private void BtnLogonClick(object sender, EventArgs e)
{
//登录
string userCode = txt_User.Text.Trim().Replace("'","");
string userPassword = txt_Pwd.Text.Trim().Replace("'", "");
var userManage = new ManageUser { Dal = Dal };
//string userID = userManage.Logon(userCode, userPassword);
if (Dal.DalUser.ErrorMessage.Length > 0)
{
Functions.PageRegisterAlert(Page, "访问数据库出现异常!");
return;
}
//if (userID == null)
//{
// Functions.PageRegisterAlert(Page, "用户名与密码不匹配,请重新输入!");
// return;
//}
//把项目ID写入cookies
var ck = new HttpCookie("DataBaseID") {Value = lstProject.SelectedValue};
Response.Cookies.Add(ck);
//可以进入
//Response.Redirect("_main/index.htm");
Response.Redirect("CommonMainJs/");
}
protected void Button1_Click(object sender, EventArgs e)
{
string userCode = txtUserCode.Value; // Request.Form["userCode"];
string userPsw = txtUserPsw.Value;
//实现登录
userCode = userCode.Replace("'", "''");
userPsw = Functions.ToMD5(userPsw);
var dal = CommonClass.SetMetadataDal();
const string sql = "SELECT TOP 1 userID from Person_User_Info where UserCode='{0}' and LoginPsw ='{1}'";
string userId = dal.DalUser.ExecuteString(string.Format(sql, userCode, userPsw));
if (dal.DalUser.ErrorMessage.Length > 2)
{
//debugInfo.Remark = "到数据库验证登录账户和密码,出现异常!";
Response.Write("<br>" + dal.DalUser.ErrorMessage);
}
if (dal.DalUser.ErrorMessage.Length > 2)
{
//debugInfo.Remark = "到数据库验证登录账户和密码,出现异常!";
Response.Write("\"msg\":\"" + dal.DalUser.ErrorMessage + "\"");
return;
}
if (string.IsNullOrEmpty(userId))
{
Response.Write("\"msg\":\"用户名和密码不匹配!\"");
return;
}
Response.Write("<br>" + userId);
var mUser = new ManageUser {Dal = dal};
var debugInfo2 = new NatureDebugInfo {Title = "判断访问权限"};
UserOnlineInfo user = mUser.CreateUser(userId, debugInfo2.DetailList);
Response.Write("<br>" + user.BaseUser.UserID);
Functions.PageRegisterJavascript(Page,"isLogin();");
}
public ManageUser AddUser(ManageUser mnguser)
{
mnguser = mngvendorrepository.AddUser(mnguser);
return(mnguser);
}
public ManageUser UpdateUser(ManageUser mnguser, int id)
{
return(mngvendorrepository.UpdateUser(mnguser, id));
}
public async Task <IActionResult> OnPostConfirmationAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
// Get the information about the user from the external login provider
var info = await _signInManager.GetExternalLoginInfoAsync();
if (info == null)
{
ErrorMessage = "Error loading external login information during confirmation.";
return(RedirectToPage("./Login", new { ReturnUrl = returnUrl }));
}
if (ModelState.IsValid)
{
var user = new ManageUser {
UserName = Input.Email, Email = Input.Email
};
var result = await _userManager.CreateAsync(user);
if (result.Succeeded)
{
result = await _userManager.AddLoginAsync(user, info);
if (result.Succeeded)
{
_logger.LogInformation("User created an account using {Name} provider.", info.LoginProvider);
var userId = await _userManager.GetUserIdAsync(user);
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
var callbackUrl = Url.Page(
"/Account/ConfirmEmail",
pageHandler: null,
values: new { area = "Identity", userId = userId, code = code },
protocol: Request.Scheme);
await _emailSender.SendEmailAsync(Input.Email, "Confirm your email",
$"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
// If account confirmation is required, we need to show the link if we don't have a real email sender
if (_userManager.Options.SignIn.RequireConfirmedAccount)
{
return(RedirectToPage("./RegisterConfirmation", new { Email = Input.Email }));
}
await _signInManager.SignInAsync(user, isPersistent : false, info.LoginProvider);
return(LocalRedirect(returnUrl));
}
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
ProviderDisplayName = info.ProviderDisplayName;
ReturnUrl = returnUrl;
return(Page());
}
public int saveUser(ManageUser u)
{
_param = new SqlParameter[] { new SqlParameter("@userId", u.userId), new SqlParameter("@firstName", u.firstName), new SqlParameter("@lastName", u.lastName), new SqlParameter("@emailId", u.emailId), new SqlParameter("@password", u.password), new SqlParameter("@confirmPassword", u.confirmPassword), new SqlParameter("@mobileNo", u.mobileNo), new SqlParameter("@role", u.role), new SqlParameter("@portNo", u.portNo), new SqlParameter("@smtpServer", u.smtpServer), new SqlParameter("@status", u.status), new SqlParameter("@recruitmetLeadId", u.recruitmetLeadId), new SqlParameter("@managerName", u.managerName), new SqlParameter("@emailPassword", u.emailPassword) };
return(_sf.executeNonQueryWithProc("p_tblManageUser_save", _param));
}
public DataTable checkExistsEmailId_MobileNo(ManageUser u)
{
_param = new SqlParameter[] { new SqlParameter("@userId", u.userId), new SqlParameter("@emailId", u.emailId), new SqlParameter("@mobileNo", u.mobileNo), new SqlParameter("@firstName", u.firstName) };
return(_sf.returnDTWithProc_executeReader("p_checkExistsEmailId_MobileNo", _param));
}
/// <summary>
/// Internal method to validate the credentials included in the request,
/// returning an IPrincipal for the resulting authenticated entity.
/// </summary>
private async Task <IPrincipal> ValidateCredentialsAsync(string credentials,
HttpRequestMessage request,
CancellationToken cancellationToken)
{
string _publicKey = "PAA/AHgAbQBsACAAdgBlAHIAcwBpAG8AbgA9ACIAMQAuADAAIgAgAGUAbgBjAG8AZABpAG4AZwA9ACIAdQB0AGYALQAxADYAIgA/AD4ADQAKADwAUgBTAEEAUABhAHIAYQBtAGUAdABlAHIAcwAgAHgAbQBsAG4AcwA6AHgAcwBpAD0AIgBoAHQAdABwADoALwAvAHcAdwB3AC4AdwAzAC4AbwByAGcALwAyADAAMAAxAC8AWABNAEwAUwBjAGgAZQBtAGEALQBpAG4AcwB0AGEAbgBjAGUAIgAgAHgAbQBsAG4AcwA6AHgAcwBkAD0AIgBoAHQAdABwADoALwAvAHcAdwB3AC4AdwAzAC4AbwByAGcALwAyADAAMAAxAC8AWABNAEwAUwBjAGgAZQBtAGEAIgA+AA0ACgAgACAAPABFAHgAcABvAG4AZQBuAHQAPgBBAFEAQQBCADwALwBFAHgAcABvAG4AZQBuAHQAPgANAAoAIAAgADwATQBvAGQAdQBsAHUAcwA+AHgAUQBqAFoAQwBnAHUATQA4AEkAKwBKAC8AZQB0AGIAagBBAGsAWgBHAC8AcgArAHEATQBpAFcATwBoAGcAZwBoAGMANQB1ADMAOABLAEIAbABMAG8AQwBGAGwAQQBaAGkAUAB0AGQAZQBqADAAUwB3AGUAcABsAFUAcwBPAEIAUAA1AEQAZwBWAGIAUQA0AFAAVQArAFMAQQBrAFAAcwB3AFIATQBWADEAawBtAFoAawBJAG4ANQBVADUAbgB6ADMAOQBXAGwATABMAEMATABSAHQAZABMAEIARQAzAE0ASQBaAE0AegBVAG0AZwBCADUAYQBiAGYAcgBSAGMAVgB6ADMAYgB5AG8AWgBTAFMARgBKAFAAbABIAHUAUwBzAEIANQBsAEEAMwBsAE8ARABwAHMAdwAvAGsATQBCAGsAMQAyADgAegBwAGsAMQBGAGQAdQBBAEUAMwByADMAOABUAHgAVgB3AFgAWABuAGEAawBXACsAOABlAGcASwBNAGEAYQBNADYAaQAwADEAWQBUAGEAawBKAHgASQBJAGgARQBZAEIAeABFAG8AOABLADcALwBQAFIARQBKAGgARQBJAGcANAB0AFoAWABZAEgARQBpAG4AQQB5AEIAUgBYADcAdwBpAEIAWABrADAAOABiAHoAUAAwAG0AVQBoAHMAcwBsAHoAbQBmAEEARQBqAHQAOABsAEUARwBhAGYAWgBmAHgASQA3AG8AbQAzAFcATABmAGwASABwAFIAcABpAGMAbwA3AEMAMgBlAGUATABLAHYAQQBuAHYAVgBjAFUAbQBJADEANgA1AE4ASQBqAGEAZABBAHQAVgBIAE0ATgAxAEIAWgA5AG8AaABtAGYAMQBKADUAaQBzAGUAawBvAHcAUABTAGQANABRAD0APQA8AC8ATQBvAGQAdQBsAHUAcwA+AA0ACgA8AC8AUgBTAEEAUABhAHIAYQBtAGUAdABlAHIAcwA+AA==";
var jwtHandler = new JwtSecurityTokenHandler();
// verify this is a valid JWT token
var isValidJwt = jwtHandler.CanReadToken(credentials);
ClaimsUserManager cum = new ClaimsUserManager();
string Userid = cum.getClaimValue("Id", credentials);
ManageUser manageUser = new ManageUser();
var user = manageUser.GetUserById(Userid);
_publicKey = user.PublicToken;
_audience = user.UserName;
var _secret = Encoding.Unicode.GetBytes(_publicKey);
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(_secret);
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
securityKey, SecurityAlgorithms.HmacSha256Signature);
if (!isValidJwt)
{
return(null);
}
// at this point you would want to validate the JWT internals --
// minimally signing key and lifetime, but probably issuer and
// audience as well. Note some profiles of JWT require validating
// certain features (ex. OAuth).
TokenValidationParameters validationParameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidAudiences = new[] { _audience },
ValidateIssuer = false,
ValidIssuers = new[] { _validIssuer },
RequireSignedTokens = true,
ValidateIssuerSigningKey = true,
IssuerSigningKeys = new[] { securityKey },
//RequireExpirationTime = true,
//ValidateLifetime = true,
//ClockSkew = TimeSpan.FromHours(500), // limit the lifetime padding
//NameClaimType = ClaimTypes.NameIdentifier,
//AuthenticationType = SupportedTokenScheme
};
SecurityToken validatedToken = new JwtSecurityToken();
ClaimsPrincipal principal = jwtHandler.ValidateToken(credentials, validationParameters, out validatedToken);
// Add any other locally-generated claims you might want downstream code
// to have access to.
// In this example we set a few claim names we might re-use across a
// number of token handlers
((ClaimsIdentity)principal.Identity).AddClaim(new Claim("urn:Issuer",
validatedToken.Issuer));
((ClaimsIdentity)principal.Identity).AddClaim(new Claim("urn:TokenScheme",
SupportedTokenScheme));
// if you think any downstream code might want the original token string -
// perhaps because they need it to make downstream calls -
// store it in a standard claim name or the bootstrap context
// for later retrieval by the other filters/action methods
((ClaimsIdentity)principal.Identity).BootstrapContext = credentials;
return(await Task.FromResult(principal));
}
public bool Edit(ManageUser model)
{
DbContext.Entry(model).State = EntityState.Modified;
return(DbContext.SaveChanges() > 0);
}
public bool Create(ManageUser model)
{
DbContext.ManageUser.Add(model);
return(DbContext.SaveChanges() > 0);
}
public ManageUsersList GetManageUsers(GridPager gp, string UserAccount, string UserName) //获取用户列表数据
{
List <ManageUser> manageUsers = new List <ManageUser>(); //用于存放所有用户
List <ManageUser> TempmanageUsers = new List <ManageUser>(); //用于显示用户
List <BlogUser> trans = new List <BlogUser>();
if (!string.IsNullOrEmpty(UserAccount) && !string.IsNullOrEmpty(UserName))//如果Account和Name都存在
{
trans = repository.GetUserByAccountAndName(UserAccount, UserName);
}
if (!string.IsNullOrEmpty(UserAccount) && string.IsNullOrEmpty(UserName)) //如果Account存在
{
trans = repository.GetUserByAccountBlur(UserAccount);
}
if (!string.IsNullOrEmpty(UserName) && string.IsNullOrEmpty(UserAccount)) //如果Name存在就搜索Name,昵称Name是模糊搜索
{
trans = repository.GetUserByName(UserName);
}
if (string.IsNullOrEmpty(UserName) && string.IsNullOrEmpty(UserAccount)) //如果都为空,则默认
{
trans = repository.GetUsersAll();
}
if (trans == null)
{
return(null);
}
trans.Remove(trans.Find(c => c.Account == "admin123"));//不能查找管理员用户
foreach (var item in trans)
{
ManageUser temp = new ManageUser
{
Account = item.Account,
Name = item.Name,
CommmentCount = 0
};
var cmtlist = repository.GetCommentsAll().Where(c => c.Account == temp.Account).ToList();
foreach (var cmt in cmtlist)
{
temp.CommmentCount++;
}
manageUsers.Add(temp);
}
switch (gp.sort) //使用switch,考虑到可扩展成其他类型的排序
{
case "CommmentCount":
if (gp.order == "desc") //在一个case中判断是正序还是倒序
{
manageUsers = manageUsers.OrderByDescending(m => m.CommmentCount).ToList();
}
else
{
manageUsers = manageUsers.OrderBy(m => m.CommmentCount).ToList();
}
break;
default: //默认情况,当sort为空
break;
}
for (int i = (gp.page - 1) * gp.rows; i < gp.page * gp.rows; i++) //根据分页显示用户
{
if (manageUsers.Count == 0)
{
break;
}
if (i >= trans.Count())
{
break;
}
ManageUser temp = new ManageUser
{
Account = manageUsers[i].Account,
Name = manageUsers[i].Name,
CommmentCount = manageUsers[i].CommmentCount
};
TempmanageUsers.Add(temp);
}
ManageUsersList tempList = new ManageUsersList
{
UsersNumber = manageUsers.Count,
TempmanageUsers = TempmanageUsers
};
return(tempList);
}
public ActionResult MyLogin()
{
string Msg = "";
string Name = Request["name"] ?? "";
string strcode = Request["strcode"] ?? "";
string pwd = Request["pwd"] ?? "";
string sessioncode = (Session["MyCode"] ?? "").ToString();
Session["MyCode"] = null;
if (sessioncode == "" || strcode != sessioncode)
{
return(Content("验证码错误!"));
}
ManageUser user = new ManageUser();
if (Name == "admin" && pwd == "123")
{
Msg = "success";
user.IsSystem = true;
user.RoleId = 0;
user.RoleName = "超级管理员";
}
else
{
var temp = UserInfoBLL.GetList(o => o.Name == Name).FirstOrDefault();
if (temp == null)
{
Msg = "该用户不存在!";
return(Content(Msg));
}
else
{
var myuser = UserInfoBLL.GetList(o => o.Name == Name && o.Pwd == pwd).FirstOrDefault();
if (myuser == null)
{
Msg = "密码错误!";
return(Content(Msg));
}
Msg = "success";
var role = (from r in myuser.RoleInfo
select r).FirstOrDefault();
//string UserLoginid = Guid.NewGuid().ToString();
//new CacheHelper().AddCache(UserLoginid, temp, DateTime.Now.AddMinutes(20));
//Response.Cookies["user"].Value = UserLoginid;
user.UserId = temp.ID;
user.UserName = temp.Name;
if (role != null)
{
user.RoleId = role.ID;
user.RoleName = role.RoleName;
}
user.IsSystem = false;
}
}
IManageProvider UserManage = new ManageProvider();
UserManage.AddCurrent(user);
return(Content(Msg));
}
