public static bool Verify(string userName, string password)
{
// 默认两种验证方式
var domain = string.Format("{0}", WFCorePublicCodeHelper.GetPublicCode("Domain", "Authentication Method", "Domain,Password")).ToLower();
if (domain.Contains("password"))
{
var user = UserLoader.GetUserByName(userName);
if (user != null)
{
var uesrHash = HashHelper.GenerateUserHash(userName, password);
if (uesrHash == user.Password)
{
return(true);
}
}
}
if (domain.Contains("domain"))
{
if (IsValidDomainUser(userName, password))
{
return(true);
}
}
return(false);
}
void btnLogin_ServerClick(object sender, EventArgs e)
{
var userName = this.user.Value;
var pwd = this.password.Value;
// 先检查用户名在本系统里面有没有
var user = UserLoader.GetUserByName(userName);
if (user == null)
{
ClientMessageHelper.Alert(Page, "用户名不存在".GetRes());
WFLog.WriteLog("系统登录".GetRes(), userName, string.Format("用户名不存在,客户端IP地址 {0}".GetRes(), IPHelper.GetClientIPAddress()), WFLog.LOGLEVEL_ERROR, userName);
return;
}
if (user.Status != 1)
{
ClientMessageHelper.Alert(Page, "用户已经被禁用".GetRes());
WFLog.WriteLog("系统登录".GetRes(), userName, string.Format("用户已经被禁用,客户端IP地址 {0}".GetRes(), IPHelper.GetClientIPAddress()), WFLog.LOGLEVEL_WARN, userName);
return;
}
// 先本机验证,如果本机验证不通过,进行域验证
//
// 发布的时候需要设置成 Release 模式进行发布
//
if (!Verify(userName, pwd))
{
ClientMessageHelper.Alert(Page, "用户名密码错误".GetRes());
WFLog.WriteLog("系统登录".GetRes(), userName, string.Format("用户名密码错误,客户端IP地址 {0}".GetRes(), IPHelper.GetClientIPAddress()), WFLog.LOGLEVEL_ERROR, userName);
return;
}
WFLog.WriteLog("系统登录".GetRes(), userName, string.Format("用户成功登录,客户端IP地址 {0}".GetRes(), IPHelper.GetClientIPAddress()), WFLog.LOGLEVEL_INFO, userName);
InitUserSession(user.UserId, dpLanguage.SelectedValue.ToString());
Response.Redirect(GetReturnUrl());
}