public IHttpActionResult ResetPwd(AccountResetPwdModel accountResetPwdModel)
{
var account = _accountService.GetAccountUserByUsername(accountResetPwdModel.UserName);
if (account.Password != _encryptionService.EncryptText(accountResetPwdModel.Password))
{
return(BadRequest("原密码输入不正确!"));
}
if (accountResetPwdModel.Newpassword != accountResetPwdModel.Againpassword)
{
return(BadRequest("两次输入的密码不一致!"));
}
account.Password = _encryptionService.EncryptText(accountResetPwdModel.Newpassword);
//保存用户
_accountService.UpdateAccountUser(account);
//activity log
_accountUserActivityService.InsertActivity("UpdateAccount", "更新 名为 {0} 的用户的基本信息", account.UserName);
//SuccessNotification(_localizationService.GetResource("Admin.Catalog.Categories.Added"));
return(Ok());
}
/// <summary>
/// 验证用户的正确性
/// </summary>
/// <param name="account"></param>
/// <param name="password"></param>
/// <returns></returns>
public Task <AccountUser> ValidateAccountUserAsync(string account, string password)
{
if (string.IsNullOrWhiteSpace(password))
{
throw new ArgumentNullException("密码不能为空");
}
var accountUser = _accountUserService.GetAccountUserByUsername(account);
if (accountUser != null)
{
bool passwordCorrect = false;
switch (accountUser.PasswordFormat)
{
case PasswordFormat.Clear:
{
passwordCorrect = password == accountUser.Password;
}
break;
case PasswordFormat.Encrypted:
{
passwordCorrect = _encryptionService.EncryptText(password) == accountUser.Password;
}
break;
case PasswordFormat.Hashed:
{
string saltKey = _encryptionService.CreateSaltKey(5);
passwordCorrect = _encryptionService.CreatePasswordHash(password, saltKey, _customerSettings.HashedPasswordFormat) == accountUser.Password;
}
break;
default:
break;
}
if (passwordCorrect)
{
accountUser.LastLoginDate = DateTime.Now;
_accountUserService.UpdateAccountUser(accountUser);
return(Task.FromResult(accountUser));
}
}
return(Task.FromResult <AccountUser>(null));;
}
/// <summary>
/// 用户注册
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public virtual AccountUserRegistrationResult RegisterAccountUser(AccountUserRegistrationRequest request)
{
if (request == null)
{
throw new ArgumentNullException("request");
}
if (request.AccountUser == null)
{
throw new ArgumentNullException("无法加载当前用户");
}
var result = new AccountUserRegistrationResult();
if (request.AccountUser.IsSearchEngineAccount())
{
result.AddError("搜索引擎用户无法注册");
return(result);
}
if (request.AccountUser.IsBackgroundTaskAccount())
{
result.AddError("Background task account can't be registered");
return(result);
}
if (String.IsNullOrWhiteSpace(request.Password))
{
result.AddError("密码不能为空");
return(result);
}
//暂时
if (_customerSettings.UsernamesEnabled)
{
if (String.IsNullOrEmpty(request.Username))
{
result.AddError("用户名不能为空");
return(result);
}
}
if (_customerService.GetAccountUserByUsername(request.Username) != null)
{
result.AddError(string.Format("用户名已经注册用户"));
return(result);
}
//at this point request is valid
request.AccountUser.UserName = request.Username;
request.AccountUser.PasswordFormat = request.PasswordFormat;
switch (request.PasswordFormat)
{
case PasswordFormat.Clear:
{
request.AccountUser.Password = request.Password;
}
break;
case PasswordFormat.Encrypted:
{
request.AccountUser.Password = _encryptionService.EncryptText(request.Password);
}
break;
case PasswordFormat.Hashed:
{
string saltKey = _encryptionService.CreateSaltKey(5);
request.AccountUser.PasswordSalt = saltKey;
request.AccountUser.Password = _encryptionService.CreatePasswordHash(request.Password, saltKey, _customerSettings.HashedPasswordFormat);
}
break;
default:
break;
}
request.AccountUser.Active = request.IsApproved;
//add to 'Registered' role
var registeredRole = _customerService.GetAccountUserRoleBySystemName(SystemAccountUserRoleNames.Registered);
if (registeredRole == null)
{
throw new QZCHYException("'Registered' role could not be loaded");
}
request.AccountUser.AccountUserRoles.Add(registeredRole);
//remove from 'Guests' role
var guestRole = request.AccountUser.AccountUserRoles.FirstOrDefault(cr => cr.SystemName == SystemAccountUserRoleNames.Guests);
if (guestRole != null)
{
request.AccountUser.AccountUserRoles.Remove(guestRole);
}
//Add reward points for customer registration (if enabled)
if (_rewardPointsSettings.Enabled &&
_rewardPointsSettings.PointsForRegistration > 0)
{
//TODO:注册获得积分
// request.AccountUser.AddRewardPointsHistoryEntry(_rewardPointsSettings.PointsForRegistration, "注册获得积分");
}
_customerService.UpdateAccountUser(request.AccountUser);
return(result);
}