public ActionResult ShortcutSignIn(string phone, string code) { if (string.IsNullOrEmpty(phone) || string.IsNullOrEmpty(code)) { return(Json(new { Success = false, Message = "手机号和验证码不能为空" })); } var entity = new AccountSign() { MobilePhone = phone, ValidationCode = code }; var signResult = new AccountController().ShortcutSignIn(entity); if (signResult.SignStatus != SignStatus.Success) { return(Json(new { Success = false, Message = "验证码错误" })); } var account = AnonymousAccount.FindLastByPassport(signResult.Account.PassportId); if (account == null) { return(Json(new { Success = false, Message = "Token已失效" })); } CookieHelper.SetCookie(AccountAuthentication.TokenKey, account.Token.AccessToken); return(Json(new { Success = true, Message = "登陆成功" })); }
public ActionResult SignIn(string phone, string password) { if (string.IsNullOrEmpty(phone) || string.IsNullOrEmpty(password)) { return(Json(new { Success = false, Message = "手机号和密码不能为空" })); } var entity = new AccountSign() { MobilePhone = phone, Password = password }; UserPassport userPassport = null; var success = AccountAuthentication.SignIn(phone, password, null, out userPassport); if (!success) { return(Json(new { Success = false, Message = "手机号或密码错误" })); } var account = AnonymousAccount.FindLastByPassport(userPassport.PassportId); if (account == null) { return(Json(new { Success = false, Message = "Token已失效" })); } CookieHelper.SetCookie(AccountAuthentication.TokenKey, account.Token.AccessToken); return(Json(new { Success = true, Message = "登陆成功" })); }
/// <summary> /// /// </summary> /// <param name="account"></param> /// <param name="passport"></param> public AccountEntity(AnonymousAccount account, UserPassport passport) { this.SetPropertyValues(account.GetPropertyValues()); if (null != passport && null != passport.Profile) { this.UserProfile = passport.Profile; this.MobilePhone = passport.MobilePhone; this.MultipleProfiles = passport.MultipleProfiles; this.IMAccount = AccountAuthentication.LoadIMAccount(passport.Profile); } }
public static void SignOut() { MvcContext.Current.PassportId = 0; MvcContext.Current.UserPassport = null; MvcContext.Current.ClientAccount = null; var deviceKey = HttpContext.Current.Request.Headers[DeviceKey]; var deviceId = 0L; if (false == string.IsNullOrEmpty(deviceKey) && false == long.TryParse(deviceKey, out deviceId) && deviceId > 0) { var account = AnonymousAccount.CreateNew(deviceId); MvcContext.Current.ClientAccount = account; } }
public static AnonymousAccount CreateNew(ClientDevice device) { if (null == device) { return(null); } device.DeviceId = 0; device.CreatedTime = DateTime.Now; device.ModifiedTime = device.CreatedTime; device.Save(); var account = AnonymousAccount.CreateNew(device.DeviceId); return(account); }
internal static AnonymousAccount LoadAuthenticationInfo() { var accessToken = HttpContext.Current.Request.Headers[TokenKey]; var clientId = HttpContext.Current.Request.Headers[DeviceKey]; if (string.IsNullOrEmpty(accessToken)) { accessToken = CookieHelper.GetValue(TokenKey); } if (string.IsNullOrEmpty(accessToken)) { return(null); } var account = AnonymousAccount.FindByAccessToken(accessToken); return(account); }
/// <summary> /// /// </summary> /// <param name="account"></param> /// <param name="clientIP"></param> /// <param name="phone"></param> /// <returns></returns> public static MessageResult SendSMSValidationCode(AnonymousAccount account, string clientIP, string phone) { var validationCode = GenerateAuthCode(6); if (false == CheckSMSSecurityStrategy(account, clientIP, phone)) { return(MessageResult.FailedResult("-1", "短信发送受限")); } var cache = CacheManager.GetCache(ModuleEnvironment.SMSCacheName); cache.Set(phone, validationCode); MessageResult result = null; if (SmsRegister.Contains("{0}")) { var smsContent = string.Format(SmsRegister, validationCode); result = SendSMS(account.PassportId, phone, smsContent); var smsMessage = new SmsMessage() { PassportId = account.PassportId, MobilePhone = phone, Content = smsContent, SendStatus = result.Success ? "Success" : "Failed", FailedReason = null == result.ErrorMessage ? result.ErrorCode : result.ErrorMessage }; smsMessage.Save(); } else { result = SendTempleteSMS(phone, SmsRegister, new string[] { validationCode, SmsIntervalMinutes.ToString() }); var smsMessage = new SmsMessage() { PassportId = account.PassportId, MobilePhone = phone, Content = string.Format("验证码:{0}, 短信模板:{1}", validationCode, SmsRegister), SendStatus = result.Success ? "Success" : "Failed", FailedReason = null == result.ErrorMessage ? result.ErrorCode : result.ErrorMessage }; smsMessage.Save(); } LogManager.GetLogger().Info("SendSMSValidationCode[{0}] => {1} : {2}", result.Success, phone, validationCode); return(result); }
private static bool CheckSMSSecurityStrategy(AnonymousAccount account, string clientIP, string phone) { if (null == account || null == account.Token) { return(false); } if (string.IsNullOrEmpty(clientIP)) { return(false); } if (null != HttpContext.Current) { if (HttpContext.Current.Request.ServerVariables.AllKeys.Contains("HTTP_USER_AGENT") && null != ModuleEnvironment.SMSRejectUserAgents) { var userAgent = HttpContext.Current.Request.ServerVariables["HTTP_USER_AGENT"].ToLower(); foreach (var item in ModuleEnvironment.SMSRejectUserAgents) { if (userAgent.Contains(item)) { LogManager.GetLogger().Warn("CheckSMSSecurityStrategy[RejectUserAgents] failed! {0} [{1}::{2}::{3}] => {4} ", phone, account.Token.PassportId, clientIP, account.Token.AccessToken, userAgent); return(false); } } } if (null != ModuleEnvironment.SMSRejectIPs) { foreach (var item in ModuleEnvironment.SMSRejectIPs) { if (clientIP.StartsWith(item)) { LogManager.GetLogger().Warn("CheckSMSSecurityStrategy[RejectIPs] failed! {0} [{1}::{2}::{3}] ", phone, account.Token.PassportId, clientIP, account.Token.AccessToken); return(false); } } } } var cache = CacheManager.GetCache(ModuleEnvironment.SMSSecurityStrategyCache); // check Phone times var phoneTimes = cache.Get <int>(phone); if (phoneTimes >= ModuleEnvironment.SMSSecurityMobilePhoneLimit) { LogManager.GetLogger().Warn("CheckSMSSecurityStrategy[MobilePhone] failed! {0} [{1}::{2}::{3}] => {4} ", phone, account.Token.PassportId, clientIP, account.Token.AccessToken, phoneTimes); return(false); } // check Token times var tokenTimes = cache.Get <int>(account.Token.AccessToken); if (tokenTimes >= ModuleEnvironment.SMSSecurityTokenLimit) { LogManager.GetLogger().Warn("CheckSMSSecurityStrategy[AccessToken] failed! {0} [{1}::{2}::{3}] => {4} ", phone, account.Token.PassportId, clientIP, account.Token.AccessToken, tokenTimes); return(false); } // check PassportId times var passportIdTimes = 0; if (account.Token.PassportId > 0) { passportIdTimes = cache.Get <int>(account.Token.PassportId); if (passportIdTimes >= ModuleEnvironment.SMSSecurityPassportLimit) { LogManager.GetLogger().Warn("CheckSMSSecurityStrategy[PassportId] failed! {0} [{1}::{2}::{3}] => {4} ", phone, account.Token.PassportId, clientIP, account.Token.AccessToken, passportIdTimes); return(false); } } // check ClientIP times var clientIPTimes = cache.Get <int>(clientIP); if (clientIPTimes >= ModuleEnvironment.SMSSecurityIPLimit) { LogManager.GetLogger().Warn("CheckSMSSecurityStrategy[ClientIP] failed! {0} [{1}::{2}::{3}] => {4} ", phone, account.Token.PassportId, clientIP, account.Token.AccessToken, clientIPTimes); return(false); } cache.Set(phone, ++phoneTimes); cache.Set(account.Token.AccessToken, ++tokenTimes); cache.Set(clientIP, ++clientIPTimes); if (account.Token.PassportId > 0) { cache.Set(account.Token.PassportId, ++passportIdTimes); } LogManager.GetLogger().Info("CheckedSMSSecurityStrategy success! [{0}=>{1}] [{2}=>{3}] [{4}=>{5}] [{6}=>{7}] " , phone, phoneTimes , account.Token.AccessToken, tokenTimes , account.Token.PassportId, passportIdTimes , clientIP, clientIPTimes); return(true); }