// POST api/login
public Object Post(LoginApiModel obj)
{
string msg;
try
{
if (string.IsNullOrEmpty(obj.UserIdOrMobile))
{
msg = XiaoluResources.MSG_LOGIN_FAIL + string.Format(XiaoluResources.STR_FAIL_RESAON, XiaoluResources.MSG_MOBILE_OR_USERID_IS_NULL);
return(new { IsSuccess = false, Message = msg });
}
if (string.IsNullOrEmpty(obj.Password) || obj.Password.Trim().Length < 6)
{
msg = XiaoluResources.MSG_LOGIN_FAIL + string.Format(XiaoluResources.STR_FAIL_RESAON, XiaoluResources.MSG_PASSWORD_IS_NOT_VALID);
return(new { IsSuccess = false, Message = msg });
}
User userInDb = BusinessService.GetUserByName(obj.UserIdOrMobile);
User userInDb2 = BusinessService.GetUserByMobile(obj.UserIdOrMobile);
if (userInDb == null && userInDb2 == null)
{
msg = XiaoluResources.MSG_LOGIN_FAIL + string.Format(XiaoluResources.STR_FAIL_RESAON, XiaoluResources.MSG_CANNOT_FIND_USER);
return(new { IsSuccess = false, Message = msg });
}
User findedUser = (userInDb == null) ? userInDb2 : userInDb;
string md5Pwd = FormsAuthentication.HashPasswordForStoringInConfigFile(obj.Password, "MD5");
//验证密码
if (!string.Equals(md5Pwd, findedUser.Password))
{
findedUser.LastFailLoginTime = DateTime.Now;
if (findedUser.ErrLoginTimes == null)
{
findedUser.ErrLoginTimes = 0;
}
findedUser.ErrLoginTimes++;
BusinessService.UpdateUser(findedUser);
msg = XiaoluResources.MSG_LOGIN_FAIL + string.Format(XiaoluResources.STR_FAIL_RESAON, XiaoluResources.MSG_PASSWORD_IS_IN_CORRECT);
return(new { IsSuccess = false, Message = msg });
}
//密码验证通过,则登录成功
//写历史记录
msg = XiaoluResources.MSG_LOGIN_SUCCESS;
History his = new History()
{
UserId = findedUser.Name,
CreationDate = DateTime.Now,
Content = msg
};
BusinessService.CreateHistory(his);
string accessToken4User;
UserAccessToken uatInDb = BusinessService.GetAccessTokenByUserId(findedUser.Name);
if (uatInDb != null && uatInDb.ExpireDate > DateTime.Now)
{
accessToken4User = uatInDb.AccessToken;
return(new { IsSuccess = true, Message = msg, AccessToken = accessToken4User });
}
if (uatInDb != null)
{
BusinessService.DeleteUserAccessToken(uatInDb);
}
accessToken4User = Guid.NewGuid().ToString();
UserAccessToken uat = new UserAccessToken()
{
UserId = findedUser.Name,
AccessToken = accessToken4User,
WeixinId = findedUser.WeixinId,
ExpireDate = DateTime.Now.AddSeconds(ACCESS_TOKEN_DURATION_IN_SECONDS)
};
BusinessService.CreateUserAccessToken(uat);
AccessTokenUserPool.AddAccessTokenUserId(accessToken4User, findedUser.Name);
return(new { IsSuccess = true, Message = msg, AccessToken = accessToken4User });
}
catch (Exception e)
{
msg = XiaoluResources.MSG_LOGIN_FAIL + string.Format(XiaoluResources.STR_FAIL_RESAON, ExceptionHelper.GetInnerExceptionInfo(e));
return(new { IsSuccess = false, Message = msg });
}
}
