public Response UpdatePwd(PwdVo vo)
{
ESSChannelStaff staff = StaffService.QueryStaffById(Convert.ToInt32(vo.UserId));
if (staff == null)
{
throw new Exception("用户不存在!");
}
//反转字符串
var array = vo.Noncestr.ToCharArray();
Array.Reverse(array);
var key = new string(array);
// md5加密
var md5 = new MD5CryptoServiceProvider();
byte[] output1 = md5.ComputeHash(Encoding.Default.GetBytes(key));
var keyStr = BitConverter.ToString(output1).Replace("-", "").ToLower();
var ivChar = keyStr.ToCharArray();
Array.Reverse(ivChar);
var iv = new string(ivChar);
byte[] output2 = md5.ComputeHash(Encoding.Default.GetBytes(iv));
var ivStr = BitConverter.ToString(output2).Replace("-", "").ToLower().Substring(0, 16);
//密码解密
var password = AES256Helper.Decrypt(vo.Pwd, Encoding.Default.GetBytes(keyStr), Encoding.Default.GetBytes(ivStr));
var isSuccess = BouncyCastleHashing.ValidatePassword(password, staff.SALT, staff.PASSWORD);
if (isSuccess)
{
//生成新密码
byte[] saltBytes = BouncyCastleHashing.CreateSalt();
var newPwd = AES256Helper.Decrypt(vo.NewPwd, Encoding.Default.GetBytes(keyStr), Encoding.Default.GetBytes(ivStr));
var encrypt = BouncyCastleHashing.EncryptionPassword(newPwd, saltBytes);
staff.SALT = Convert.ToBase64String(saltBytes);
staff.PASSWORD = encrypt;
return(new Response
{
Result = 1
});
}
else
{
return(new Response
{
Errcode = ExceptionHelper.UNKNOWN,
Errmsg = "登录密码错误!"
});
}
}
public IActionResult OnPost()
{
var config = ConfigHelper.Get();
if (config != null)
{
if (config.CanLoginDate > DateTime.Now)
{
Tip = "ÃÜÂë´íÎ󳬹ý3´Î£¬Ëø¶¨5·ÖÖÓ";
return(Page());
}
if (config.Pwd.Trim() != Pwd)
{
Tip = "ÃÜÂë´íÎó";
config.PwdErrorCount += 1;
if (config.PwdErrorCount > 3)
{
config.PwdErrorCount = 0;
config.CanLoginDate = DateTime.Now.AddMinutes(5);
Tip = "ÃÜÂë´íÎ󳬹ý3´Î£¬Ëø¶¨5·ÖÖÓ";
}
ConfigHelper.Save(config);
return(Page());
}
}
else
{
var rijndaelManaged = Rijndael.Create();
rijndaelManaged.Mode = CipherMode.ECB;
rijndaelManaged.Padding = PaddingMode.PKCS7;
rijndaelManaged.GenerateKey();
config = new ConfigModel
{
Pwd = Pwd,
AESKey = rijndaelManaged.Key
};
ConfigHelper.Save(config);
}
string token = AES256Helper.Encrypt(DateTime.Now.AddMinutes(1).ToString(), config.AESKey);
Response.Cookies.Append(Constants.CookieName, token);
return(RedirectToPage("Index"));
}
public Response Login(LoginVO vo)
{
if (vo.Phone == "administrator")
{
//反转字符串
var array = vo.Noncestr.ToCharArray();
Array.Reverse(array);
var key = new string(array);
// md5加密
var md5 = new MD5CryptoServiceProvider();
byte[] output1 = md5.ComputeHash(Encoding.Default.GetBytes(key));
var keyStr = BitConverter.ToString(output1).Replace("-", "").ToLower();
var ivChar = keyStr.ToCharArray();
Array.Reverse(ivChar);
var iv = new string(ivChar);
byte[] output2 = md5.ComputeHash(Encoding.Default.GetBytes(iv));
var ivStr = BitConverter.ToString(output2).Replace("-", "").ToLower().Substring(0, 16);
//密码解密
var password = AES256Helper.Decrypt(vo.Password, Encoding.Default.GetBytes(keyStr), Encoding.Default.GetBytes(ivStr));
var isSuccess = BouncyCastleHashing.ValidatePassword(password, ADMIN_DEFAULT_SALT, ADMIN_DEFAULT_PWD);
if (isSuccess)
{
var token = JwtHelper.GenerateToken(-1, "administrator", 2);
var user = new
{
userId = -1,
userName = "******",
channelName = "系统管理员",
roleId = -1,
channelId = -1,
XCXOPENID = "-1",
auth = AuthorityService.GenerateVueMenu(0, true)
};
//生成keyStr
var nonceStr = TimeStampHelper.ToTimeStamp(DateTime.Now) / 50 * 90;
byte[] output3 = md5.ComputeHash(Encoding.UTF8.GetBytes(nonceStr.ToString()));
var keyStr2 = BitConverter.ToString(output3).Replace("-", "").ToLower();
//反转keyStr 生成 ivStr
var ivChar2 = keyStr2.ToCharArray();
Array.Reverse(ivChar2);
var iv2 = new string(ivChar2);
byte[] output4 = md5.ComputeHash(Encoding.UTF8.GetBytes(iv2));
var ivStr2 = BitConverter.ToString(output4).Replace("-", "").ToLower().Substring(0, 16);
//加密
var payload = AES256Helper.Encrypt(JsonConvert.SerializeObject(user), Encoding.UTF8.GetBytes(keyStr2), Encoding.UTF8.GetBytes(ivStr2));
return(new Response
{
Result = new
{
token,
payload,
noncestr = nonceStr,
vueRouter = AuthorityService.GenerateVueRouter(0, true)
}
});
}
else
{
return(new Response
{
Errcode = ExceptionHelper.UNKNOWN,
Errmsg = "密码错误!"
});
}
}
else
{
dynamic staff = StaffService.QuerySystemUserByPhoneNumber(vo.Phone);
if (staff == null)
{
return(new Response
{
Errcode = 10000,
Errmsg = "用户不存在或已被禁用"
});
}
else
{
//反转字符串
var array = vo.Noncestr.ToCharArray();
Array.Reverse(array);
var key = new string(array);
// md5加密
var md5 = new MD5CryptoServiceProvider();
byte[] output1 = md5.ComputeHash(Encoding.Default.GetBytes(key));
var keyStr = BitConverter.ToString(output1).Replace("-", "").ToLower();
var ivChar = keyStr.ToCharArray();
Array.Reverse(ivChar);
var iv = new string(ivChar);
byte[] output2 = md5.ComputeHash(Encoding.Default.GetBytes(iv));
var ivStr = BitConverter.ToString(output2).Replace("-", "").ToLower().Substring(0, 16);
//密码解密
var password = AES256Helper.Decrypt(vo.Password, Encoding.Default.GetBytes(keyStr), Encoding.Default.GetBytes(ivStr));
var isSuccess = BouncyCastleHashing.ValidatePassword(password, (string)staff["SALT"], (string)staff["PASSWORD"]);
if (isSuccess)
{
var token = JwtHelper.GenerateToken((int)staff["FID"], (string)staff["FJOB"], 2);
var user = new
{
userId = (int)staff["FID"],
userName = (string)staff["FNAME"],
channelName = (string)staff["CHANNELNAME"],
channelCode = (string)staff["FCHANNELCODE"],
channelId = (int)staff["FCHANNELID"],
customerId = (int)staff["FCUSTOMERID"],
channelTypeId = (int)staff["FCHANNELTYPEID"],
channelTypeName = (string)staff["FCHANNELTYPENAME"],
roleId = (int)staff["FROLEID"],
modules = BaseDataDao.QueryRoleHasModules((int)staff["FROLEID"]).Select(x => x.FNAME).ToList(),
pers = BaseDataDao.QueryRoleHasPermissions((int)staff["FROLEID"]),
auth = AuthorityService.GenerateVueMenu((int)staff["FROLEID"], false),
XCXOPENID = (string)staff["XCXOPENID"],
FMOBILE = (string)staff["FMOBILE"]
};
//生成keyStr
var nonceStr = TimeStampHelper.ToTimeStamp(DateTime.Now) / 50 * 90;
byte[] output3 = md5.ComputeHash(Encoding.UTF8.GetBytes(nonceStr.ToString()));
var keyStr2 = BitConverter.ToString(output3).Replace("-", "").ToLower();
//反转keyStr 生成 ivStr
var ivChar2 = keyStr2.ToCharArray();
Array.Reverse(ivChar2);
var iv2 = new string(ivChar2);
byte[] output4 = md5.ComputeHash(Encoding.UTF8.GetBytes(iv2));
var ivStr2 = BitConverter.ToString(output4).Replace("-", "").ToLower().Substring(0, 16);
//加密
var payload = AES256Helper.Encrypt(JsonConvert.SerializeObject(user), Encoding.UTF8.GetBytes(keyStr2), Encoding.UTF8.GetBytes(ivStr2));
return(new Response
{
Result = new
{
token,
payload,
noncestr = nonceStr,
vueRouter = AuthorityService.GenerateVueRouter(user.roleId, false)
}
});
}
else
{
return(new Response
{
Errcode = ExceptionHelper.UNKNOWN,
Errmsg = "密码错误!"
});
}
}
}
}
