/// <summary>
/// 登录
/// </summary>
/// <param name="taskId">任务标识</param>
/// <param name="userInfo">用户</param>
/// <param name="companyName">单位名称</param>
/// <param name="userName">用户名</param>
/// <param name="password">密码</param>
/// <param name="openId">单点登录标识</param>
/// <param name="createOpenId">重新创建单点登录标识</param>
/// <param name="ipAddress">IP地址</param>
/// <returns>登录实体类</returns>
public UserLogOnResult LogOnByCompany(string taskId, BaseUserInfo userInfo, string companyName, string userName, string password, string openId, bool createOpenId)
{
UserLogOnResult result = new UserLogOnResult();
var parameter = ServiceInfo.Create(taskId, userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
// 先侦测是否在线
// userLogOnManager.CheckOnLine();
// 再进行登录
var userManager = new BaseUserManager(userInfo);
userManager.CheckIsAdministrator = true;
result = userManager.LogOnByCompany(companyName, userName, password, openId, createOpenId, userInfo.SystemCode, GetRemoteIP());
// 张祈璟20130619添加
//if (returnUserInfo != null)
//{
// returnUserInfo.CloneData(userInfo);
// result.UserInfo = returnUserInfo;
//}
// 登录时会自动记录进行日志记录,所以不需要进行重复日志记录
// BaseLogManager.Instance.Add(result, this.serviceName, MethodBase.GetCurrentMethod());
});
return(result);
}
/// <summary>
/// 用户修改密码
/// </summary>
/// <param name="taskId">任务标识</param>
/// <param name="userInfo">用户</param>
/// <param name="oldPassword">原始密码</param>
/// <param name="newPassword">新密码</param>
/// <returns>影响行数</returns>
public UserLogOnResult ChangePassword(string taskId, BaseUserInfo userInfo, string oldPassword, string newPassword)
{
UserLogOnResult result = null;
var parameter = ServiceInfo.Create(taskId, userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
// 事务开始
// dbHelper.BeginTransaction();
var userManager = new BaseUserManager(dbHelper, userInfo);
result = new UserLogOnResult();
result.UserInfo = userManager.ChangePassword(userInfo.Id, oldPassword, newPassword);
// 获取登录后信息
// result.Message = BaseParameterManager.GetParameterByCache("BaseNotice", "System", "LogOn", "Message");
// 获得状态消息
result.StatusCode = userManager.StatusCode;
result.StatusMessage = userManager.GetStateMessage();
// 事务提交
// dbHelper.CommitTransaction();
});
return(result);
}
/// <summary>
/// 登录
/// </summary>
/// <param name="taskId">任务标识</param>
/// <param name="userInfo">用户</param>
/// <param name="userName">用户名</param>
/// <param name="password">密码</param>
/// <param name="openId">单点登录标识</param>
/// <param name="createOpenId">重新创建单点登录标识</param>
/// <param name="ipAddress">IP地址</param>
/// <returns>登录实体类</returns>
public UserLogOnResult UserLogOn(string taskId, BaseUserInfo userInfo, string userName, string password, string openId, bool createOpenId)
{
UserLogOnResult result = new UserLogOnResult();
var parameter = ServiceInfo.Create(taskId, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
var userManager = new BaseUserManager(userInfo);
userManager.CheckIsAdministrator = true;
result = userManager.LogOnByUserName(userName, password, openId, createOpenId);
// 2016-02-16 吉日嘎拉 记录用户日志用
parameter.UserInfo = result.UserInfo;
});
return(result);
}
/// <summary>
/// 按唯一识别码登录
/// </summary>
/// <param name="taskId">任务标识</param>
/// <param name="userInfo">用户</param>
/// <param name="openId">唯一识别码</param>
/// <returns>用户实体</returns>
public UserLogOnResult LogOnByOpenId(string taskId, BaseUserInfo userInfo, string openId)
{
UserLogOnResult result = new UserLogOnResult();
var parameter = ServiceInfo.Create(taskId, userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
// 先侦测是否在线
BaseUserLogOnManager userLogOnManager = new BaseUserLogOnManager();
userLogOnManager.CheckOnLine();
// 若是单点登录,那就不能判断ip地址,因为不是直接登录,是间接登录
var userManager = new BaseUserManager(userInfo);
result = userManager.LogOnByOpenId(openId, string.Empty, string.Empty);
});
return(result);
}
/// <summary>
/// 登录
/// </summary>
/// <param name="taskId">任务标识</param>
/// <param name="userInfo">用户</param>
/// <param name="nickName">昵称</param>
/// <param name="password">密码</param>
/// <param name="openId">单点登录标识</param>
/// <param name="createOpenId">重新创建单点登录标识</param>
/// <param name="ipAddress">IP地址</param>
/// <returns>登录实体类</returns>
public UserLogOnResult LogOnByNickName(string taskId, BaseUserInfo userInfo, string nickName, string password, string openId, bool createOpenId)
{
UserLogOnResult result = new UserLogOnResult();
var parameter = ServiceInfo.Create(taskId, userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterWriteDb(userInfo, parameter, (dbHelper) =>
{
// 先侦测是否在线
// userLogOnManager.CheckOnLine();
// 再进行登录
var userManager = new BaseUserManager(userInfo);
userManager.CheckIsAdministrator = true;
result = userManager.LogOnByNickName(nickName, password, openId, createOpenId);
});
return(result);
}
/// <summary>
/// 检查一个服务调用是否是允许调用的?
/// 1:是否要记录日志?
/// 2:是否需要埋点?检查性能?访问频率等?调用次数?
/// 3:非合法的调用?是否日志记录?
/// 4:异常的要进行处理?
/// </summary>
/// <param name="appKey">应用唯一标识</param>
/// <param name="appSecret">应用的签名密钥</param>
/// <param name="callLimit">是否进行限制</param>
/// <param name="systemCode">访问子系统</param>
/// <param name="permissionCode">判断的权限编号</param>
/// <returns>验证情况</returns>
public static BaseResult CheckService(string appKey, string appSecret, bool callLimit = false, string systemCode = "Base", string permissionCode = null)
{
BaseResult result = new DotNet.Utilities.BaseResult();
result.Status = false;
// AppKey: 23286115
// AppSecret: c8d1f06f599d7370467993c72a34c701
// permissionCode: "User.Add"
string ipAddress = Utilities.GetIPAddress(true);
// 1: 判断参数是否合理?目标服务,总不可以为空,否则怎么区别谁在调用这个服务了?
if (string.IsNullOrEmpty(appKey))
{
result.StatusCode = "AccessDeny";
result.StatusMessage = "appKey为空、访问被拒绝";
return(result);
}
// 2: 判断是否在接口角色里, 只有在接口角色里的,才可以进行远程调用,这样也方便把接口随时踢出来。
string roleCode = "Interface";
if (!BaseUserManager.IsInRoleByCache(systemCode, appKey, roleCode))
{
result.StatusCode = "AccessDeny";
result.StatusMessage = "非接口用户、访问被拒绝";
return(result);
}
// 3: 判断调用的频率是否?这里需要高速判断,不能总走数据库?调用的效率要高,不能被远程接口给拖死了、自己的服务都不正常了。
if (callLimit && PooledRedisHelper.CallLimit(appKey, 10, 10000))
{
result.StatusCode = "AccessDeny";
result.StatusMessage = "访问频率过高、访问被拒绝";
return(result);
}
// 4: 判断签名是否有效?是否过期?可以支持多个签名,容易升级、容易兼容、容易有个过度的缓冲期。为了提高安全性,必须要有签名才对。
if (!BaseServicesLicenseManager.CheckServiceByCache(appKey, appSecret))
{
result.StatusCode = "AccessDeny";
result.StatusMessage = "不合法签名、访问被拒绝";
return(result);
}
// 5: 判断对方的ip是否合法的?1个服务程序,可以有多个ip。可以把服务当一个用户看待,一个目标用户可能也配置了多个服务,一般是远程连接。
BaseUserLogOnManager userLogOnManager = new BaseUserLogOnManager();
BaseUserLogOnEntity userLogOnEntity = userLogOnManager.GetObject(appKey);
if (BaseUserManager.CheckIPAddressByCache(userLogOnEntity, ipAddress, true))
{
result.StatusCode = "AccessDeny";
result.StatusMessage = "不合法IP、访问被拒绝";
return(result);
}
// 6: 判断是否有权限?防止被过渡调用,拖死数据库,可以用缓存的方式进行判断,这样不容易被客户端、合作伙伴拖垮。
if (!string.IsNullOrEmpty(permissionCode) && !BasePermissionManager.IsAuthorizedByCache(systemCode, appKey, permissionCode))
{
result.StatusCode = "AccessDeny";
result.StatusMessage = "无权限 " + permissionCode + "、访问被拒绝";
return(result);
}
// 7: 判断是否有效?判断时间是否对?
BaseUserManager userManager = new BaseUserManager();
BaseUserEntity userEntity = userManager.GetObject(appKey);
UserLogOnResult userLogOnResult = userManager.CheckUser(userEntity, userLogOnEntity);
if (!string.IsNullOrEmpty(userLogOnResult.StatusCode))
{
BaseLoginLogManager.AddLog(systemCode, userEntity, ipAddress, string.Empty, string.Empty, userLogOnResult.StatusMessage);
result.StatusCode = userLogOnResult.StatusCode;
result.StatusMessage = userLogOnResult.StatusMessage;
return(result);
}
// 8:目前需要判断的,都加上了。
result.Status = true;
return(result);
}
/// <summary>
/// 检查用户的登录许可信息
/// </summary>
/// <param name="userEntity">用户实体</param>
/// <param name="userLogOnEntity">用户登录实体</param>
/// <returns>用户登录信息</returns>
public UserLogOnResult CheckUser(BaseUserEntity userEntity, BaseUserLogOnEntity userLogOnEntity)
{
UserLogOnResult result = new UserLogOnResult();
int errorMark = 0;
// 05. 是否允许登录,是否离职是否正确
if (!string.IsNullOrEmpty(userEntity.AuditStatus) &&
userEntity.AuditStatus.EndsWith(AuditStatus.WaitForAudit.ToString()))
{
result.StatusCode = AuditStatus.WaitForAudit.ToString();
result.StatusMessage = AuditStatus.WaitForAudit.ToDescription();
errorMark = 1;
return(result);
}
// 用户是否有效的
if (userEntity.Enabled.HasValue && userEntity.Enabled == 0)
{
result.StatusCode = Status.LogOnDeny.ToString();
result.StatusMessage = Status.LogOnDeny.ToDescription();
errorMark = 2;
return(result);
}
// 用户是否有效的
if (userEntity.Enabled.HasValue && userEntity.Enabled == -1)
{
result.StatusCode = Status.UserNotActive.ToString();
result.StatusMessage = Status.UserNotActive.ToDescription();
errorMark = 3;
return(result);
}
// 01: 系统是否采用了在线用户的限制, 这里是登录到哪个表里去?
errorMark = 6;
// 2015-12-08 吉日嘎拉
if (userLogOnEntity == null)
{
result.StatusCode = Status.MissingData.ToString();
result.StatusMessage = Status.MissingData.ToDescription();
return(result);
}
// 06. 允许登录时间是否有限制
// 2015-05-28 jirigala 子系统的用户是否有效的
errorMark = 7;
if (userLogOnEntity.Enabled == 0)
{
errorMark = 8;
result.StatusCode = Status.LogOnDeny.ToString();
result.StatusMessage = Status.LogOnDeny.ToDescription();
return(result);
}
errorMark = 11;
if (userLogOnEntity.AllowEndTime != null)
{
errorMark = 12;
userLogOnEntity.AllowEndTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, userLogOnEntity.AllowEndTime.Value.Hour, userLogOnEntity.AllowEndTime.Value.Minute, userLogOnEntity.AllowEndTime.Value.Second);
}
errorMark = 13;
if (userLogOnEntity.AllowStartTime != null)
{
errorMark = 14;
userLogOnEntity.AllowStartTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, userLogOnEntity.AllowStartTime.Value.Hour, userLogOnEntity.AllowStartTime.Value.Minute, userLogOnEntity.AllowStartTime.Value.Second);
errorMark = 15;
if (DateTime.Now < userLogOnEntity.AllowStartTime)
{
result.StatusCode = Status.UserLocked.ToString();
result.StatusMessage = Status.UserLocked.ToDescription();
errorMark = 17;
return(result);
}
}
errorMark = 18;
if (userLogOnEntity.AllowEndTime != null)
{
errorMark = 19;
if (DateTime.Now > userLogOnEntity.AllowEndTime)
{
result.StatusCode = Status.UserLocked.ToString();
result.StatusMessage = Status.UserLocked.ToDescription();
errorMark = 20;
return(result);
}
}
// 07. 锁定日期是否有限制
errorMark = 21;
if (userLogOnEntity.LockStartDate != null)
{
errorMark = 22;
if (DateTime.Now > userLogOnEntity.LockStartDate)
{
errorMark = 23;
if (userLogOnEntity.LockEndDate == null || DateTime.Now < userLogOnEntity.LockEndDate)
{
result.StatusCode = Status.UserLocked.ToString();
result.StatusMessage = Status.UserLocked.ToDescription();;
errorMark = 24;
return(result);
}
}
}
errorMark = 25;
if (userLogOnEntity.LockEndDate != null)
{
errorMark = 26;
if (DateTime.Now < userLogOnEntity.LockEndDate)
{
errorMark = 27;
result.StatusCode = Status.UserLocked.ToString();
result.StatusMessage = Status.UserLocked.ToDescription();
errorMark = 28;
return(result);
}
}
result.StatusCode = Status.OK.ToString();
result.StatusMessage = Status.OK.ToDescription();
return(result);
}
