public bool AuthUserByAD(string domain, string loginfullName, string loginId, string password, ref object returnObj) { //IADsUser adUser = null; //try //{ // adUser = ADHelper.AuthenticateUser(domain, loginfullName, loginId, password); // User user = new User(); // user.UserId = new Guid(adUser.GUID); // user.GroupId = Guid.NewGuid(); // user.UserName = adUser.FullName; // user.GroupName = "Test"; // user.IsDownLoad = string.Empty; // returnObj = user; // return true; //} //catch (Exception ex) //{ // LogWriter.WriteExceptionLog(ex); // return false; //} QJVRMS.Business.MemWS.MemberShipService mss = new QJVRMS.Business.MemWS.MemberShipService(); SerializeObjectFactory sof = new SerializeObjectFactory(); try { string objStr = mss.AuthUserByAD(domain, loginfullName, loginId, password); object o = sof.DesializeFromBase64(objStr); QJVRMS.Business.User user = (QJVRMS.Business.User)o; returnObj = user; return(true); } catch { return(false); } }
public static bool AuthUserByRequest(string loginName, string password, string ipAddress, ref object returnObj, bool isCreated) { string addressParam = ConfigurationManager.AppSettings["RequestUrl"]; string lnParam = ConfigurationManager.AppSettings["LoginNameParamName"]; string pParam = ConfigurationManager.AppSettings["PasswordParamName"]; string ipParam = ConfigurationManager.AppSettings["IPParamName"]; string url; if (addressParam.Contains("?")) { url = addressParam + "&" + lnParam + "=" + loginName + "&" + pParam + "=" + password + "&" + ipParam + "=" + ipAddress; } else { url = addressParam + "?" + lnParam + "=" + loginName + "&" + pParam + "=" + password + "&" + ipParam + "=" + ipAddress; } string result = DoGetRequest(url); if (result == "0") { //这里远程验证如果错误的话,就进行一次数据库验证 QJVRMS.Business.MemWS.MemberShipService mss = new QJVRMS.Business.MemWS.MemberShipService(); SerializeObjectFactory sof = new SerializeObjectFactory(); string objStr = mss.AuthUserByForm(loginName, password, ipAddress); if (!string.IsNullOrEmpty(objStr)) { object o = sof.DesializeFromBase64(objStr); QJVRMS.Business.User user = (QJVRMS.Business.User)o; returnObj = user; return(true); } return(false); } else { //这里先要获得该用户的机构(groupId)和角色(roleId) string[] arrIds = new Boss().GetVrmsId(loginName, password); string roleId = arrIds[0]; string groupId = arrIds[1]; string email = arrIds[2]; if (string.IsNullOrEmpty(roleId)) { roleId = ConfigurationManager.AppSettings["RoleID"]; } if (string.IsNullOrEmpty(groupId)) { groupId = "356b8e9c-005d-47ae-8aad-e7d1d60a1496"; } if (string.IsNullOrEmpty(email)) { email = loginName + "@quanjing.com"; } if (isCreated) { MemberShipManager msm = new MemberShipManager(); //string email = loginName + "@sany.com.cn"; IUser u = msm.CreateUser(password, loginName, loginName, new Guid(groupId), email, string.Empty, false, "false", false); QJVRMS.Business.User user = (QJVRMS.Business.User)u; //string roleID = ConfigurationManager.AppSettings["RoleID"]; string roleID = roleId; //分配角色 Role.CreateRoleUsers(new Guid[] { new Guid(roleID) }, user.UserId); returnObj = user; } else { QJVRMS.Business.MemWS.MemberShipService mss = new QJVRMS.Business.MemWS.MemberShipService(); SerializeObjectFactory sof = new SerializeObjectFactory(); //string objStr = mss.AuthUserByForm(loginName, password, ipAddress); string objStr = mss.GetUserByLoginName(loginName); object o = sof.DesializeFromBase64(objStr); QJVRMS.Business.User user = (QJVRMS.Business.User)o; returnObj = user; //如果数据库里有这个用户的话,就更新一次密码(这里应该判断一下用户是否相等),更新一下角色、机构和email mss.ResetPassword(user.UserId, password); bool isDownloaded = false; if (user.IsDownLoad.ToLower().Equals("true")) { isDownloaded = true; } mss.ModifyUserInfo1(user.UserId, new Guid(groupId), user.UserName, email, user.Telphone, user.IsLocked, isDownloaded, user.IsIPValidate); Role.CreateRoleUsers(new Guid[] { new Guid(roleId) }, user.UserId); } } return(true); }
/// <summary> /// and IPAddress validate /// </summary> /// <param name="loginName"></param> /// <param name="password"></param> /// <param name="returnObj"></param> /// <returns></returns> public bool AuthUserByForm(string loginName, string password, string IPAddress, ref object returnObj) { string encryptPassword = Encryption.Encrypt(password); //SqlParameter[] Parameters = new SqlParameter[4]; //Parameters[0] = new SqlParameter("@loginName", SqlDbType.NVarChar); //Parameters[1] = new SqlParameter("@password", SqlDbType.VarChar, 50); //Parameters[2] = new SqlParameter("@IPAddress", SqlDbType.NVarChar, 15); //Parameters[3] = new SqlParameter("@IsValidated", SqlDbType.Bit); //Parameters[0].Value = loginName; //Parameters[1].Value = encryptPassword; //Parameters[2].Value = IPAddress; //Parameters[3].Direction = ParameterDirection.Output; //try //{ // using (DataTable resTable = SqlHelper.ExecuteDataset(SqlHelper.SqlCon_QJVRMS, CommandType.StoredProcedure, "dbo.Users_ValidateUserAndGetUser", Parameters).Tables[0]) // { // if (resTable.Rows.Count != 0) // { // if (!bool.Parse(Parameters[3].Value.ToString())) // { // return false; // } // DataRow reader = resTable.Rows[0]; // User user = new User(); // user.UserId = new Guid(reader["UserId"].ToString()); // user.GroupId = new Guid(reader["Groupid"].ToString()); // user.UserName = reader["UserName"].ToString(); // user.GroupName = reader["GroupName"].ToString(); // user.IsDownLoad = reader["IsDownLoad"].ToString(); // returnObj = user; // return true; // } // else // { // return false; // } // } //} //catch (Exception ex) //{ // LogWriter.WriteExceptionLog(ex, true); // return false; //} QJVRMS.Business.MemWS.MemberShipService mss = new QJVRMS.Business.MemWS.MemberShipService(); SerializeObjectFactory sof = new SerializeObjectFactory(); try { string objStr = null; ///mss.GetUserByLoginName string isAuthByRemote = ConfigurationManager.AppSettings["AuthByRemote"]; if (string.IsNullOrEmpty(isAuthByRemote)) { isAuthByRemote = "0"; } if (isAuthByRemote.Equals("1")) { //objStr = mss.GetUserByLoginName(loginName); bool isUser = mss.IsUserExist(loginName); //表里没有用户,调用集成验证 if (!isUser) { return(AuthUserByRequest(loginName, password, IPAddress, ref returnObj, true)); } else { objStr = mss.GetUserByLoginName(loginName); object o = sof.DesializeFromBase64(objStr); QJVRMS.Business.User user = (QJVRMS.Business.User)o; returnObj = user; //用户不是系统管理员,调用集成验证 string superAdminId = ConfigurationManager.AppSettings["superAdminId"]; if (user.UserId.ToString().ToLower() != superAdminId.ToLower()) { return(AuthUserByRequest(loginName, password, IPAddress, ref returnObj, false)); } else { //是管理员,调用数据库验证 objStr = mss.AuthUserByForm(loginName, password, IPAddress); if (string.IsNullOrEmpty(objStr)) { return(false); } else { object o1 = sof.DesializeFromBase64(objStr); QJVRMS.Business.User user1 = (QJVRMS.Business.User)o1; returnObj = user1; return(true); } } //returnObj = user; return(true); } } else { objStr = mss.AuthUserByForm(loginName, password, IPAddress); object o = sof.DesializeFromBase64(objStr); QJVRMS.Business.User user = (QJVRMS.Business.User)o; returnObj = user; return(true); } } catch (Exception ex) { LogWriter.WriteExceptionLog(ex); return(false); } }