public ActionResult Login() { object notice = new object(); if (string.IsNullOrEmpty(Request.Params["txtEmail"])) { notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_NO_EMAIL + "'}"; ViewBag.notice = notice; return View("Index"); } string IsRemember = Request.Params["chkRememberEmail"] != null ? Request.Params["chkRememberEmail"] : "false"; string email = Request.Params["txtEmail"].Trim(); string passwd = Request.Params["hid_password"].Trim(); string challenge_id = Request.Params["challenge_id"]; int CookieExpireTime = 10; ViewBag.LoginEmail = null; ICallerImplMgr callerMgr = new CallerMgr(connectionString); Caller caller = null; UserLoginAttemptsMgr ulaMgr = new UserLoginAttemptsMgr(connectionString); //記錄/清空cookie BLL.gigade.Common.CommonFunction.Cookie_Set("UserInfo", "email", email, IsRemember, CookieExpireTime); if (!Regex.IsMatch(email, @"^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$")) { notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_EMAIL_FORMAT_ERROR + "'}"; ViewBag.notice = notice; if (IsRemember == "true") { ViewBag.LoginEmail = email; } return View("Index"); } if (passwd == "") { notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_NO_PASSWD + "'}"; ViewBag.notice = notice; if (IsRemember == "true") { ViewBag.LoginEmail = email; } return View("Index"); } try { caller = callerMgr.Login(email); } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } if (caller == null) { notice = "{result:'Error',msg:'" + Resources.Login.ERROR_EMAIL_PASSWD_ERROR + "'}"; ViewBag.notice = notice; if (IsRemember == "true") { ViewBag.LoginEmail = email; } UserLoginAttempts ula = new UserLoginAttempts(); ula.login_mail = email; ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString()); ula.login_type = 3; ulaMgr.Insert(ula); return View("Index"); } else { if (caller.user_status == 2) { notice = "{result:'Error',msg:'" + Resources.Login.NOTICE_EMAIL_STOP + "'}"; if (IsRemember == "true") { ViewBag.LoginEmail = email; } UserLoginAttempts ula = new UserLoginAttempts(); ula.login_mail = email; ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString()); ula.login_type = 3; ulaMgr.Insert(ula); ViewBag.notice = notice; return View("Index"); } if (caller.user_status == 3) { notice = "{result:'Error',msg:'" + Resources.Login.NOTICE_EMAIL_DELETE + "'}"; if (IsRemember == "true") { ViewBag.LoginEmail = email; } UserLoginAttempts ula = new UserLoginAttempts(); ula.login_mail = caller.user_email; ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString()); ula.login_type = 3; ulaMgr.Insert(ula); ViewBag.notice = notice; return View("Index"); } string challenge_key = ""; try { challenge_key = callerMgr.Get_Challenge_Key(challenge_id); callerMgr.Kill_Challenge_Id(challenge_id); } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } BLL.gigade.Common.HashEncrypt hash = new BLL.gigade.Common.HashEncrypt(); string newpasswd = hash.SHA256Encrypt(caller.user_password + challenge_key); if (passwd != newpasswd) { try { callerMgr.Add_Login_Attempts(caller.user_id); } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } caller.user_login_attempts++; string tempStr = string.Format(Resources.Login.ERROR_PASSWD_ERROR_TIMES, caller.user_login_attempts, 5);//後台登入改為5次 edit by shuangshuang0420j 201504101555 from hill notice = "{result:'Error',msg:'" + tempStr + "'}"; ViewBag.notice = notice; ViewBag.challenge_id = callerMgr.Add_Challenge(); ViewBag.challenge_key = callerMgr.Get_Challenge_Key(ViewBag.challenge_id); //後台登入改為5次并計入UserLoginAttempts表 edit by shuangshuang0420j 201504101555 from hill UserLoginAttempts ula = new UserLoginAttempts(); ula.login_mail = caller.user_email; ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString()); ula.login_type = 3; ulaMgr.Insert(ula); if (caller.user_login_attempts >= 5)//後台登入改為5次 edit by shuangshuang0420j 201504101555 from hill { try { callerMgr.Modify_User_Status(caller.user_id, 2); } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } } if (IsRemember == "true") { ViewBag.LoginEmail = email; } return View("Index"); } if (caller.user_status == 0) { notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_FIRST_LOGIN + "'}"; ViewBag.notice = notice; ViewBag.isFirst = 1; ViewBag.uid = caller.user_id; ViewBag.email = caller.user_email; return View("ChangePasswd"); } try { //添加登錄記錄 callerMgr.Add_Manage_Login(caller.user_id); //修改登入數據 callerMgr.Modify_User_Login_Data(caller.user_id); } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } caller.user_password = ""; try { string xmlPath = ConfigurationManager.AppSettings["SiteConfig"];//XML的設置 string path = Server.MapPath(xmlPath); SiteConfigMgr _siteConfigMgr = new SiteConfigMgr(path); string APIServer = _siteConfigMgr.GetConfigByName("APIServer").Value; GigadeApiRequest request = new GigadeApiRequest(APIServer); var result = request.Request<SuppliersLoginViewModel, SuppliersLoginResult>("api/admin/account/login", new SuppliersLoginViewModel() { user_email = email, user_password = newpasswd, user_halfToken = challenge_key, login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString()) }); var back = result.result; Session["AccessToken"] = back.userToken.user_token; } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } Session["caller"] = caller; return Redirect("../home"); } }
public ActionResult ChangePasswd() { if (!string.IsNullOrEmpty(Request.QueryString["uid"]) && !string.IsNullOrEmpty(Request.QueryString["code"])) { BLL.gigade.Common.HashEncrypt hash = new BLL.gigade.Common.HashEncrypt(); int nGet_User_Id = int.Parse(Request.QueryString["uid"].Trim()); string sGet_Confirm_Code = Request.QueryString["code"]; ICallerImplMgr callerMgr = new CallerMgr(connectionString); Caller caller = null; try { caller = callerMgr.GetUserById(nGet_User_Id); } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } string sDB_Confrim_Code = caller.user_confirm_code; if (sDB_Confrim_Code == "") { ViewBag.ConfirmSend = Resources.Login.ERROR_PASSWD_ACTIVATION; return View("NoticeShow"); } if (sDB_Confrim_Code != hash.SHA256Encrypt(sGet_Confirm_Code)) { ViewBag.ConfirmSend = Resources.Login.ERROR_PASSWD_ACTIVATION; return View("NoticeShow"); } ViewBag.uid = nGet_User_Id; ViewBag.code = sGet_Confirm_Code; ViewBag.email = caller.user_email; return View(); } else { ViewBag.ConfirmSend = Resources.Login.ERROR_PASSWD_ACTIVATION; return View("NoticeShow"); } }
public ActionResult Change() { ICallerImplMgr mgr = null; Caller caller = null; object notice = new object(); int nUserId = 0; string sPasswd1; string sPasswd2 = ""; string sCode; if (!string.IsNullOrEmpty(Request.Params["uid"]) && !string.IsNullOrEmpty(Request.Params["code"]) && Request.Params["hid_isFirst"] != "1") { nUserId = int.Parse(Request.Params["uid"]); sCode = Request.Params["code"]; sPasswd1 = Request.Params["passwd1"]; sPasswd2 = Request.Params["passwd2"]; mgr = new CallerMgr(connectionString); try { caller = mgr.GetUserById(nUserId); } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } BLL.gigade.Common.HashEncrypt hash = new BLL.gigade.Common.HashEncrypt(); string sDB_Confirm_Code = caller.user_confirm_code; if (sDB_Confirm_Code == "") { ViewBag.ConfirmSend = Resources.Login.ERROR_PASSWD_ACTIVATION; return View("NoticeShow"); } else if (sDB_Confirm_Code != hash.SHA256Encrypt(sCode)) { ViewBag.ConfirmSend = Resources.Login.ERROR_PASSWD_ACTIVATION; return View("NoticeShow"); } else if (sPasswd1 == "" || sPasswd2 == "") { notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_NO_PASSWD + "'}"; ViewBag.notice = notice; return View("ChangePasswd"); } else if (sPasswd1 != sPasswd2) { notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_PASSWD_MISMATCH + "'}"; ViewBag.notice = notice; return View("ChangePasswd"); } } else if (Request.Params["hid_isFirst"] == "1" && !string.IsNullOrEmpty(Request.Params["uid"])) { nUserId = int.Parse(Request.Params["uid"]); sPasswd1 = Request.Params["passwd1"]; sPasswd2 = Request.Params["passwd2"]; mgr = new CallerMgr(connectionString); if (sPasswd1 == "" || sPasswd2 == "") { notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_NO_PASSWD + "'}"; ViewBag.notice = notice; return View("ChangePasswd"); } else if (sPasswd1 != sPasswd2) { notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_PASSWD_MISMATCH + "'}"; ViewBag.notice = notice; return View("ChangePasswd"); } //修改用戶狀態 try { mgr.Modify_User_Status(nUserId, 1); } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } } else { ViewBag.ConfirmSend = Resources.Login.ERROR_ACCESS_LIMIT; return View("NoticeShow"); } try { mgr.Modify_User_Password(nUserId, sPasswd2); } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_PASSWD_CHANGE_OK + "'}"; ViewBag.notice = notice; return View("LoginAgain"); }
public ActionResult DoForget() { object notice = new object(); if (!string.IsNullOrEmpty(Request.Params["txtEmail"])) { string _email = Request.Params["txtEmail"].Trim().ToLower(); if (!Regex.IsMatch(_email, @"^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$")) { notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_EMAIL_FORMAT_ERROR + "'}"; ViewBag.notice = notice; return View("Forget"); } Caller caller = null; ICallerImplMgr callerMgr = new CallerMgr(connectionString); UserLoginAttemptsMgr ulaMgr = new UserLoginAttemptsMgr(connectionString); try { caller = callerMgr.Login(_email); } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } if (caller == null) { notice = "{result:'Error',msg:'" + Resources.Login.ERROR_EMIAL_NOT_MATCH + "'}"; ViewBag.notice = notice; return View("Forget"); } if (caller.user_status >= 2) { notice = "{result:'Error',msg:'" + Resources.Login.ERROR_EMAIL_STATUS_INACTIVE + "'}"; ViewBag.notice = notice; UserLoginAttempts ula = new UserLoginAttempts(); ula.login_mail = caller.user_email; ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString()); ula.login_type = 3; ulaMgr.Insert(ula); return View("Forget"); } string sUser_Confirm_Code = BLL.gigade.Common.CommonFunction.Generate_Rand_String(8); BLL.gigade.Common.HashEncrypt hash = new BLL.gigade.Common.HashEncrypt(); try { callerMgr.Modify_User_Confirm_Code(caller.user_id, hash.SHA256Encrypt(sUser_Confirm_Code)); } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } /////////////////////// //發郵件 /////////////////////// //return Redirect("/Login/ChangePasswd?uid=" + caller.user_id + "&code=" + sUser_Confirm_Code); ViewBag.ConfirmSend = "請檢查您的E-mail信箱,以取得密碼的相關資訊!"; return View("NoticeShow"); } else { notice = "{result:'Notice',msg:'登錄信箱不能為空!'}"; ViewBag.notice = notice; return View("Forget"); } }