private static bool IsValidUser(
ClientSignData clientSign, ISignableData data, bool isLoginAction,
out ResponseBase response, out UserData user)
{
user = null;
if (!AppRoot.UserSet.IsReadied)
{
string message = "服务器用户集启动中,请稍后";
response = ResponseBase.NotExist(message);
return(false);
}
if (!Timestamp.IsInTime(clientSign.Timestamp))
{
response = ResponseBase.Expired();
return(false);
}
if (!string.IsNullOrEmpty(clientSign.LoginName))
{
user = AppRoot.UserSet.GetUser(clientSign.UserId);
}
if (user == null)
{
string message = "用户不存在";
response = ResponseBase.NotExist(message);
return(false);
}
if (isLoginAction)
{
if (!AppRoot.UserSet.CheckLoginTimes(clientSign.LoginName))
{
response = ResponseBase.Forbidden("对不起,您的尝试太过频繁");
return(false);
}
}
string mySign = HashUtil.CalcSign(user.LoginName, user.Password, clientSign.Timestamp, data);
if (clientSign.Sign != mySign)
{
string message = "签名错误:1. 可能因为登录名或密码错误;2. 可能因为软件版本过期需要升级软件。";
response = ResponseBase.Forbidden(message);
return(false);
}
response = null;
return(true);
}