public static SSOUser ValidateUser(string userName, string password)
{
if (string.IsNullOrEmpty(userName))
{
return(null);
}
var userEntity = new LoginUserModel();
userEntity.UserName = userName;
string psw = MD5Helper.MD5Encrypt(password);
DataSet result = SqlHelper.ExecuteDataset($"select * from login_user where Account='{userName}' and Password='******'");
if (result != null && result.Tables.Count > 0 && result.Tables[0].Rows.Count > 0)
{
DataRow row = result.Tables[0].Rows[0];
SSOUser sSOUser = new SSOUser()
{
UserName = row["UserName"].ToString(),
Account = row["Account"].ToString(),
Department = row["Department"].ToString(),
Orgin = row["Orgin"].ToString(),
Role = row["Role"].ToString()
};
return(sSOUser);
}
return(null);
}
/// <summary>
/// 注册账号
/// </summary>
/// <param name="user"></param>
/// <param name="message"></param>
/// <returns></returns>
public static bool RegistAccount(SSOUser user, out string message)
{
try
{
if (user == null || string.IsNullOrEmpty(user.Account) || string.IsNullOrEmpty(user.Password))
{
message = "注册失败,信息不全";
return(false);
}
object result = SqlHelper.ExecuteScalar($"select * from login_user where Account='{user.Account}'");
if (result != null)
{
message = "注册失败,当前账号已存在";
return(false);
}
user.Password = MD5Helper.MD5Encrypt(user.Password);
int line = SqlHelper.ExecuteNonQuery($"insert into login_user values('{Guid.NewGuid()}','{user.UserName}','{user.Password}','{user.Account}','{DateTime.Now}','{DateTime.Now}','','','')");
if (line > 0)
{
message = "恭喜你,注册成功!";
return(true);
}
else
{
message = "注册失败,插入数据库失败";
return(false);
}
}
catch (Exception ex)
{
message = ex.Message;
return(false);
}
}
public ActionResult Login(SSOUser user)
{
ValidateUser(user.UserCode, user.Password);
string redirectUrl = GetSystemUrl(user.TargetSystemCode, user.RedirectUrl);
if (string.IsNullOrEmpty(redirectUrl))
{
return(View());
}
else
{
return(new RedirectResult(redirectUrl));
}
}
public ActionResult Index(SSOUser user)
{
//访问验证中心地址,如果已经验证过,则直接跳转到请求验证的系统地址。
string redirectUrl = GetSystemUrl(user.TargetSystemCode, user.RedirectUrl);
if (string.IsNullOrEmpty(redirectUrl))
{
return(View(user));
}
else
{
return(new RedirectResult(redirectUrl));
}
}
/// <summary>
/// 认证用户
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <param name="rememberMe"></param>
/// <returns></returns>
public static bool AuthenticateUser(string username, string password, bool rememberMe, out string myticket)
{
string un = (username ?? string.Empty).Trim();
string pw = (password ?? string.Empty).Trim();
if (!string.IsNullOrWhiteSpace(un) && !string.IsNullOrWhiteSpace(pw))
{
SSOUser isValidated = ValidateUser(un, pw);
if (isValidated != null)
{
HttpContext context = HttpContext.Current;
DateTime expirationDate = DateTime.Now.Add(FormsAuthentication.Timeout);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
un,
DateTime.Now,
expirationDate,
rememberMe,
string.Format("{0}{1}{2}{1}{3}{4}", SecurityValidationKey, AUTH_TKT_USERDATA_DELIMITER, un, pw, Guid.NewGuid()),
FormsAuthentication.FormsCookiePath
);
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
//持久化Token
SSOToken token = new SSOToken(encryptedTicket);
token.User = isValidated;
//token.User.UserName = Domain.Security.SmartAuthenticate.LoginUser.UserName;
//token.LoginID = Session.SessionID;
Domain.SSO.Entity.SSOToken.SSOTokenList.Add(token);
HttpCookie cookie = new HttpCookie(FormsAuthCookieName, encryptedTicket);
cookie.Expires = rememberMe ? expirationDate : DateTime.MinValue;
cookie.HttpOnly = true;
cookie.Path = "/";
//cookie.Domain = "domain.com";
context.Response.Cookies.Set(cookie);
myticket = encryptedTicket;
return(true);
}
}
myticket = string.Empty;
return(false);
}
public void SignIn(SSOUser user, bool createPersistentCookie)
{
DateTime issueDate = DateTime.Now;
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, user.Username,
issueDate, issueDate.AddMinutes(HamRiengModels.SSOTimeout), true, user.SessionToken.ToString());
string protectedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, protectedTicket);
cookie.HttpOnly = true;
cookie.Expires = issueDate.AddMinutes(HamRiengModels.SSOTimeout);
HttpContext.Current.Response.Cookies.Add(cookie);
}
