Exemple #1
0
        public bool ChangeUserPassword(string username, string oldPassword, string newPassword, string domain)
        {
            var success = false;

            var config             = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
            var localAdminUser     = ((AppSettingsSection)config.GetSection("localAdmin")).Settings["LocalAdminUser"].Value;
            var localAdminPassword = ((AppSettingsSection)config.GetSection("localAdmin")).Settings["localAdminPassword"].Value;

            if (username.Equals(localAdminUser))
            {
                if (!localAdminPassword.Equals("admin"))
                {
                    localAdminPassword = CryptoHelper.AES_Decrypt(localAdminPassword, localAdminUser);
                }
                if (oldPassword.Equals(localAdminPassword))
                {
                    ((AppSettingsSection)config.GetSection("localAdmin")).Settings["localAdminPassword"].Value = CryptoHelper.AES_Encrypt(newPassword, localAdminUser);
                    config.Save(ConfigurationSaveMode.Modified);
                    ConfigurationManager.RefreshSection("localAdmin");
                    success = true;
                }
            }

            return(success);
        }
Exemple #2
0
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var controller = filterContext.Controller as BaseController;


            var    controllerName = filterContext.RouteData.Values["Controller"].ToString();
            string requestUrl     = filterContext.HttpContext.Request.Url.ToString();

            var obj = filterContext.RequestContext.HttpContext.Session[Params.UserCookieName];

            if (obj == null)
            {
                RedirectResult redirectResult = new RedirectResult("/Accout/Login?redirecturl=" + requestUrl);
                filterContext.Result = redirectResult;
            }
            else
            {
                var user = (CryptoHelper.AES_Decrypt(obj.ToString(), Params.SecretKey)).DeserializeJson <User>();
                if (user == null)
                {
                    RedirectResult redirectResult = new RedirectResult("/Accout/Login?redirecturl=" + requestUrl);
                    filterContext.Result = redirectResult;
                }
                else
                {
                    var url = filterContext.HttpContext.Request.RawUrl;
                    if (!user.IsAdmin)
                    {
                        if (!url.Equals("/home/index", StringComparison.CurrentCultureIgnoreCase) && !url.Equals("/", StringComparison.CurrentCultureIgnoreCase))
                        {
                            if (!new WebService(new WebClient(filterContext.HttpContext)).IsHavePage(url))
                            {
                                filterContext.Result = new RedirectResult("/Home/Index");
                            }
                        }
                    }
                    if (user.OperateFlag.HasValue && user.OperateFlag.Value != -1)
                    {
                        var operateFlag = user.OperateFlag.Value;
                        if (!new WebService(new WebClient(filterContext.HttpContext)).IsHaveAuthority(operateFlag, url))
                        {
                            var result = new WebResult <bool> {
                                Code = ErrorCode.sys_user_role_error, Result = false
                            };

                            JsonResult jsonResult = new JsonResult();
                            jsonResult.Data = result;
                            jsonResult.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
                            filterContext.Result           = jsonResult;
                        }
                    }
                }
            }
        }
Exemple #3
0
        public void TestRunner(string text, string password, byte[] salt)
        {
            var encrypted = CryptoHelper.AES_Encrypt(text, password, salt);

            System.Console.WriteLine(encrypted);

            var decrypted = CryptoHelper.AES_Decrypt(encrypted, password, salt);

            System.Console.WriteLine(decrypted);
            Assert.AreEqual(text, decrypted, "Decrypted text did not match original text.");
        }
Exemple #4
0
        /// <summary>
        /// 获取当前用户
        /// </summary>
        /// <returns></returns>
        public static User GetCurrentUser()
        {
            HttpCookie cookie = HttpContext.Current.Request.Cookies[Params.UserCookieName];

            if (cookie == null)
            {
                return(null);
            }
            User user = (CryptoHelper.AES_Decrypt(cookie.Value, Params.SecretKey)).DeserializeJson <User>();

            return(user);
        }
Exemple #5
0
        /// <summary>
        /// 获取当前用户
        /// </summary>
        /// <returns></returns>
        public static Person GetCurrentPeople()
        {
            HttpCookie cookie = HttpContext.Current.Request.Cookies[Params.PeopleCookieName];

            if (cookie == null)
            {
                return(null);
            }
            string value = CryptoHelper.AES_Decrypt(cookie.Value, Params.SecretKey);

            return(value.DeserializeJson <Person>());
        }
Exemple #6
0
        public EnterpriseConnectionDetails GetSessionConnectionDetails(string sessionID, long hostID, string sessionKey)
        {
            using (var db = new MyrtilleEnterpriseDBContext())
            {
                var sessionInfo = db.Session
                                  .Where(m => m.SessionID == sessionID && m.Expire > DateTime.Now)
                                  .Select(m => new
                {
                    SessionID = m.SessionID,
                    OneTime   = m.OneTime,
                    IsAdmin   = m.IsAdmin
                })
                                  .FirstOrDefault();

                EnterpriseConnectionDetails result = null;
                if (sessionInfo != null)
                {
                    if (sessionInfo.OneTime)
                    {
                        result = (from s in db.Session
                                  from h in db.Host
                                  where s.SessionID == sessionID &&
                                  h.ID == hostID &&
                                  s.Expire > DateTime.Now
                                  select new EnterpriseConnectionDetails
                        {
                            HostID = h.ID
                            ,
                            HostName = h.HostName
                            ,
                            HostAddress = h.HostAddress
                            ,
                            VMGuid = h.VMGuid
                            ,
                            VMEnhancedMode = h.VMEnhancedMode
                            ,
                            HostType = h.HostType
                            ,
                            Domain = s.Domain
                            ,
                            Username = s.Username
                            ,
                            Password = s.Password
                            ,
                            Protocol = h.Protocol
                            ,
                            StartRemoteProgram = h.StartRemoteProgram
                        })
                                 .FirstOrDefault();
                    }
                    else
                    {
                        if (sessionInfo.IsAdmin)
                        {
                            result = (from s in db.Session
                                      from h in db.Host
                                      join sc in db.SessionHostCredentials on new { x1 = s.ID, x2 = h.ID } equals new { x1 = sc.SessionID, x2 = sc.HostID } into scl
                                      from sc in scl.DefaultIfEmpty()
                                      where s.SessionID == sessionID &&
                                      h.ID == hostID &&
                                      s.Expire > DateTime.Now
                                      select new EnterpriseConnectionDetails
                            {
                                HostID = h.ID
                                ,
                                HostName = h.HostName
                                ,
                                HostAddress = h.HostAddress
                                ,
                                VMGuid = h.VMGuid
                                ,
                                VMEnhancedMode = h.VMEnhancedMode
                                ,
                                HostType = h.HostType
                                ,
                                Domain = (h.PromptForCredentials ? sc.Domain : s.Domain)
                                ,
                                Username = (h.PromptForCredentials ? sc.Username : s.Username)
                                ,
                                Password = (h.PromptForCredentials ? sc.Password : s.Password)
                                ,
                                Protocol = h.Protocol
                                ,
                                StartRemoteProgram = h.StartRemoteProgram
                            })
                                     .FirstOrDefault();
                        }
                        else
                        {
                            result = (from s in db.Session
                                      join sg in db.SessionGroup on s.ID equals sg.SessionID
                                      join hag in db.HostAccessGroups on sg.DirectoryGroup equals hag.AccessGroup
                                      join h in db.Host on hag.HostID equals h.ID
                                      join sc in db.SessionHostCredentials on new { x1 = s.ID, x2 = h.ID } equals new { x1 = sc.SessionID, x2 = sc.HostID } into scl
                                      from sc in scl.DefaultIfEmpty()
                                      where s.SessionID == sessionID &&
                                      h.ID == hostID &&
                                      s.Expire > DateTime.Now
                                      select new EnterpriseConnectionDetails
                            {
                                HostID = h.ID
                                ,
                                HostName = h.HostName
                                ,
                                HostAddress = h.HostAddress
                                ,
                                VMGuid = h.VMGuid
                                ,
                                VMEnhancedMode = h.VMEnhancedMode
                                ,
                                HostType = h.HostType
                                ,
                                Domain = (h.PromptForCredentials ? sc.Domain : s.Domain)
                                ,
                                Username = (h.PromptForCredentials ? sc.Username : s.Username)
                                ,
                                Password = (h.PromptForCredentials ? sc.Password : s.Password)
                                ,
                                Protocol = h.Protocol
                                ,
                                StartRemoteProgram = h.StartRemoteProgram
                            })
                                     .FirstOrDefault();
                        }
                    }

                    if (result != null)
                    {
                        result.Password = CryptoHelper.AES_Decrypt(result.Password, sessionKey);
                    }

                    // when connected from the login page, the session logout is based on expiration or user action
                    // when connected from a one time url, the logout is done immediately
                    if (sessionInfo.OneTime)
                    {
                        Logout(sessionID);
                    }
                }

                return(result);
            }
        }
Exemple #7
0
        public EnterpriseSession Authenticate(string username, string password, string adminGroup, string domain, string netbiosDomain)
        {
            EnterpriseSession enterpriseSession = null;

            try
            {
                var config             = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
                var localAdminUser     = ((AppSettingsSection)config.GetSection("localAdmin")).Settings["LocalAdminUser"].Value;
                var localAdminPassword = ((AppSettingsSection)config.GetSection("localAdmin")).Settings["localAdminPassword"].Value;
                if (!username.Equals(localAdminUser))
                {
                    enterpriseSession = new EnterpriseSession
                    {
                        AuthenticationErrorCode = EnterpriseAuthenticationErrorCode.USER_NOT_FOUND
                    };
                }
                else
                {
                    if (!localAdminPassword.Equals("admin"))
                    {
                        localAdminPassword = CryptoHelper.AES_Decrypt(localAdminPassword, localAdminUser);
                    }
                    if (!password.Equals(localAdminPassword))
                    {
                        enterpriseSession = new EnterpriseSession
                        {
                            AuthenticationErrorCode = EnterpriseAuthenticationErrorCode.INVALID_LOGIN_CREDENTIALS
                        };
                    }
                    else
                    {
                        if (password.Equals("admin"))
                        {
                            enterpriseSession = new EnterpriseSession
                            {
                                AuthenticationErrorCode = EnterpriseAuthenticationErrorCode.PASSWORD_EXPIRED
                            };
                        }
                        else
                        {
                            using (var db = new MyrtilleEnterpriseDBContext())
                            {
                                var session = db.Session.FirstOrDefault(m => m.Username == username);
                                if (session != null)
                                {
                                    db.Session.Remove(session);
                                    db.SaveChanges();
                                }

                                string sessionID  = Guid.NewGuid().ToString();
                                string sessionKey = Guid.NewGuid().ToString("n");

                                session = new Session
                                {
                                    Domain    = netbiosDomain,
                                    Username  = username,
                                    Password  = CryptoHelper.AES_Encrypt(CryptoHelper.RDP_Encrypt(password), sessionKey),
                                    SessionID = sessionID,
                                    IsAdmin   = true
                                };

                                db.Session.Add(session);
                                db.SaveChanges();

                                enterpriseSession = new EnterpriseSession
                                {
                                    Domain              = netbiosDomain,
                                    UserName            = username,
                                    SessionID           = sessionID,
                                    SessionKey          = sessionKey,
                                    IsAdmin             = true,
                                    SingleUseConnection = false
                                };
                            }
                        }
                    }
                }
            }
            catch (Exception)
            {
                enterpriseSession = new EnterpriseSession
                {
                    AuthenticationErrorCode = EnterpriseAuthenticationErrorCode.UNKNOWN_ERROR
                };
            }

            return(enterpriseSession);
        }