Example #1
0
        public AuthenticateResult Authenticate(string username, string password)
        {
            try
            {
                using (var conn = RepositoryManager.GetNewConnection())
                {
                    var repo          = RepositoryManager.GetRepository <ISysOperatorRepository>();
                    var operatorInfos = repo.Query(new Hashtable {
                        { "LoginName", username }, { "Status", (int)GeneralStatus.Enabled }
                    });
                    if (!operatorInfos.Any())
                    {
                        return(new AuthenticateResult()
                        {
                            ResultType = ResultType.UserNotFound, Messages = new[] { "User does not exist." }
                        });
                    }

                    var operatorInfo = operatorInfos.First();
                    var hashPassword = SysOperatorExtension.ExcryptPassword(password, operatorInfo.Salt);
                    if (hashPassword == operatorInfo.Password)
                    {
                        operatorInfo.MaskPassword();
                        operatorInfo.Password = password; // return password
                        return(new AuthenticateResult()
                        {
                            ResultType = ResultType.OK, Messages = new[] { "OK" }, OperatorInfo = operatorInfo
                        });
                    }
                    else
                    {
                        return(new AuthenticateResult()
                        {
                            ResultType = ResultType.AuthenticationError, Messages = new[] { "invalid user name and password" }
                        });
                    }
                }
            }
            catch (Exception ex)
            {
                Log.Error(ex);
                return(new AuthenticateResult()
                {
                    ResultType = ResultType.UnknownError, Messages = new[] { "UnknownError" }
                });
            }
        }
        public HttpResponseMessage Put(int id, [FromBody] SysOperator sysOperatorInfo)
        {
            return(ActionWarpper.Process(sysOperatorInfo, OperationCodes.MSYSOPT, () =>
            {
                sysOperatorInfo.OperatorID = id;
                var sysOperatorRepository = RepositoryManager.GetRepository <ISysOperatorRepository>();
                var sysOperatorRoleRepo = RepositoryManager.GetRepository <ISysOperatorRoleRepository>();

                var originalsysOperatorInfo = sysOperatorRepository.GetByKey(id);
                if (originalsysOperatorInfo == null)
                {
                    return Request.CreateResponse(HttpStatusCode.BadRequest, string.Format("operator Id={0} does not exist.", id));
                }

                #region SysOperatorRole
                var addedRoles = new List <SysOperatorRole>();
                var deletedRoleIds = new List <int>();
                if (sysOperatorInfo.SysOperatorRoles != null && sysOperatorInfo.SysOperatorRoles.Any())
                {
                    var originalPermissionIDs = originalsysOperatorInfo.SysOperatorRoles.Select(d => d.SysOperatorRoleID);
                    var currentPermissionIDs = sysOperatorInfo.SysOperatorRoles.Select(d => d.SysOperatorRoleID);
                    deletedRoleIds = originalPermissionIDs.Except(currentPermissionIDs).ToList();

                    addedRoles = sysOperatorInfo.SysOperatorRoles.FindAll(d => d.SysOperatorRoleID == 0);

                    deletedRoleIds.ForEach(d => sysOperatorRoleRepo.Delete(d));
                    addedRoles.ForEach(d => sysOperatorRoleRepo.Insert(d));
                    sysOperatorInfo.SysOperatorRoles.FindAll(d => d.SysOperatorRoleID != 0).ForEach(d => sysOperatorRoleRepo.Update(d));
                }
                else
                {
                    deletedRoleIds = originalsysOperatorInfo.SysOperatorRoles.Select(d => d.SysOperatorRoleID).ToList();
                    deletedRoleIds.ForEach(d => sysOperatorRoleRepo.Delete(d));
                }

                #endregion

                string salt = originalsysOperatorInfo.Salt;
                var hashPassword = SysOperatorExtension.ExcryptPassword(sysOperatorInfo.Password, salt);
                sysOperatorInfo.Password = hashPassword;
                sysOperatorInfo.Salt = salt;
                sysOperatorRepository.Update(sysOperatorInfo);

                return Request.CreateResponse(HttpStatusCode.OK);
            }, this));
        }
        public HttpResponseMessage Post([FromBody] SysOperator sysOperatorInfo)
        {
            return(ActionWarpper.Process(sysOperatorInfo, OperationCodes.ASYSOPT, () =>
            {
                var sysOperatorRepository = RepositoryManager.GetRepository <ISysOperatorRepository>();
                var sysOperatorRoleRepo = RepositoryManager.GetRepository <ISysOperatorRoleRepository>();

                string salt = Guid.NewGuid().ToString();
                var hashPassword = SysOperatorExtension.ExcryptPassword(sysOperatorInfo.Password, salt);
                sysOperatorInfo.Password = hashPassword;
                sysOperatorInfo.Salt = salt;
                sysOperatorRepository.Insert(sysOperatorInfo);

                sysOperatorInfo.SysOperatorRoles.ForEach(a => a.OperatorID = sysOperatorInfo.OperatorID);
                sysOperatorInfo.SysOperatorRoles.ForEach(a => sysOperatorRoleRepo.Insert(a));

                return Request.CreateResponse(HttpStatusCode.OK, sysOperatorInfo);
            }, this));
        }
Example #4
0
        public GenericResult ChangePassowrd(string username, string oldPassword, string newPassword)
        {
            var sw = Stopwatch.StartNew();

            using (var conn = RepositoryManager.GetNewConnection())
                using (var transaction = conn.BeginTransaction())
                {
                    try
                    {
                        var repo          = RepositoryManager.GetRepository <ISysOperatorRepository>();
                        var operatorInfos = repo.Query(new Hashtable {
                            { "LoginName", username }, { "Status", (int)GeneralStatus.Enabled }
                        });
                        if (!operatorInfos.Any())
                        {
                            return(new AuthenticateResult()
                            {
                                ResultType = ResultType.UserNotFound, Messages = new[] { "User does not exist." }
                            });
                        }

                        var operatorInfo = operatorInfos.First();
                        var hashPassword = SysOperatorExtension.ExcryptPassword(oldPassword, operatorInfo.Salt);

                        if (hashPassword != operatorInfo.Password)
                        {
                            return(new GenericResult()
                            {
                                ResultType = ResultType.AuthenticationError, Messages = new [] { "AuthenticationError" }
                            });
                        }

                        operatorInfo.Salt     = Guid.NewGuid().ToString();
                        operatorInfo.Password = SysOperatorExtension.ExcryptPassword(newPassword, operatorInfo.Salt);
                        repo.UpdatePassword(operatorInfo);

                        Log.Info("Commit transaction!");
                        transaction.Commit();

                        return(new GenericResult()
                        {
                            ResultType = ResultType.OK, Messages = new[] { "OK" }
                        });
                    }
                    catch (Exception ex)
                    {
                        Log.Error("Unhandled error", ex);

                        if (transaction != null)
                        {
                            Log.Warn("Rollback transaction!");
                            transaction.Rollback();
                        }

                        return(new GenericResult()
                        {
                            ResultType = ResultType.UnknownError, Messages = new[] { "UnknownError" }
                        });
                    }
                    finally
                    {
                        Log.InfoFormat("Finish processing request, cost {0} milliseconds.", sw.ElapsedMilliseconds);
                    }
                }
        }