Esempio n. 1
0
        public ActionResult GetAppSecret(Controller controller)
        {
            JsonResult jsonr = new JsonResult();

            jsonr.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
            CertComm.ServerResult r = new CertComm.ServerResult();
            jsonr.Data = r;
            string appid = controller.Request["appid"];

            if (string.IsNullOrEmpty(appid))
            {
                r.code = -3;
                r.msg  = "请求参数appid不能为空";
                return(jsonr);
            }
            using (XXF.Db.DbConn PubConn = XXF.Db.DbConfig.CreateConn())
            {
                PubConn.Open();//打开基本
                bool ex = CertCenter.Models.AppDal.Instance.ExitAppid(PubConn, appid);
                if (!ex)
                {
                    r.code = -1;
                    r.msg  = "appid不存在";
                    return(jsonr);
                }

                CertCenter.Models.DbModels.app app = CertCenter.Models.AppDal.Instance.GetAppInfo(PubConn, appid);
                if (app == null)
                {
                    r.code = -1;
                    r.msg  = "appid不存在";
                    return(jsonr);
                }
                else
                {
                    r.code     = 1;
                    r.msg      = "OK";
                    r.response = app.appsecret;
                    return(jsonr);
                }
            }

            return(jsonr);
        }
Esempio n. 2
0
 public ActionResult Login(string appid, string returnurl)
 {
     if (!string.IsNullOrEmpty(appid))
     {
         using (XXF.Db.DbConn pubconn = XXF.Db.DbConfig.CreateConn())
         {
             pubconn.Open();
             string constr = CertCenter.Areas.CertApi.Models.ApiCommDal.GetConnStr(Models.DbModels.TokenType.managetoken);
             if (!string.IsNullOrEmpty(appid))
             {
                 CertCenter.Models.DbModels.app app = CertCenter.Models.AppDal.Instance.GetAppInfo(pubconn, appid);
                 if (app == null)
                 {
                     ViewBag.msg = "应用不存在";
                 }
                 else
                 {
                     ViewBag.appname = app.appname;
                 }
             }
         }
     }
     return(View());
 }
Esempio n. 3
0
        public static ActionResult GetApiList(Controller c, CertCenter.Models.DbModels.TokenType tokentype)
        {
            JsonResult jsonresult = new JsonResult();

            jsonresult.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
            CertComm.ServerResult r = new CertComm.ServerResult();
            jsonresult.Data = r;

            string token = c.Request.Params["token"];

            if (string.IsNullOrEmpty(token))
            {
                r.code = -905;
                r.msg  = "token不能为空。";
                return(jsonresult);
            }

            using (XXF.Db.DbConn PubConn = XXF.Db.DbConfig.CreateConn())
            {
                PubConn.Open();//打开基本

                #region token
                CertCenter.Models.DbModels.tb_token Token = CertCenter.Models.TokenDal.Instance.GetToken(PubConn, token, tokentype);
                if (Token == null || Token.expires.CompareTo(DateTime.Now) < 0)
                {
                    DeleteToken(PubConn, token, tokentype);
                    r.code = -101;
                    r.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(r.code);
                    return(jsonresult);
                }
                #endregion
                List <CertCenter.Models.DbModels.api> apis    = new List <CertCenter.Models.DbModels.api>();
                CertCenter.Models.DbModels.app        appinfo = CertCenter.Models.AppDal.Instance.GetAppInfo(PubConn, Token.appid);
                if (appinfo == null)
                {
                    DeleteToken(PubConn, token, tokentype);
                    r.code = -103;
                    r.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(r.code);
                    return(jsonresult);
                }
                int apptype = 0;
                switch (tokentype)
                {
                case CertCenter.Models.DbModels.TokenType.managetoken:
                    apptype = 0;
                    break;

                case CertCenter.Models.DbModels.TokenType.shoptoken:
                    apptype = 2;
                    break;

                case CertCenter.Models.DbModels.TokenType.usertoken:
                    apptype = 1;
                    break;
                }

                for (int i = appinfo.appgradeno; i > 0; i--)
                {
                    apis.AddRange(CertCenter.Models.ApiDal.Instance.GetGradeApis(PubConn, apptype, i));
                }
                r.code     = 1;
                r.response = apis;
                return(jsonresult);
            }
        }
Esempio n. 4
0
        public static ActionResult TestAuth(Controller c, CertCenter.Models.DbModels.TokenType tokentype)
        {
            JsonResult jsonresult = new JsonResult();

            jsonresult.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
            CertComm.ServerResult r = new CertComm.ServerResult();
            jsonresult.Data = r;

            string token       = c.Request.Params["token"];
            string _controller = c.Request.Params["controller"];
            string _area       = c.Request.Params["area"];
            string _action     = c.Request.Params["action"];

            string _apiname = c.Request.Params["apiname"];
            int    _apiid   = 0;

            int.TryParse(c.Request.Params["apiid"] ?? "", out _apiid);
            if (string.IsNullOrEmpty(token))
            {
                r.code = -905;
                r.msg  = "token不能为空。";
                return(jsonresult);
            }

            using (XXF.Db.DbConn PubConn = XXF.Db.DbConfig.CreateConn())
            {
                PubConn.Open();//打开基本

                #region token
                CertCenter.Models.DbModels.tb_token Ttoken = CertCenter.Models.TokenDal.Instance.GetToken(PubConn, token, tokentype);
                if (Ttoken == null || Ttoken.expires.CompareTo(DateTime.Now) < 0)
                {
                    DeleteToken(PubConn, token, tokentype);
                    r.code = -101;
                    r.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(r.code);
                    return(jsonresult);
                }
                #endregion

                //#region user
                //#endregion

                #region //应用
                CertCenter.Models.DbModels.app appitem = CertCenter.Models.AppDal.Instance.GetAppInfo(PubConn, Ttoken.appid);
                if (appitem == null)
                {
                    r.code = -103;
                    r.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(r.code);
                    return(jsonresult);
                }
                else if (appitem.freeze == 1)
                {
                    r.code = -107;
                    r.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(r.code);
                    return(jsonresult);
                }
                #endregion

                #region 接口
                int apptype = TokenTypeGetAppType(tokentype);

                CertCenter.Models.DbModels.api apiinfo = null;
                if (_apiid > 0)
                {
                    apiinfo = CertCenter.Models.ApiDal.Instance.Get(PubConn, _apiid);
                }
                else if (!string.IsNullOrEmpty(_apiname))
                {
                    apiinfo = CertCenter.Models.ApiDal.Instance.Get(PubConn, _apiname, apptype);
                }
                else
                {
                    apiinfo = CertCenter.Models.ApiDal.Instance.Get(PubConn, _area, _controller, _action, apptype);
                }

                if (apiinfo == null)
                {
                    r.code = -108;
                    r.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(r.code);
                    return(jsonresult);
                }
                if (apiinfo.freeze == 1)
                {
                    r.code = -106;
                    r.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(r.code);
                    return(jsonresult);
                }
                if (appitem.appgradeno < appitem.appgradeno || apptype != apiinfo.apptype)
                {
                    r.code = -105;
                    r.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(r.code);
                    return(jsonresult);
                }
                #endregion

                r.code     = 1;
                r.response = new { appid = Ttoken.appid, userid = Ttoken.userid, username = Ttoken.username, token = Ttoken.token, createtime = Ttoken.createtime.ToString("yyyy-MM-dd HH:mm:ss"), expires = Ttoken.expires.ToString("yyyy-MM-dd HH:mm:ss") };

                return(jsonresult);
            }
        }
Esempio n. 5
0
        public static ActionResult GetToken(Controller c, CertCenter.Models.DbModels.TokenType tokentype)
        {
            JsonResult jsonr = new JsonResult();

            jsonr.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
            CertComm.ServerResult sr = new CertComm.ServerResult();
            string msg = "";

            jsonr.Data = sr;

            //sr.code = 1;
            //sr.response = new CertCenter.Models.DbModels.tb_token()
            //{
            //    appid = "abc",
            //    token = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
            //    userid = "ad",
            //    id = "",
            //    username = "******"
            //};
            //return jsonr;

            Dictionary <string, string> para = CertCenter.Models.CertCenterComm.GetRequestPara(c, new string[] { "appid", "userid", "timespan", "sign", "pwd" });

            sr.code = CertCenter.Models.CertCenterComm.ValiFields(para, out msg);
            if (sr.code < 0)
            {
                sr.msg = msg;
                return(jsonr);
            }
            string userid   = para["userid"];
            string appid    = para["appid"];
            string pwd      = para["pwd"];
            string sign     = para["sign"];
            string timespan = para["timespan"];

            if (!CertComm.Authcomm.TestTimeSpanOk(timespan, 10 * 60))
            {
                sr.code = -102;
                sr.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(sr.code);
                return(jsonr);
            }
            using (XXF.Db.DbConn PubConn = XXF.Db.DbConfig.CreateConn())
            {
                PubConn.Open();//打开基本

                CertCenter.Models.DbModels.app appitem = CertCenter.Models.AppDal.Instance.GetAppInfo(PubConn, appid);
                if (appitem == null || TokenTypeGetAppType(tokentype) != appitem.apptype)
                {
                    sr.code = -103;
                    sr.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(sr.code);
                    return(jsonr);
                }
                else if (appitem.freeze == 1)
                {
                    sr.code = -107;
                    sr.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(sr.code);
                    return(jsonr);
                }

                string nowsign = CertComm.Authcomm.ToSign(para, appitem.appsecret);
                if (nowsign.ToLower() != para["sign"].ToLower())
                {
                    sr.code = -104;
                    sr.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(sr.code);
                    return(jsonr);
                }

                string bsconstr = GetConnStr(tokentype, userid);
                if (string.IsNullOrEmpty(bsconstr))
                {
                    sr.code = -112;
                    sr.msg  = CertCenter.Models.AUTH_CODE_MSG.Get(sr.code);
                    return(jsonr);
                }
                string username   = "";
                string identityid = "";
                using (XXF.Db.DbConn dydpubConn = XXF.Db.DbConfig.CreateConn(XXF.Db.DbType.SQLSERVER, bsconstr))
                {
                    dydpubConn.Open();
                    ////用户相关验证
                    switch (tokentype)
                    {
                    case CertCenter.Models.DbModels.TokenType.managetoken:
                        sr.code = ManageAccountVali(dydpubConn, userid, pwd, out username, out identityid);
                        break;

                    case CertCenter.Models.DbModels.TokenType.shoptoken:
                        string tt = "";
                        sr.code = ShopAccountVali(dydpubConn, userid, pwd, out username, out tt, out identityid);
                        userid  = tt;
                        break;

                    case CertCenter.Models.DbModels.TokenType.usertoken:
                        sr.code = UserAccountVali(dydpubConn, userid, pwd, out username, out identityid);
                        break;

                    default:
                        break;
                    }
                }
                if (sr.code < 0)
                {
                    sr.msg = CertCenter.Models.AUTH_CODE_MSG.Get(sr.code);
                    return(jsonr);
                }

                CertCenter.Models.DbModels.tb_token Ttoken = CertCenter.Models.TokenDal.Instance.GetToken(PubConn, userid, appid, tokentype);
                if (Ttoken == null || Ttoken.expires.CompareTo(DateTime.Now) < 0)
                {
                    if (Ttoken != null)
                    {
                        DeleteToken(PubConn, Ttoken.token, tokentype);
                    }
                    Ttoken          = new CertCenter.Models.DbModels.tb_token();
                    Ttoken.appid    = appid;
                    Ttoken.token    = Guid.NewGuid().ToString().Replace("-", "");
                    Ttoken.userid   = userid;
                    Ttoken.id       = identityid;
                    Ttoken.username = username;
                    CertCenter.Models.TokenDal.Instance.Add(PubConn, Ttoken, tokentype);
                }
                else
                {
                    Ttoken = RefreshToken(PubConn, Ttoken.token, username, tokentype);
                }
                sr.code     = 1;
                sr.response = new { appid = Ttoken.appid, userid = Ttoken.userid, username = Ttoken.username, token = Ttoken.token, createtime = Ttoken.createtime.ToString("yyyy-MM-dd HH:mm:ss"), expires = Ttoken.expires.ToString("yyyy-MM-dd HH:mm:ss"), id = Ttoken.id };
                return(jsonr);
            }
        }
Esempio n. 6
0
        public ActionResult Login(string userid, string pwd, string returnurl, string appid)
        {
            XXF.Db.DbConn pubconn = null;
            XXF.Db.DbConn dbconn  = null;
            try
            {
                pubconn = XXF.Db.DbConfig.CreateConn();
                pubconn.Open();
                ViewBag.userid = userid;
                ViewBag.pwd    = pwd;
                string constr = CertCenter.Areas.CertApi.Models.ApiCommDal.GetConnStr(Models.DbModels.TokenType.managetoken);
                if (!string.IsNullOrEmpty(appid))
                {
                    CertCenter.Models.DbModels.app app = CertCenter.Models.AppDal.Instance.GetAppInfo(pubconn, appid);
                    if (app == null)
                    {
                        ViewBag.msg = "应用不存在";
                        return(View());
                    }
                }

                dbconn = XXF.Db.DbConfig.CreateConn(constr);
                dbconn.Open();
                Models.DbModels.manage model = Models.AccountDal.Instance.getManage(dbconn, userid);
                if (model == null)
                {
                    ViewBag.msg = "用户名不存在";
                    return(View());
                }
                if (model.freeze == 1)
                {
                    ViewBag.msg = "用户已被冻结";
                    return(View());
                }
                if (pwd != model.pwd)
                {
                    ViewBag.msg = "密码不正确";
                    return(View());
                }
                //if (string.IsNullOrEmpty(appid))
                //{

                FormsAuthentication.SetAuthCookie(userid + " " + model.username, false);
                return(RedirectToAction("Index", "Home"));
                //}
                //else
                //{
                //    if (returnurl.Contains("?")&&returnurl.Contains("&"))
                //    {
                //        returnurl = returnurl + "&token="+;
                //    }
                //    return Redirect(returnurl);
                //}
            }
            catch (Exception ex)
            {
                throw ex;
            }
            finally
            {
                if (pubconn != null)
                {
                    pubconn.Dispose();
                }
                if (dbconn != null)
                {
                    dbconn.Dispose();
                }
            }
        }