Exemple #1
0
        /// <summary>
        /// 验证登录
        /// </summary>
        /// <param name="sessionid">登录会话Id</param>
        /// <returns></returns>
        private BusinessBaseViewModel <object> ValidateLogin(string sessionid, HttpActionContext actionContext)
        {
            var response = new BusinessBaseViewModel <object> {
                Status = ResponseStatus.Fail
            };

            if (sessionid.IsNullOrWhiteSpace())
            {
                response.Status = ResponseStatus.UnSessionIdParamsError;
                return(response);
            }
            string deviceNo          = string.Empty;
            string sessionidCacheKey = TianYuConsts.GetSessionIdCacheKey(sessionid);
            var    userGroup         = Cache.CacheHelper.Get <SystemLoginUserInfo>(sessionidCacheKey);

            if (userGroup.IsNull())
            {
                var model = LoginSessionDataHelper.GetSessionInfoModel(sessionid);
                if (model.IsNull())
                {
                    response.Status = ResponseStatus.SessionIdError;
                    return(response);
                }
                else
                {
                    deviceNo = model.DeviceNo;
                }
            }
            else
            {
                // deviceNo = userGroup.DeviceNo;
            }
            string ticket = actionContext.Request.Headers.Authorization.Parameter;

            if (ticket.IsNullOrWhiteSpace())
            {
                response.Status = ResponseStatus.UnAuthorityError;
                return(response);
            }
            //解密票据
            string key = TianYuConsts.GetTicketCacheKey(ticket);
            var    ticketDetailsModel = CacheHelper.Get <AuthenticationTicketDetailsModel>(key);

            if (ticketDetailsModel.IsNull())
            {
                response.Status = ResponseStatus.AuthenticationTicketTimeOut;
                return(response);
            }
            if (ticketDetailsModel.ClientType != AuthClientType.SamllApp.GetEnumDescription() && ticketDetailsModel.DeviceNo != deviceNo)
            {
                response.Status       = ResponseStatus.SessionIdOtherLogin;
                response.BusinessData = deviceNo;
                return(response);
            }
            response.BusinessData = userGroup;
            response.Status       = ResponseStatus.Success;

            return(response);
        }
Exemple #2
0
        /// <summary>
        /// 退出登录
        /// </summary>
        /// <returns></returns>
        public BusinessBaseViewModel <string> Logout()
        {
            var response = new BusinessBaseViewModel <string>()
            {
                Status = ResponseStatus.Fail
            };

            var token = CookieHelper.GetCookieValue(TianYuConsts.SystemLoginCookieName);

            if (!token.IsNullOrWhiteSpace())
            {
                CookieHelper.RemoveCookie(TianYuConsts.SystemLoginCookieName);
                CacheHelper.Remove(TianYuConsts.GetSessionIdCacheKey(token));
            }
            response.Status = ResponseStatus.Success;
            return(response);
        }
Exemple #3
0
        /// <summary>
        /// 登录后台
        /// </summary>
        /// <param name="loginName">用户名</param>
        /// <param name="loginPwd">密码</param>
        /// <returns>登录凭据</returns>
        public BusinessBaseViewModel <string> Login(string loginName, string loginPwd)
        {
            var response = new BusinessBaseViewModel <string>()
            {
                Status = ResponseStatus.Fail
            };

            if (loginName.IsNullOrWhiteSpace() || loginPwd.IsNullOrWhiteSpace())
            {
                response.ErrorMessage = "请输入用户名或密码";
                return(response);
            }

            var Staff = _staffRepostory.FirstOrDefault(t => t.LoginName == loginName && t.Status != (int)SystemStaffStatus.Del);

            if (Staff.IsNull())
            {
                response.ErrorMessage = "请输入用户名不存在或密码错误";
                return(response);
            }

            if (Staff.Status == (int)SystemStaffStatus.Stop)
            {
                response.ErrorMessage = "该用户已经被禁用";
                return(response);
            }

            if (Staff.LoginPwd.Equals((loginPwd + Staff.MaskCode).ToMd5(), StringComparison.InvariantCultureIgnoreCase))
            {
                //更新最近登录时间
                Staff.LastLoginTime = DateTime.Now;
                _staffRepostory.Update(Staff, "LastLoginTime");
                _staffRepostory.SaveChanges();

                //生成一个登录凭据
                var sessionIdString = $"admin:login:{loginName}:{Utils.NewGuid()}";
                var sessionId       = DESEncrypt.Encrypt(sessionIdString.ToBase64());

                string sessionKey = TianYuConsts.GetSessionIdCacheKey(sessionId);
                if (CacheHelper.Exists(sessionKey))
                {
                    CacheHelper.Remove(sessionKey);
                }
                //将用户菜单权限缓存到cache
                var menuList = _systemRoleService.FindStaffMenuRole(Staff.Id);

                CacheHelper.Insert(TianYuConsts.GetLoginUserMenuCacheKey(sessionId), menuList, true);

                var buttonList = _systemRoleService.FindStaffRoleNameByStaffId(Staff.Id);

                CacheHelper.Insert(TianYuConsts.GetLoginUserButtonCacheKey(sessionId), buttonList, true);

                var loginUserInfo = new SystemLoginUserInfo
                {
                    Id        = Staff.Id,
                    Eamil     = Staff.Eamil,
                    LoginName = Staff.LoginName,
                    Mobile    = Staff.Mobile,
                    NickName  = Staff.NickName,
                    SectionId = Staff.SectionId,
                    Status    = Staff.Status,
                    Tel       = Staff.Tel
                };
                //存储当前登录用户数据
                CacheHelper.Insert(TianYuConsts.GetLoginUserInfoCacheKey(sessionId), loginUserInfo, DateTime.Now.AddHours(1));

                response.BusinessData = sessionId;
                response.Status       = ResponseStatus.Success;
                return(response);
            }
            else
            {
                response.ErrorMessage = "请输入用户名不存在或密码错误";
                return(response);
            }
        }