public static St_user CheckUser(string userName, string pass) { if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(pass)) { using (var db = DBService.OpenDb()) { var user = db.SingleOrDefault <St_user>("LoginName={0} AND LoginPass={1} AND Status<5", userName, DBService.SHA1Hash(pass)); if (user != null && user.Id > 0) { var claims = new List <Claim>(); claims.Add(new Claim(ClaimTypes.Name, userName)); claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())); claims.Add(new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity")); int rid = 0; claims.Add(new Claim(ClaimTypes.Role, rid.ToString())); claims.Add(new Claim("Sex", user.Sex.HasValue && user.Sex.Value ? "1" : "0")); claims.Add(new Claim("DisplayName", user.Name)); return(user); } } } return(null); }
public static ClaimsIdentity CheckIdentity(string userName, string pass, bool fromadmin) { if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(pass)) { using (var db = DBService.OpenDb()) { var user = db.SingleOrDefault <St_user>("LoginName={0} AND LoginPass={1} AND Status<5", userName, DBService.SHA1Hash(pass)); if (user != null && user.Id > 0) { var claims = new List <Claim>(); claims.Add(new Claim(ClaimTypes.Name, userName)); claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())); claims.Add(new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity")); int rid = 0; if (fromadmin && user.RoleId.HasValue && user.RoleId.Value != 0) { rid = user.RoleId.Value == -1 && user.LoginName.Equals("admin", StringComparison.InvariantCultureIgnoreCase) ? -1 : 1; } claims.Add(new Claim(ClaimTypes.Role, rid.ToString())); claims.Add(new Claim("Sex", user.Sex.HasValue && user.Sex.Value ? "1" : "0")); claims.Add(new Claim("DisplayName", user.Name ?? user.LoginName)); //管理员5分钟之内禁止再次登录,会员2分钟 var minutes = fromadmin ? 5 : 2; if (!user.LastTime.HasValue || string.IsNullOrEmpty(user.LoginToken) || (user.LastTime.HasValue && user.LastTime.Value < DateTime.Now.AddMinutes(-minutes))) { var token = Guid.NewGuid().ToString(); db.Update <St_user>(new { LoginToken = token, LastTime = DateTime.Now }, us => us.Id == user.Id); claims.Add(new Claim("Token", token)); } else { return(null); } var identity = new ClaimsIdentity(claims, "MyClaimsLogin"); return(identity); } } } return(null); }