public ActionResult Login(string username, string password, string shop, string returnUrl) { try { var user = UserExtension.Instance.GetUserInfo(username, shop) as App.Framework.Security.User; if (user != null) SecurityPortal.ValidateUser(username,user.UserDescription, password, shop, UserExtension.Instance); else throw new SecurityExceptionToUser("用户不存在"); //BusinessPortal.Execute(new SaveAudit() // { // ACTION_TYPE = AcionType.LOGIN.ToString(), // SHOP_CODE = shop, // USER_ID = UserExtension.Instance.GetUserInfo(username, shop).UserIdentity.AsInt() // }); GetUserByUserName u = new GetUserByUserName() { UserName = username }; GetUserLoginIp loginIP = new GetUserLoginIp() { USER_ID = user.UserId }; BusinessPortal.Execute(loginIP); var enableFlag = "false";//System.Configuration.ConfigurationManager.AppSettings["EnableUserLoginLock"]; if (enableFlag.Equals("true", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrEmpty(loginIP.LOGIN_IP) && loginIP.LOGIN_IP != Request.UserHostAddress) { FormsAuthentication.SignOut(); throw new SecurityExceptionToUser(string.Format(CSC.Resources.Account.UserLoginedIPFormat, loginIP.LOGIN_IP)); } UserIP userIp = new UserIP() { USER_ID = user.UserId, IP = Request.UserHostAddress }; System.Text.RegularExpressions.Regex reg = new System.Text.RegularExpressions.Regex(@"(\d{1,3}.){3}\d{1,3}"); if (reg.IsMatch(userIp.IP)) BusinessPortal.Execute(userIp); //Initial logon password change if (SecurityPortal.InitialLogonChangePassword) { if (UserExtension.Instance.CheckInitialLogin(user.UserId)) { var rolteValues = App.Framework.Web.Pager.Util.GetRouteValueDictionary(HttpContext, null); return RedirectToAction("InitialPwdChange", rolteValues); } } if (string.IsNullOrEmpty(shop)) { var rolteValues = App.Framework.Web.Pager.Util.GetRouteValueDictionary(HttpContext, null); return RedirectToAction("LogInToShop", rolteValues); } if (string.IsNullOrEmpty(returnUrl)) return Redirect("~/"); return Redirect(returnUrl); } catch (SecurityExceptionToUser ex) { ModelState.AddModelError("err", ex.Message); } return Login(); }
public ActionResult SignOut(string returnUrl) { if (string.IsNullOrEmpty(returnUrl) == true) returnUrl = "~/Account/Login"; //取消身份验证 FormsAuthentication.SignOut(); UserIP uIp = new UserIP() { USER_ID = App.Framework.Security.User.Current.UserId, IP = null }; BusinessPortal.Execute(uIp); Session.Abandon(); Session.Clear(); //清除用户权限缓存 PermissionsProviderFactory.ProvidePermissions.ClearUserIdentity(HttpContext.User.Identity.Name); return Redirect(returnUrl); }