Esempio n. 1
0
 /// <summary>
 /// 时间签名校验
 /// </summary>
 /// <param name="signTime"></param>
 /// <returns></returns>
 protected bool CheckSignTime(string signTime)
 {
     try
     {
         if (!string.IsNullOrEmpty(signTime))
         {
             //获取请求签名时间
             var strTime = APIAESTool.AesDecrypt(signTime);
             //时间转换
             var time = strTime.ToDateTimeReq();
             //得到客户端发起请求时间与当前时间差
             var ts = DateTime.Now - time;
             //时间范围内
             if (ts.TotalSeconds <= 2 * 60)
             {
                 return(true);
             }
         }
     }
     catch (Exception)
     {
         return(false);
     }
     return(false);
 }
Esempio n. 2
0
 public object GetList(string signTime = "2018-05-21 08:55:00")
 {
     signTime = APIAESTool.AesEncrypt(signTime);
     if (!string.IsNullOrEmpty(signTime))
     {
         var isSign = CheckSignTime(signTime);
         if (!isSign)
         {
             return(Json(APIResult.GetErrorResult(MsgCode.SignTimeError)));
         }
     }
     return(APIResult.GetSuccessResult("token验证通过,已取得数据!"));
 }
Esempio n. 3
0
        public object UpdatePwd(UserPwd model)
        {
            if (model == null)
            {
                return(Json(APIResult.GetErrorResult("请输入旧密码!")));
            }

            string oldpwd = model.oldpwd;
            string pwd    = model.pwd;

            if (string.IsNullOrWhiteSpace(oldpwd))
            {
                return(Json(APIResult.GetErrorResult("请输入旧密码!")));
            }
            if (string.IsNullOrWhiteSpace(pwd))
            {
                return(Json(APIResult.GetErrorResult("请输入新密码!")));
            }
            if (pwd.Equals(oldpwd))
            {
                return(Json(APIResult.GetErrorResult("新密码不能和旧密码相同!")));
            }

            oldpwd = APIAESTool.AesDecrypt(oldpwd);
            oldpwd = DesTool.DesEncrypt(oldpwd);

            pwd = APIAESTool.AesDecrypt(pwd);
            pwd = DesTool.DesEncrypt(pwd);

            var user = CurrentUserView;

            if (user != null)
            {
                using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(user)))
                {
                    var result = proxy.UpdatePassword(user.UserId, oldpwd, pwd);
                    if (result.Flag == EResultFlag.Success)
                    {
                        return(Json(APIResult.GetSuccessResult("密码修改成功!")));
                    }
                    return(Json(APIResult.GetErrorResult(MsgCode.CommonError, result.Exception.Decription)));
                }
            }
            return(Json(APIResult.GetErrorResult(MsgCode.InvalidToken)));
        }
Esempio n. 4
0
        /// <summary>
        /// 执行登录
        /// </summary>
        /// <param name="user"></param>
        /// <param name="pwd">OCeSdjE6K7zhDnoxh07rqg==,是111111的aes加密结果,DF57306D30FED672是平台111111加密结果</param>
        /// <param name="type"></param>
        /// <param name="token">登录成功输出token</param>
        /// <returns></returns>
        private bool login(string user, string pwd, int sys, out string token)
        {
            //移动端过来的密码先通过通用解密,再通过c#加密
            pwd   = APIAESTool.AesDecrypt(pwd);
            pwd   = DesTool.DesEncrypt(pwd);
            token = "";

            #region 调用基础平台验证用户账号密码
            if (IsOpenHbLogin == "1")
            {
                string         url     = LoginUrl + "?RequestParam={%22Param%22:{%22envRoot%22:{%22Product%22:%22BIM%22},%22paramRoot%22:{%22UserName%22:%22" + user + "%22,%22UserPass%22:%22" + pwd + "%22}}}";
                HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
                request.Method      = "GET";
                request.ContentType = "multipart/form-data";

                string responseStr = string.Empty;
                using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
                {
                    StreamReader reader = new StreamReader(response.GetResponseStream(), Encoding.GetEncoding("UTF-8"));
                    responseStr = reader.ReadToEnd().ToString();
                    reader.Close();

                    LoginResult result = null;
                    if (!string.IsNullOrEmpty(responseStr))
                    {
                        result = JsonConvert.DeserializeObject <LoginResult>(responseStr);//将文件信息json字符
                    }

                    if (result == null || result.errorCode != "0")
                    {
                        return(false);
                    }
                }
            }
            #endregion

            //获取数据库用户信息
            Result <UserView> login = new Result <UserView>();
            using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx("")))
            {
                login = proxy.Login(user, pwd, IsOpenHbLogin);
            }
            if (login.Flag == 0 && login.Data != null)
            {
                string tempToken = sys == 1 ? login.Data.AndroidToken : login.Data.IosToken;//模拟用户数据库中的token
                //先去数据库查询该用户是否有token,没有则生成token
                if (!string.IsNullOrEmpty(tempToken))
                {
                    DateTime expiryTime = sys == 1 ? login.Data.AndroidTokenTime.Value : login.Data.IosTokenTime.Value;//模拟用户数据库中的token过期时间
                    //如果用户有token,检查是否在有效期
                    if (DateTime.Now <= expiryTime)
                    {
                        token = tempToken;
                    }
                }
                //无token或不在有效期则生成新token
                if (string.IsNullOrEmpty(token))
                {
                    token = CreateToken(sys);
                }

                using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(login.Data)))
                {
                    Result <Base_User> baseUser = proxy.GetUserModel(login.Data.UserId);
                    Base_User          u        = baseUser.Data;
                    if (sys == 1)
                    {
                        u.AndroidToken     = token;
                        u.AndroidTokenTime = DateTime.Now.AddDays(7);
                    }
                    else
                    {
                        u.IosToken     = token;
                        u.IosTokenTime = DateTime.Now.AddDays(7);
                    }
                    var xxx = proxy.UpdateUser(u);
                }
                //TODO:因目前的token只是一个验证凭据,本身不附带业务信息,所以加密需求不强,但一定要使用https连接;如后期有扩展token需求,需要做加密或签名操作
                return(true);
            }
            else
            {
                return(false);
            }
        }