internal static ASPNetUserLimit GetASPNetUserLimit(ASPNetUserLimit model)
{
using (var cn = new MySqlConnection(sqlconnectionString))
{
cn.Open();
var i = cn.Query <ASPNetUserLimit>(@"
select * from " + database2 + @".aspnetuserslimit
where Username='******';");
cn.Close();
return(i.FirstOrDefault());
}
}
//UpdateASPNetUserReset
internal static int UpdateASPNetUserReset(ASPNetUserLimit model)
{
using (var cn = new MySqlConnection(sqlconnectionString))
{
cn.Open();
int i = cn.Execute(@"
update " + database2 + @".aspnetuserslimit set ErrorNum=0, LimitTime = NOW(),AllErrorNum=0
where Username=@Username;", model);
cn.Close();
return(i);
}
}
internal static int AddASPNetUserLimit(ASPNetUserLimit model)
{
using (var cn = new MySqlConnection(sqlconnectionString))
{
cn.Open();
var i = cn.Execute(@"
insert into " + database2 + @".aspnetuserslimit(Username,ErrorNum,LimitTime,AllErrorNum)
VALUES('" + model.Username + @"',1,DATE_ADD(NOW(),INTERVAL 5 MINUTE),1);
");
cn.Close();
return(i);
}
}
internal static int UpdateASPNetUserLimit(ASPNetUserLimit model)
{
ASPNetUserLimit limit = GetASPNetUserLimit(model);
if (limit == null)
{
return(AddASPNetUserLimit(model));
}
using (var cn = new MySqlConnection(sqlconnectionString))
{
cn.Open();
int i = cn.Execute(@"
update " + database2 + @".aspnetuserslimit set ErrorNum=ErrorNum+1, LimitTime =DATE_ADD( NOW(),INTERVAL 5 MINUTE),AllErrorNum=AllErrorNum+1
where Username=@Username;", model);
cn.Close();
return(i);
}
}
//[ValidateAntiForgeryToken]
public async Task <ActionResult> login(MLogin _login, string returnUrl)
{
string yzm = _login.YZM;
string sessYZM = Session["ValidateCode"].ToString();
var user = await UserManager.FindByNameAsync(_login.UserName);
string username = _login.UserName;
string passwd = _login.Password;
if (user == null || string.IsNullOrEmpty(user.UserName))
{
return(Json(
new { result = Result.UserDoesNotExist }
));
}
ASPNetUserLimit limit = OperLogBLL.GetASPNetUserLimit(new ASPNetUserLimit()
{
Username = username
});
if (limit != null)
{
if (limit.ErrorNum >= 3)
{
return(Json(
new { result = Result.ParaErrorCount }
));
}
}
if (_login.UserName != "admin")
{
if (yzm != sessYZM)
{
OperLogBLL.UpdateASPNetUserLimit(new ASPNetUserLimit()
{
Username = username
});
return(Json(
new { result = Result.ParaYZMError }
));
}
}
// 这不会计入到为执行帐户锁定而统计的登录失败次数中
// 若要在多次输入错误密码的情况下触发帐户锁定,请更改为 shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(username, passwd, isPersistent : true, shouldLockout : false);
switch (result)
{
case SignInStatus.Success:
//用户登录成功
AfterLoginSucess(username);
//SUBLL.AddLog(new LogInfo()
//{
// UserAccount = username,
// Detail = "",
// Content = "登入",
// CreateTime = DateTime.Now,
// LoginIP = Request.UserHostAddress,
// OperModule = "登录后台"
//});
OperLogBLL.InsertOperLog(new OperLog()
{
CreateTime = DateTime.Now.ToString(),
LeftMenu = "登入",
OperDetail = "",
OperType = "登入",
UserAccount = username,
UserName = username,
IP = Request.UserHostAddress
});
OperLogBLL.UpdateASPNetUserReset(new ASPNetUserLimit()
{
Username = username
});
return(Json(RedirectToLocal(returnUrl)));
case SignInStatus.LockedOut:
//return View("Lockout");
case SignInStatus.RequiresVerification:
//return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
//ModelState.AddModelError("", "无效的登录尝试。");
//return View(model);
OperLogBLL.UpdateASPNetUserLimit(new ASPNetUserLimit()
{
Username = username
});
return(Json(new { result = Result.PasswordIsIncorrect }));
}
}
public static int UpdateASPNetUserReset(ASPNetUserLimit model)
{
return(OperLogDAL.UpdateASPNetUserReset(model));
}
public static ASPNetUserLimit GetASPNetUserLimit(ASPNetUserLimit model)
{
return(OperLogDAL.GetASPNetUserLimit(model));
}