public ActionResult DelTokey(Acc acc) { //管理员帐号保护 if(acc.ID == "admin") { return Json(new MoMessage(false, "系统管理员,无法删除!")); } //其它正常操作 var db = DataQuery<Acc>.Entity(a => a.GD == acc.GD && a.ID == acc.ID); if (db == null) { return Json(new MoMessage(false, "提交数据有误")); } else { if (DataQuery<Acc>.Expression(a => a.Parent == db.GD).Count() != 0) { return Json(new MoMessage(false, "有下级用户,无法删除")); } else { DataADU<Acc>.Delete(db); return Json(db); } } }
public MoLogin(string ip, string dns, string browser, Acc acc) { ID = acc.ID; GD = acc.GD; Name = acc.Name; Parent = acc.Parent; Browser = new MoBrowser(ip, dns, browser); }
public ActionResult AddTokey(Acc acc) { acc.GD = Guid.NewGuid().ToString().ToUpper(); acc.RegTime = DateTime.Now; acc.Parent = MyLogin.GetLogin(Session).GD; acc.Pwd = MyPwd.Password(acc.GD, acc.ID, acc.Pwd); //添加记录 DataADU<Acc>.Add(ModelState, acc); return Json(acc); }
public static void AddLog(HttpRequestBase re, Acc acc, string message) { var db = new Logi { LoginBrower = re.Browser.Browser, LoginIP = re.UserHostAddress, LoginTime = DateTime.Now, LoginName = acc.ID, LoginPassword = acc.Pwd, LoginMessage = message }; DataADU<Logi>.Add(db); }
public static bool FixedOfIP(HttpRequestBase re, Acc acc) { //同IP登录错误不得超过10次 //五分钟超过10次,封停 var logintime = DateTime.Now.AddMinutes(-5); var ip = DataQuery<Logi>.Expression(a => a.LoginTime > logintime && a.LoginIP == re.UserHostAddress); if (ip.Count() >= int.Parse(MyProp.PropValue(MyKeys.AUTO_PROP_IP_FIXED_TIMES_PER_MINUTE))) { return true; } else { //没有超过,放行 return false; } }
public static void SaveLog(HttpSessionStateBase se, HttpRequestBase re, Acc acc, string message) { MoLogin mo = new MoLogin(re.UserHostAddress, re.UserHostName, re.Browser.Browser, acc); se[MyKeys.SESSION_LOGIN] = mo; //记录成功登录时间 var d = new Logi { LoginBrower = re.Browser.Browser, LoginIP = re.UserHostAddress, LoginTime = DateTime.Now, LoginName = acc.ID, LoginPassword = acc.Pwd, LoginMessage = message }; DataADU<Logi>.Add(d); }
public ActionResult Login(Acc acc) { //封IP if (MyLogin.FixedOfIP(Request, acc)) { //MyLogin.AddLog(Request, acc, "登录动作过频"); //动作过频,不能记录 return Json(new MoError { error = true, message = "错误:登录动作过频,请稍等!" }); } //1、检测用户名是否正确 var db = DataQuery<Acc>.Entity(a => a.ID == acc.ID); if (db == null) { MyLogin.AddLog(Request, acc, "未注册用户"); return Json(new MoError { error = true, message = "错误:未注册用户,无法登录!" }); } //1.1、验证检测 acc.GD = MyGD.GetGD("Adminacc", acc.ID); if (acc.GD != db.GD) { MyLogin.AddLog(Request, acc, "提交数据无法验证"); return Json(new MoError { error = true, message = "错误:提交数据无法通过验证!" }); } //2、检测密码是否正确 if (MyPwd.Password(acc.ID, acc.GD, acc.Pwd) != db.Pwd) { MyLogin.AddLog(Request, acc, "密码有误"); return Json(new MoError { error = true, message = "错误:密码有误,请重新输入!" }); } if (db.Fixed) { //登录失败:添加日志 MyLogin.AddLog(Request, db, "用户被冻结"); return Json(new MoError { error = true, message = "错误:用户被冻结,请联系管理员!" }); } else { //登录成功:记录,并,退出 MyLogin.SaveLog(Session, Request, db, "登录成功"); return Json(new MoError { error = false, message = string.Format("用户:{0}成功登录!", db.ID) }); } }
public ActionResult EditTokey(Acc acc) { var db = DataQuery<Acc>.Entity(a => a.GD == acc.GD && a.ID == acc.ID); if (db == null) { return Json(new MoMessage(false, "提交数据有误")); } else { //密码如果改变,则重新加密 acc.Pwd = acc.Pwd == db.Pwd ? acc.Pwd : MyPwd.Password(acc.GD, acc.ID, acc.Pwd); //管理员admin帐号不能冻结 acc.Fixed = acc.ID == "admin" ? false : acc.Fixed; //别的属性直接从数据库拿出来 acc.RegTime = db.RegTime; acc.Parent = db.Parent; DataADU<Acc>.Update(ModelState, acc); return Json(acc); } }
public static bool FixedOfLogon(HttpSessionStateBase se, HttpRequestBase re, HttpResponseBase res, Acc acc) { return false; }