsync(model.MerchantId);
if (account == null)
{
ModelState.AddModelError("", AccountLogin.MerchantIdNotExist);
return(View(model));
}
try
{
SecurityVerify.Verify <PasswordVerification>(account.Id.ToString(), account.Password, model.Password);
}
catch (ApplicationException ex)
{
ModelState.AddModelError("", ex.Message);
return(View(model));
}
catch (Exception)
{
ModelState.AddModelError("", AccountLogin.Loginfailed);
return(View(model));
}
if (account.Status == (byte)AccountStatus.Disabled)
{
ModelState.AddModelError("", AccountLogin.AccountDisabed);
return(View(model));
}
string accountId = account.Id.ToString();
string randomString = Framework.RandomAlphaNumericGenerator.Generate(8);
var userCookie = Request.Cookies[Configs.CookieKey_LoginInfo];
if (userCookie == null)
{
var cookie = Response.Cookies[Configs.CookieKey_LoginInfo];
cookie.Value = Encrypts.GetEncryptString(accountId + "_" + randomString);
cookie.HttpOnly = true;
}
else
{
Response.Cookies.Add(Request.Cookies[Configs.CookieKey_LoginInfo]);
Response.Cookies[Configs.CookieKey_LoginInfo].Value = Encrypts.GetEncryptString(accountId + "_" + randomString);
Response.Cookies[Configs.CookieKey_LoginInfo].HttpOnly = true;
}
if (account.Status == (byte)AccountStatus.Registered)
{
returnUrl = $"/{CurrentLanguage}/firstsetting";
}
AccountInfo accountInfo = new AccountInfo
{
Id = account.Id,
Username = account.Username,
MerchantName = account.MerchantName,
// Currency = account.Currency,
Status = account.Status,
Token = randomString
};
RefreshAccountInfo(accountInfo);
return(RedirectToLocal(returnUrl));
}
public ActionResult Index(Account account, string TokenGid, string VerificationCode)
{
var securityVerify = new SecurityVerification(SystemPlatform.BackOffice);
var loginBll = new LoginBLL();
string loginMessage = String.Empty;
try
{
var loginErrorCountsInt = securityVerify.CheckErrorCount(SecurityMethod.Password, account.Username);
var cacheCode = RedisHelper.StringGet(TokenGid);
if (string.IsNullOrEmpty(cacheCode))
{
loginMessage = "Verification code was expired";
securityVerify.IncreaseErrorCount(SecurityMethod.Password, account.Username);
}
if (VerificationCode.ToUpper() != cacheCode.ToUpper())
{
loginMessage = "Verification code is wrong";
securityVerify.IncreaseErrorCount(SecurityMethod.Password, account.Username);
}
bool checkResult = loginBll.CheckUser(account.Username, account.Password, out account, ref loginMessage);
if (!checkResult)
{
securityVerify.IncreaseErrorCount(SecurityMethod.Password, account.Username);
}
RedisHelper.KeyDelete(TokenGid);
securityVerify.DeleteErrorCount(SecurityMethod.Password, account.Username);
}
catch (Framework.Exceptions.CommonException ex)
{
ViewBag.LoginMessage = string.IsNullOrEmpty(loginMessage) ? ex.Message : loginMessage;
return(View(account));
}
LoginUser lu = new LoginUser();
int roleId = account.RoleId.Value;
lu.UserId = account.Id;
lu.UserName = account.Username;
lu.RoleId = roleId;
lu.IsAdmin = false;// account.Username == "fiiipayadmin";
if (lu.IsAdmin)
{
lu.PerimissionList = loginBll.GetAllPermission(roleId);
}
else
{
lu.PerimissionList = loginBll.GetUserPermissionByRoleId(roleId);
}
RedisHelper.Set("loginuser" + account.Id, lu, new TimeSpan(1, 0, 0));
var userCookie = Request.Cookies["LoginUser"];
if (userCookie == null)
{
var cookie = Response.Cookies["LoginUser"];
cookie.Value = Encrypts.GetEncryptString(account.Id.ToString());
cookie.HttpOnly = true;
cookie.Expires = DateTime.Now.AddDays(1);
}
else
{
Response.Cookies.Add(Request.Cookies["LoginUser"]);
Response.Cookies["LoginUser"].Value = Encrypts.GetEncryptString(account.Id.ToString());
Response.Cookies["LoginUser"].Expires = DateTime.Now.AddDays(1);
Response.Cookies["LoginUser"].HttpOnly = true;
}
return(RedirectToAction("Index", "Home"));
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
string token = "loginuser";
var loginId = httpContext.Request.Cookies["LoginUser"];
if (loginId == null)
{
return(false);
}
var cookieValue = Encrypts.GetDecryptString(loginId.Value);
var cookieValues = cookieValue.Split(new char[] { '_' });
if (cookieValues == null || cookieValues.Length != 2)
{
return(false);
}
var userId = int.Parse(cookieValues[0]);
var ticks = long.Parse(cookieValues[1]);
DateTime dtNow = DateTime.UtcNow;
DateTime dtToken = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddMilliseconds(ticks);
var totalMinutes = (dtNow - dtToken).TotalMinutes;
if ((dtNow - dtToken).TotalMinutes > 125)//长时间没访问
{
return(false);
}
token += userId;
var loginSession = RedisHelper.Get <LoginUser>(token);
if (loginSession == null)
{
if (httpContext.Request.IsAjaxRequest())
{
httpContext.Response.AddHeader("sessionstatus", "timeout");
return(false);
}
return(false);
}
if ((dtNow - dtToken).TotalMinutes > 5)//最少5分钟更新一次Redis
{
httpContext.Response.Cookies.Add(httpContext.Request.Cookies["LoginUser"]);
httpContext.Response.Cookies["LoginUser"].Value = Encrypts.GetEncryptString(userId.ToString());
httpContext.Response.Cookies["LoginUser"].HttpOnly = true;
httpContext.Response.Cookies["LoginUser"].Expires = DateTime.Now.AddDays(1);
RedisHelper.KeyExpire(token, new TimeSpan(1, 0, 0));
}
if (PerimCode == null)
{
return(loginSession != null);
}
if (loginSession.IsAdmin)
{
return(true);
}
var perimList = loginSession.PerimissionList;
if (perimList == null || perimList.Count <= 0)
{
return(false);
}
var result = perimList.Any(t => PerimCode.Contains(t.PerimCode) && t.Value > 0);
return(result);
}
