private static ILoginUser LoadUserInfo(int uid)
{
LoginUser lu = new LoginUser();
using (var proxy = new RedisProxy(RedisProxy.DbSystem))
{
lu.User = proxy.GetEntity <UserData>(uid);
if (lu.User == null)
{
LogRecorder.RecordLoginLog("用户ID{0}无效", uid);
return(LoginUser.Anymouse);
}
if (uid == 1)
{
lu.Personnel = LoginUser.SystemUser.Personnel;
lu.Position = LoginUser.SystemUser.Position;
return(lu);
}
lu.Personnel = proxy.GetEntity($"e:pp:{uid}", LoginUser.Anymouse.Personnel);
if (lu.Personnel == LoginUser.Anymouse.Personnel)
{
LogRecorder.RecordLoginLog("{0}({1})人员信息为空", lu.User.RealName, uid);
}
lu.Position = proxy.GetEntity(lu.Personnel.OrganizePositionId, LoginUser.Anymouse.Position);
if (lu.Position == LoginUser.Anymouse.Position)
{
LogRecorder.RecordLoginLog("{0}({1})职位信息为空", lu.User.RealName, uid);
}
}
return(lu);
}
/// <summary>
/// 登录
/// </summary>
/// <param name="userHostAddress"></param>
/// <param name="userName">用户名</param>
/// <param name="pwd">密码</param>
/// <returns></returns>
public static Guid WebLogin(string userHostAddress, string userName, string pwd)
{
if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(pwd))
{
LogRecorder.RecordLoginLog($@"用户名({userName})或密码{pwd}为空,来自{userHostAddress}");
return(Guid.Empty);
}
Guid token;
int uid;
using (var proxy = new RedisProxy(RedisProxy.DbSystem))
{
var pwd2 = proxy.Get(DataKeyBuilder.ToKey("user", userName, "pwd"));
if (pwd2 == null || !string.Equals(pwd, pwd2))
{
LogRecorder.RecordLoginLog($@"{userName}密码不对{pwd2}-[测试]{pwd},来自{userHostAddress}");
return(Guid.Empty);
}
uid = proxy.GetValue <int>(DataKeyBuilder.ToKey("user", userName, "id"));
if (uid == 0)
{
LogRecorder.RecordLoginLog($@"{userName}用户不存在,来自{userHostAddress}");
return(Guid.Empty);
}
}
using (var proxy = new RedisProxy(RedisProxy.DbAuthority))
{
var tk = DataKeyBuilder.ToKey("login", userName, "token");
token = proxy.GetValue <Guid>(tk);
if (token == Guid.Empty)
{
token = Guid.NewGuid();
proxy.SetValue(tk, token);
}
proxy.Set(DataKeyBuilder.ToKey("login", token), new LoginToken
{
UserId = uid,
Address = userHostAddress == "::1" ? "127.0.0.1" : userHostAddress,
Token = token,
LoginDateTime = DateTime.Now,
LastDateTime = DateTime.Now,
TimeOut = DateTime.Now.AddMinutes(30)
});
}
BusinessContext.Current.Tooken = token;
BusinessContext.Current.PowerChecker.ReloadLoginUserInfo(token);
return(token);
}
/// <summary>
/// 检查动作是否允许
/// </summary>
protected override bool CheckCanDo()
{
if (IsPublicPage)
{
return(true);
}
if (CanDoAction(_action))
{
LogRecorder.RecordLoginLog("用户{0}({3})访问{1}的的动作{2}", LoginUser.RealName, Request.Url, _action, LoginUser.Id);
return(true);
}
BusinessContext.Current.PowerChecker.SavePageAction(this.PageItem.Id, _action, _action, _action, "action");
LogRecorder.RecordLoginLog("用户{0}({3})访问{1}的动作{2}时没有权限", LoginUser.RealName, Request.Url, _action, LoginUser.Id);
IsFailed = true;
Message = "非法访问";
State = 2;
return(false);
}
private void EnableUser(UserData user, PositionPersonnelData personnel)
{
user.UserName = personnel.Mobile;
user.RealName = personnel.Personnel;
if (personnel.RoleId > 0)
{
user.RoleId = personnel.RoleId;
}
else if (user.RoleId > 0)
{
_posAccess.SetValue(p => p.RoleId, user.RoleId, personnel.PersonnelId);
}
user.AuditState = AuditStateType.Pass;
user.DataState = DataStateType.Enable;
user.Memo = personnel.Department;
Access.Update(user);
LogRecorder.RecordLoginLog("用户{0}-{1}({2})已重新启用", personnel.Personnel, user.UserName, user.Id);
CacheUser(personnel, user);
}
private static int CheckToken(string userHostAddress, Guid token)
{
using (var proxy = new RedisProxy(RedisProxy.DbAuthority))
{
var ik = DataKeyBuilder.ToKey("login", token);
var info = proxy.TryGet <LoginToken>(ik);
if (info == null || info.TimeOut <= DateTime.Now)
{
LogRecorder.RecordLoginLog("令牌{0}过期", token);
return(0);
}
if (info.Address != userHostAddress)
{
LogRecorder.RecordLoginLog("IP【{0}】-【{1}】不相同", userHostAddress, info.Address);
}
info.TimeOut = DateTime.Now.AddMinutes(30);
info.LastDateTime = DateTime.Now;
proxy.Set(ik, info);
return(info.UserId);
}
}
private void InsertUser(PositionPersonnelData personnel)
{
UserData user;
Access.Insert(user = new UserData
{
Id = personnel.PersonnelId,
UserName = personnel.Mobile,
RealName = personnel.Personnel,
RoleId = personnel.RoleId,
PassWord = default_password,
AuditState = AuditStateType.Pass,
DataState = DataStateType.Enable,
Memo = personnel.Department
});
var pAccess = new PersonnelDataAccess();
pAccess.SetValue(p => p.UserId, user.Id, personnel.PersonnelId);
LogRecorder.RecordLoginLog("用户{0}-{1}({2})已加入系统", user.UserName, personnel.Personnel, user.Id);
CacheUser(personnel, user);
}
private void DiscardUser(PositionPersonnelData personnel)
{
if (personnel.UserId <= 0)
{
return;
}
var user = Details(personnel.UserId);
if (user == null)
{
return;
}
user.DataState = DataStateType.Discard;
user.AuditState = AuditStateType.None;
Access.Update(user);
LogRecorder.RecordLoginLog(personnel.DepartmentId == 0
? "用户{0}-{1}因为没有分配职位而被系统废弃"
: "用户{0}-{1}职位分配数据未审核通过被系统废弃"
, personnel.Personnel
, personnel.UserId);
CacheUser(personnel, user);
}