Example #1
0
        public override string Deal(Dictionary <string, string> param)
        {
            AuthResult Result = new AuthResult();

            if (!param.ContainsKey("user_id") ||
                !param.ContainsKey("user_token") ||
                !param.ContainsKey("request_url"))
            {
                return("{\"code\":1,\"msg\":\"wrong_params\"}");
            }
            else
            {
                try
                {
                    var userId      = nwbase_utils.Tools.GetInt(param["user_id"], 0);
                    var userToken   = param["user_token"];
                    var requestUrl  = param["request_url"];
                    var actionValue = param.ContainsKey("action_value") ? param["action_value"] : string.Empty;

                    if (userId < 0 || string.IsNullOrEmpty(userToken) || string.IsNullOrEmpty(requestUrl) || !requestUrl.StartsWith("http"))
                    {
                        Result.code = 2;
                        Result.msg  = "当前用户没有该模块的访问权限";
                    }
                    else
                    {
                        RightBll rightBll = new RightBll();

                        #region 验证用户Token

                        string server_utoken = nwbase_utils.Cache.CacheHelper.GetCache(string.Format("LoginUser_{0}", userId)) as string;
                        if (server_utoken == userToken)
                        {
                            //用户Token 验证成功
                            Result.auth_user           = new UserModelResult();
                            Result.auth_user.UserId    = userId;
                            Result.auth_user.UserToken = userToken;

                            // 用户信息
                            UserInfo userInfo = rightBll.GetUserInfo(userId, "");
                            if (userInfo != null)
                            {
                                Result.auth_user.TeamType  = userInfo.TeamType;
                                Result.auth_user.TeamRefId = userInfo.TeamRefId;
                                Result.auth_user.TeamFlag  = userInfo.TeamFlag;
                                Result.auth_user.TeamName  = userInfo.TeamName;
                                Result.auth_user.UserName  = userInfo.UserName;
                                Result.auth_user.NickName  = userInfo.NickName;
                                Result.auth_user.RealName  = userInfo.RealName;
                            }
                        }
                        else
                        {
                            Result.auth_user = null;
                        }

                        #endregion

                        #region 验证模块权限
                        ModuleInfo moduleInfo = rightBll.GetModuleInfo(requestUrl, actionValue);
                        if (moduleInfo != null)
                        {
                            Result.auth_module = new ModuleResult();

                            Result.auth_module.ModuleId   = moduleInfo.ModuleId;
                            Result.auth_module.PermType   = moduleInfo.PermType;
                            Result.auth_module.ModuleName = moduleInfo.ModuleName;
                            Result.auth_module.ModulePath = moduleInfo.ModulePath;
                            if (Result.auth_user == null && Result.auth_module.PermType == 3)
                            {
                                // 3=无需授权
                                Result.auth_module.Rights = 511;
                            }
                            else if (Result.auth_user == null)
                            {
                                Result.auth_module.Rights = 0;
                            }
                            else if (Result.auth_module.PermType == 2)
                            {
                                // 2=登录授权
                                Result.auth_module.Rights = 511;
                            }
                            else
                            {
                                // 权限信息
                                Dictionary <int, int> dicUserRights = rightBll.GetUserRights(Result.auth_user.UserId);
                                if (dicUserRights != null && dicUserRights.ContainsKey(Result.auth_module.ModuleId))
                                {
                                    // 验证成功
                                    Result.auth_module.Rights = dicUserRights[Result.auth_module.ModuleId];
                                }
                                else
                                {
                                    Result.auth_module = null;
                                }
                            }
                        }
                        else
                        {
                            Result.auth_module = null;
                        }
                        #endregion

                        if (Result.auth_module == null || Result.auth_module.Rights <= 0)
                        {
                            Result.code = 2;
                            Result.msg  = "当前用户没有该模块的访问权限";
                        }
                        else
                        {
                            Result.code = 0;
                            Result.msg  = "授权成功";
                        }
                    }
                    return(nwbase_utils.JsonSerializer.Serialize <AuthResult>(Result));
                }
                catch (Exception ex)
                {
                    Result.code = 1;
                    Result.msg  = "服务器异常,请稍后重试";
                    nwbase_utils.TextLog.Error("error", "Auth Exception", ex);
                }
                return(string.Empty);
            }
        }
Example #2
0
        public override string Deal(Dictionary <string, string> param)
        {
            GetUserResult Result = new GetUserResult();

            if (!param.ContainsKey("user_name") ||
                !param.ContainsKey("password"))
            {
                return("{\"code\":1,\"msg\":\"wrong_params\"}");
            }
            else
            {
                try
                {
                    var userName = param["user_name"];
                    var userPwd  = param["password"];

                    //0=成功,-1=密码错误,-2=账号不存在,-3=账号状态异常
                    int res = (new RightBll()).AuthUser(userName, userPwd);
                    #region 封装结果
                    Result.code = Math.Abs(res);
                    if (Result.code == 0)
                    {
                        UserInfo userInfo = new RightBll().GetUserInfo(0, userName);
                        if (userInfo == null)
                        {
                            Result.code = 4;
                            Result.msg  = "用户信息获取失败";
                        }
                        else
                        {
                            Result.msg                 = "获取成功";
                            Result.auth_user           = new UserModelResult();
                            Result.auth_user.UserId    = userInfo.UserId;
                            Result.auth_user.TeamType  = userInfo.TeamType;
                            Result.auth_user.TeamRefId = userInfo.TeamRefId;
                            Result.auth_user.TeamFlag  = userInfo.TeamFlag;
                            Result.auth_user.TeamName  = userInfo.TeamName;
                            Result.auth_user.UserName  = userInfo.UserName;
                            Result.auth_user.NickName  = userInfo.NickName;
                            Result.auth_user.RealName  = userInfo.RealName;
                        }
                    }
                    else
                    {
                        Result.msg = "验证失败,";
                        switch (Result.code)
                        {
                        case 1:
                            Result.msg += "密码错误";
                            break;

                        case 2:
                            Result.msg += "账号不存在";
                            break;

                        case 3:
                            Result.msg += "账号无效";
                            break;
                        }
                    }
                    #endregion
                }
                catch (Exception ex)
                {
                    Result.code = 1;
                    Result.msg  = "服务器异常,请稍后重试";
                    nwbase_utils.TextLog.Error("error", "GetUser Exception", ex);
                }
                return(nwbase_utils.JsonSerializer.Serialize <GetUserResult>(Result));
            }
        }