/// <summary>
/// 检测用户是否为超管用户
/// </summary>
/// <returns></returns>
public bool CheckUserIsSystemAdminFromHttpContext()
{
LoginSystemAdminResultViewModel sysAdminUserDtoModel = null;
try
{
//从当前上下文先检索认证的用户信息
if (ApplicationContext.Current.IsSystemAdmin == true)
{
return(true);
}
//逆向 支持从 cookie 读取
string ticket = string.Empty;
//1 尝试从Cookie读取
if (ApplicationContext.HttpContext.Current.Request.Cookies.ContainsKey(Contanst.Login_Cookie_SystemAdminUserInfo) &&
ApplicationContext.HttpContext.Current.GetCookie(Contanst.Login_Cookie_SystemAdminUserInfo).IsNotEmpty())
{
ticket = ApplicationContext.HttpContext.Current.GetCookie(Contanst.Login_Cookie_SystemAdminUserInfo);
}
if (ticket.IsNullOrEmpty())
{
return(false);
}
sysAdminUserDtoModel = ticket.FromJsonToObject <LoginSystemAdminResultViewModel>();
if (null != sysAdminUserDtoModel)
{
#region 验证基础签名
string deSign = string.Empty;
try
{
deSign = DESEncrypt.Decrypt(sysAdminUserDtoModel.Sign);
}
catch
{ }
if (deSign.IsNullOrEmpty())
{
return(false);
}
string[] arrSign = deSign.Split('|');
long timeSnamp = arrSign[0].ToLong();
int step = arrSign[1].ToInt();
//时间戳之间的间隔不能过长-不可超过8小时
if ((DateTime.Now.ToTimeStampMilliseconds() - timeSnamp) / 1000 > 60 * 60 * 8)
{
return(false);
}
#endregion
ApplicationContext.Current.IsSystemAdmin = sysAdminUserDtoModel.IsSuccess;
}
return(ApplicationContext.Current.IsSystemAdmin);
}
catch (Exception ex)
{
throw ex;
}
}
public BusinessViewModelContainer <bool> LoginCheckDyCode(PasswordLoginViewModel model)
{
BusinessViewModelContainer <bool> viewModel = new BusinessViewModelContainer <bool>();
try
{
if (model.CheckCode.IsNullOrEmpty())
{
return(viewModel);
}
if (model.Sign.IsNullOrEmpty())
{
viewModel.SetFalied("签名不能为空!");
return(viewModel);
}
string deSign = string.Empty;
try
{
deSign = DESEncrypt.Decrypt(model.Sign);
}
catch
{ }
if (deSign.IsNullOrEmpty())
{
viewModel.SetFalied("签名错误!");
return(viewModel);
}
string[] arrSign = deSign.Split('|');
long timeSnamp = arrSign[0].ToLong();
int step = arrSign[1].ToInt();
//时间戳之间的间隔不能过长-不可超过5分钟
if ((DateTime.Now.ToTimeStampMilliseconds() - timeSnamp) / 1000 > 5 * 60)
{
viewModel.SetFalied("登录超时!请重新输入用户名密码!");
return(viewModel);
}
if (step != 2 || arrSign.Length < 4)
{
viewModel.SetFalied("登录必须输入密码!请重新输入用户名密码!");
return(viewModel);
}
string uName = arrSign[2];
string pwd = arrSign[3];
if (string.IsNullOrEmpty(uName) || string.IsNullOrEmpty(pwd))
{
viewModel.SetFalied("登录必须输入密码!请重新输入用户名密码!");
return(viewModel);
}
var sysUser = Singleton <SysAdminService> .Instance
.GetSysAdminFirstOrDefaultByCondition(x => x.Uname == uName &&
x.Upassword == pwd && x.State == true);
if (null == sysUser)
{
viewModel.SetFalied("未知用户!");
return(viewModel);
}
if (string.IsNullOrEmpty(sysUser.PublicKey))
{
viewModel.SetFalied("用户密钥已经失效!请联系管理员!");
return(viewModel);
}
//进行谷歌身份验证,如果验证通过,那么写入系统用户Cookie
//写入凭证
//todo:进行谷歌二阶验证
var tfaProvider = new TwoFactorAuth();
bool validateResult = false;
try
{
validateResult = tfaProvider.VerifyCode(sysUser.PublicKey, model.CheckCode);
}
catch
{ }
if (true == validateResult)
{
//验证通过
//1 记录登录日志:
var logModel = new SysLogModel
{
Level = 1,
SysUserId = sysUser.Id,
//LogType = (int)SysLogTypeEnum.Login,
LogContent = $"超管账号:{sysUser.Uname} , 登录系统!",
CreateTime = DateTime.Now,
IpAddress = base.IpAddress
};
Singleton <SysLogService> .Instance.AddOneSysLogModel(logModel);
//2 客户端授权并进入后台页面
viewModel.Msg = "成功登录!";
viewModel.Data = true;
var sysUserLoginModel = new LoginSystemAdminResultViewModel
{
AdminUserId = sysUser.Id,
IsSuccess = true,
Step = 3,
Sign = model.Sign//自定义签名
};
string authJson = sysUserLoginModel.ToJson();
//写入用户基本信息Cookie
HttpContext.SetCookie(Contanst.Global_Site_Domain_Cookie, Contanst.Login_Cookie_SystemAdminUserInfo, authJson);
}
else
{
viewModel.SetFalied("口令已经过期,请重新输入!");
}
}
catch (Exception ex)
{
viewModel.SetFalied("验证失败!");
Logger.Error(ex);
}
return(viewModel);
}
