/// <summary> /// 验证登陆错误次数.是否锁定 /// </summary> /// <param name="datatime">当前时间</param> /// <param name="MinutesCount">多少分钟内</param> /// <param name="Number">错误次数</param> /// <param name="adminName">管理员登陆名</param> /// <returns></returns> public bool LoginErrorLock(string adminName, int MinutesCount, int Number) { string IP = EKRequest.GetIP(); DateTime time_now = DateTime.Now; DateTime time_newdete = time_now.AddMinutes(-MinutesCount); return(DBSession.MS_LoginDal.GetCount(p => p.F_IP == IP && p.F_Time >= time_newdete && p.F_Time <= time_now && p.F_AdminName == adminName) > Number);// _BLLLoginBase.GetCount(p => p.F_IP == IP && p.F_Time >= time_newdete && p.F_Time <= time_now && p.F_AdminName == adminName) > Number; }
/// <summary> /// 登陆错误插入数据 /// </summary> public void LoginAddError(string adminName) { MS_Login login = new MS_Login(); login.F_AdminName = adminName; login.F_IP = EKRequest.GetIP(); login.F_Time = DateTime.Now; DBSession.MS_LoginDal.Add(login); }
/// <summary> /// 添加前台用户日志. /// </summary> /// <param name="level">日志等级</param> /// <param name="message">信息说明</param> public void AddLogUser(LogLevel level, string message) { MS_Log m_log = new MS_Log(); m_log.F_Type = "user"; m_log.F_AddTime = DateTime.Now; m_log.F_AdminID = MS_AdminBLL.AdminID; m_log.F_Exception = ""; m_log.F_Level = level.ToString(); m_log.F_Message = message; m_log.F_Source = EKRequest.GetUrl(); m_log.F_Thread = "1"; m_log.F_IP = EKRequest.GetIP(); Add(m_log); }
/// <summary> /// 登录成功 /// </summary> /// <param name="user"></param> public void LoginSuccess(MS_Admin admin) { //更新信息 admin.F_LastLoginTime = admin.F_ThisLoginTime; admin.F_LastLoginIP = admin.F_ThisLoginIP; admin.F_ThisLoginTime = DateTime.Now; admin.F_ThisLoginIP = EKRequest.GetIP(); admin.F_LoginCount += 1; Update(admin); //票证 FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, MS_ConfigBLL.AdminPath, DateTime.Now, DateTime.Now.Add(FormsAuthentication.Timeout), true, admin.Kid.ToString(), FormsAuthentication.FormsCookiePath); string hashTicket = FormsAuthentication.Encrypt(ticket); //写cookie HttpCookie adminCookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashTicket); adminCookie.HttpOnly = true; adminCookie.Expires = DateTime.Now.Add(FormsAuthentication.Timeout);//分单位 adminCookie.Domain = FormsAuthentication.CookieDomain; adminCookie.Path = FormsAuthentication.FormsCookiePath; HttpContext.Current.Response.Cookies.Add(adminCookie); System.Web.HttpContext.Current.Response.Redirect(FormsAuthentication.DefaultUrl); //string userRoles = UserToRole(user); //调用UserToRole方法来获取role字符串 //FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, user, DateTime.Now, DateTime.Now.AddMinutes(30), false, userRoles, "/");//建立身份验证票对象 //string HashTicket = FormsAuthentication.Encrypt(Ticket); //加密序列化验证票为字符串 //HttpCookie UserCookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashTicket); ////生成Cookie //Context.Response.Cookies.Add(UserCookie); //输出Cookie //Context.Response.Redirect(Context.Request["ReturnUrl"]); // 重定向到用户申请的初始页面 }
/// <summary> /// 登录 /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void btnSubmit_Click(object sender, EventArgs e) { string adminName = tbxUserName.Text.Trim(); string password = tbxPassword.Text.Trim(); MS_LoginBLL BLLLogin = new MS_LoginBLL(); //为空 if (adminName == "") { Alert.Show("请输入用户名!"); return; } if (password == "") { Alert.Show("请输入密码!"); return; } //长度 if (adminName.Length > 50) { Alert.Show("用户名过长!"); return; } if (password.Length > 50) { Alert.Show("密码过长!"); return; } if (BLLLogin.LoginErrorLock(adminName, 3, 3)) { Alert.Show("登录失败:登陆错误次数超过三次,请过5分钟重新登陆"); return; } //MS_AdminBLL BLLAdmin = new MS_AdminBLL(); MS_Admin m_admin = new MS_AdminBLL().Get(adminName); if (m_admin != null && m_admin.F_LoginName == adminName) { if (EKPasswordUtil.ComparePasswords(m_admin.F_Password, password)) { if (!m_admin.F_Enabled) { logger.Error("用户: " + m_admin.F_LoginName + " 未启用,请联系管理员!"); Alert.Show("用户未启用,请联系管理员!"); return; } else { //登录成功 logger.Info(String.Format("登录成功:用户“{0}”,登录IP:" + EKRequest.GetIP() + "", m_admin.F_LoginName)); new MS_AdminBLL().LoginSuccess(m_admin); return; } } else { BLLLogin.LoginAddError(adminName); logger.Warn(String.Format("登录失败:用户“{0}”密码错误", adminName)); Alert.Show("用户名或密码错误!"); return; } } else { BLLLogin.LoginAddError(adminName); logger.Warn(String.Format("登录失败:用户“{0}”不存在", adminName)); Alert.ShowInTop("用户名或密码错误!"); } }