public JsonResult CutAvatar(CutAvatarParams cutParams) { JsonResult jsonRst = new JsonResult { JsonRequestBehavior = JsonRequestBehavior.AllowGet }; if (cutParams == null) { jsonRst.Data = new { code = OperationResultType.ParamError, message = "图片裁剪参数不能为空" }; return(jsonRst); } if (string.IsNullOrEmpty(cutParams.imgSrcFilePath)) { jsonRst.Data = new { code = OperationResultType.ParamError, message = "源图文件路径不能为空" }; return(jsonRst); } cutParams.imgSrcFileRealPath = Server.MapPath(cutParams.imgSrcFilePath); cutParams.imgAvatarFilePath = cutParams.imgSrcFilePath.Replace("src", "avatar"); cutParams.imgAvatarRealPath = cutParams.imgSrcFileRealPath.Replace("src", "avatar"); try { int usrId = (int)Session.GetUserId(); var optRst = _usrDetailSrv.UpdateAvatar(cutParams, usrId); if (optRst.ResultType != OperationResultType.Success) { jsonRst.Data = new { code = optRst.ResultType, message = optRst.Message }; return(jsonRst); } //更新session var usrDetail = Session.GetUserDetail(); if (usrDetail == null) { optRst = _usrDetailSrv.Find(u => u.Id == usrId); if (optRst.ResultType == OperationResultType.Success) { var lst = (List <UserDetails>)optRst.AppendData; if (lst != null && lst.Count > 0) { usrDetail = lst[0]; } } } if (usrDetail != null) { usrDetail.SrcImage = cutParams.imgSrcFilePath; usrDetail.AvatarImage = cutParams.imgAvatarFilePath; Session.SetUserDetail(usrDetail); } jsonRst.Data = new { code = OperationResultType.Success, message = "头像修改成功" }; } catch (Exception ex) { jsonRst.Data = new { code = OperationResultType.Error, message = ex.Message }; } return(jsonRst); }
[ValidateAntiForgeryToken]//防止xss攻击 public ActionResult Login(LoginViewModel loginVM) { if (!ModelState.IsValid) { return(View(loginVM)); } //_logHelper.LogInfo(string.Format("session-mode:{0},session-timeout:{1}", Session.Mode.ToString(), Session.Timeout)); try { if (string.IsNullOrEmpty(loginVM.VerifyCode) || !string.Equals(loginVM.VerifyCode, Session.Get <string>(KEY_Session_VerifyCode_Login))) { ModelState.AddModelError("", "验证码不正确"); return(View(loginVM)); } var result = _usrSrv.FindByUserName(loginVM.UserName); if (result.ResultType != OperationResultType.Success) { ModelState.AddModelError("", "登录失败," + result.Message); return(View(loginVM)); } var usr = (User)result.AppendData; if (usr == null) { ModelState.AddModelError("", "用户名不存在"); return(View(loginVM)); } if (EncryptionHelper.GetMd5Hash(loginVM.Password) != usr.Password) { ModelState.AddModelError("", "密码不正确"); return(View(loginVM)); } if (!usr.Enabled) { ModelState.AddModelError("", "用户未激活"); return(View(loginVM)); } //设置当前用户 RBACContext.CurrentUser = usr; //登录成功 登记session HttpContext.Session.SetUser(usr); //获取用户详细信息 result = _usrDetailSrv.Find(u => u.Id == usr.Id); if (result.ResultType == OperationResultType.Success) { var usrDetails = (List <UserDetails>)result.AppendData; if (usrDetails != null && usrDetails.Count > 0) { Session.SetUserDetail(usrDetails[0]); } } //角色id result = _usrRoleSrv.Find(r => r.UserId == usr.Id); if (result.ResultType != OperationResultType.Success) { ModelState.AddModelError("", "登录成功,但获取用户角色失败," + result.Message); return(View(loginVM)); } var roleIds = (result.AppendData as List <UserRoleRelation>).Select(r => r.RoleId).ToArray(); HttpContext.Session.SetRoleIds(roleIds); //角色名称 result = _roleSrv.Find(r => roleIds.Contains(r.Id)); if (result.ResultType != OperationResultType.Success) { ModelState.AddModelError("", "登录成功,但获取用户角色信息失败," + result.Message); return(View(loginVM)); } var roles = result.AppendData as List <Role>; HttpContext.Session.SetRoleText((roles != null && roles.Count > 0) ? string.Join(",", roles.Select(r => r.RoleName).ToArray()) : ""); //重定向 if (string.IsNullOrEmpty(loginVM.ReturnUrl)) { return(RedirectToHome()); } else { return(base.Redirect(loginVM.ReturnUrl)); } } catch (Exception ex) { ModelState.AddModelError("", "登录失败,请参考:" + ex.GetDeepestException().Message); return(View(loginVM)); } }