/// <summary>
/// 新建用户
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
private async Task <ResponseBase> AddUser(SaveUserRequest request)
{
if (await _sysUserBll.ExistSysUserByAccount(request.Account))
{
return(new ResponseBase().GetResponseError(StatusCode.User40002, "用户帐号已存在"));
}
var userRole = _sysUserRoleBll.GetSysUserRole(request.UserRoleId);
if (userRole == null)
{
return(new ResponseBase().GetResponseError(StatusCode.UserRole30001, "角色不存在"));
}
var user = new SysUser()
{
NickName = request.NickName,
AuthorityValue = string.Empty,
Account = request.Account,
UserRoleId = request.UserRoleId,
DataFlag = (int)DataFlagEnum.Normal,
DataLimitArea = string.Empty,
DataLimitShop = string.Empty,
LastLoginTime = null,
StatusFlag = request.StatusFlag,
Pwd = CryptogramHelper.Encrypt3DES(request.Password),
DataLimitType = (int)DataLimitTypeEnum.Area
};
await _sysUserBll.AddUser(user);
return(ResponseBase.Success());
}
public void UserCreateTest()
{
var aa = CryptogramHelper.DESEncrypt("e10adc3949ba59abbe56e057f20f883e", "12345678");
var str = AppSettingsHelper.GetString("LogDirectory");
Console.Write(aa);
}
/// <summary>
/// url解密
/// </summary>
/// <param name="this"></param>
/// <returns></returns>
public static string UrlDecode(this string @this)
{
if (string.IsNullOrWhiteSpace(@this))
{
return(string.Empty);
}
return(CryptogramHelper.Decrypt3DES(HttpUtility.UrlDecode(@this).Replace(" ", "+")));
}
protected LoginUserView GetLoginUser(HttpContext httpContext)
{
if (httpContext.Request.Headers.ContainsKey("Token"))
{
string token = httpContext.Request.Headers["Token"];
var userJson = CryptogramHelper.DESDecrypt(token, DateTime.Now.ToString("yyyyMMdd"));
return(userJson.JsonDeserialize <LoginUserView>());
}
return(new LoginUserView());
}
/// <summary>
/// url加密
/// </summary>
/// <param name="this"></param>
/// <returns></returns>
public static string UrlEncode(this object @this)
{
var str = @this.ToString().Trim();
if (string.IsNullOrWhiteSpace(str))
{
return(string.Empty);
}
return(HttpUtility.UrlEncode(CryptogramHelper.Encrypt3DES(str)));
}
public ActionResult <object> ModifySysUserByPwd(string userPwd, string newPwd)
{
var userLogin = GetLoginUser(HttpContext);
var user = _repository.GetSysUserById(userLogin.UserId);
if (CryptogramHelper.GetMd5Hash(userPwd) == user.UserPwd)
{
user.UserPwd = CryptogramHelper.GetMd5Hash(newPwd);
return(_repository.ModifySysUser(user).ResponseSuccessFailure());
}
return(false.ResponseDataError("旧密码错误"));
}
public ActionResult <object> Login(string username, string password)
{
if (username.IsNullOrWhiteSpace() || password.IsNullOrWhiteSpace())
{
return(false.ResponseDataError("参数为空"));
}
var user = _repository.GetSysUserByName(username);
if (user == null)
{
return(false.ResponseDataError("账号或密码错误"));
}
if (CryptogramHelper.GetMd5Hash(password) != user.UserPwd)
{
if (user.IsLock && user.ModifyTime.Date == DateTime.Now.Date)
{
return(false.ResponseUnknown("账户错误次数过多,请明天在尝试"));
}
if (user.ModifyTime.Date != DateTime.Now.Date)
{
user.ErrorCount = 0;
user.IsLock = false;
}
user.ErrorCount += 1;
user.ModifyTime = DateTime.Now; //修改时间
if (user.ErrorCount >= 5)
{
user.IsLock = true;
}
_repository.ModifySysUserAsync(user); //异步更新数据
return(false.ResponseDataError("账号或密码错误"));
}
var roleIds = new List <int> {
user.RoleId
};
var model = new
{
token = SetLoginToken(user, roleIds),
name = user.UserName,
avatar = AppSettingsHelper.GetString("LoginUserAvatarUrl", "#"),
introduction = user.UserCode,
roles = roleIds.GetStringJoin(",")
};
user.ErrorCount = 0;
user.IsLock = false;
user.ModifyTime = DateTime.Now; //修改时间
_repository.ModifySysUserAsync(user); //异步更新数据
_cache.Set(model.token.GetHashCode(), model.token, DateTimeOffset.Now.AddHours(1)); //缓存数据1小时
return(model.ResponseSuccess());
}
/// <summary>
/// 重置用户密码
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public async Task <ResponseBase> ProcessAction(ResetPasswordRequest request)
{
var user = await _sysUserBll.GetSysUser(request.UserId);
if (user == null)
{
return(new ResponseBase().GetResponseError(StatusCode.User40001, "用户不存在"));
}
var newPwd = CryptogramHelper.Encrypt3DES(request.NewPassword);
await _sysUserBll.ChangePassword(request.UserId, newPwd);
return(ResponseBase.Success());
}
public ActionResult <object> ResetSysUserByPwd(int userId, string pwd)
{
var user = _repository.GetSysUser(userId);
if (user == null)
{
return(false.ResponseDataError());
}
user.UserPwd = CryptogramHelper.GetMd5Hash(pwd);
user.IsLock = false;
user.ErrorCount = 0;
return(_repository.ModifySysUser(user).ResponseSuccessFailure());
}
/// <summary>
/// 修改密码
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public async Task <ResponseBase> ProcessAction(ChangePasswordRequest request)
{
var user = await _sysUserBll.GetSysUser(request.LoginUserId);
var oldPwd = CryptogramHelper.Encrypt3DES(request.OldPassword);
if (oldPwd != user.Pwd)
{
return(new ResponseBase().GetResponseError(StatusCode.User40004, "旧密码不正确"));
}
var newPwd = CryptogramHelper.Encrypt3DES(request.NewPassword);
await _sysUserBll.ChangePassword(request.LoginUserId, newPwd);
return(ResponseBase.Success());
}
protected string SetLoginToken(SysUserEntity user, List <int> roleIds)
{
var sessionUser = new LoginUserView
{
//OrgId = user.OrgId,
UserName = user.UserName,
//UserCode = user.UserCode,
UserId = user.UserId,
RoleIds = roleIds
};
//HttpContext.Session.SetString(LoginSessionKey, sessionUser.JsonSerialize()); //存入缓存
//建议用redis存取加密密钥,和用户登录状态
//DES加密用户信息给出Token
return(CryptogramHelper.DESEncrypt(sessionUser.JsonSerialize(), DateTime.Now.ToString("yyyyMMdd")));
}
/// <summary>
/// 将参数解密并转成对应的数据类型
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="source"></param>
/// <returns></returns>
public static T UrlDecode <T>(this string source)
{
if (string.IsNullOrEmpty(source))
{
return(default(T));
}
var decodeStr = CryptogramHelper.Decrypt3DES(UrlHelper.UrlDecode(source).Replace(" ", "+"));
if (string.IsNullOrEmpty(decodeStr))
{
return(default(T));
}
try
{
return((T)Convert.ChangeType(decodeStr, typeof(T)));
}
catch (Exception)
{
return(default(T));
}
}
/// <summary>
/// url解密
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="this"></param>
/// <returns></returns>
public static T UrlDecode <T>(this string @this)
{
if (string.IsNullOrWhiteSpace(@this))
{
return(default(T));
}
var decodeStr = CryptogramHelper.Decrypt3DES(HttpUtility.UrlDecode(@this).Replace(" ", "+"));
if (string.IsNullOrEmpty(decodeStr))
{
return(default(T));
}
try
{
return((T)Convert.ChangeType(decodeStr, typeof(T)));
}
catch (Exception)
{
return(default(T));
}
}
/// <summary>
/// 根据用户id生成token
/// </summary>
/// <param name="userId">用户的id</param>
/// <returns>token内容</returns>
public static string GetJwt(int userId)
{
var now = DateTime.UtcNow;
var claims = new Claim[]
{
new Claim(JwtRegisteredClaimNames.Sub, CryptogramHelper.Encrypt3DES(userId.ToString(), UidKey)),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, now.ToUniversalTime().ToString(),
ClaimValueTypes.Integer64),
};
var jwt = new JwtSecurityToken(
claims: claims,
notBefore: now,
expires: DateTime.Now.AddMinutes(TokenTimeOut),
signingCredentials: new SigningCredentials(GetSecretKey(), SecurityAlgorithms.HmacSha256)
);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
return(encodedJwt);
}
/// <summary>
/// 用户登录
/// </summary>
/// <param name="httpContext"></param>
/// <param name="request"></param>
/// <returns></returns>
public async Task <ResponseBase> ProcessAction(HttpContext httpContext, LoginRequest request)
{
var response = new ResponseBase();
if (!await CheckUserLoginFailedRecord(request.UserAccount))
{
return(response.GetResponseError(StatusCode.Login20003, "登录失败次数超过限制"));
}
if (string.IsNullOrEmpty(request.UserAccount) || string.IsNullOrEmpty(request.UserPassword))
{
return(response.GetResponseBadRequest());
}
var pwd = CryptogramHelper.Encrypt3DES(request.UserPassword);
var user = await _sysUserBll.GetSysUser(request.UserAccount, pwd);
if (user == null)
{
await _sysUserBll.AddUserLoginFailedRecord(request.UserAccount, SystemConfig.UserLoginConfig.LoginFailedMaxCount, SystemConfig.UserLoginConfig.LoginFailedTimeOut);
return(response.GetResponseError(StatusCode.Login20001, "帐号或密码错误"));
}
if (user.StatusFlag == (int)UserStatusFlagEnum.Disable)
{
return(response.GetResponseError(StatusCode.Login20002, "帐号被禁用"));
}
var loginView = await GetLoginView(user);
var userRole = await _sysUserRoleBll.GetSysUserRole(user.UserRoleId);
AppTicket.SetAppTicket(httpContext, user, userRole);
await _sysUserBll.UpdateUserLastLoginTime(user.UserId, DateTime.Now);
await _sysUserBll.RemoveUserLoginFailedRecord(request.UserAccount);
AddUserLoginLog(user);
return(response.GetResponseSuccess(loginView));
}
/// <summary>
/// jwt token解密获取用户标识
/// </summary>
/// <param name="token">待验证的token</param>
/// <returns>验证后的用户id,当用户id为0或者产生异常则表示Token验证失败</returns>
public static int JwtValidate(string token)
{
try
{
var tokenHandler = new JwtSecurityTokenHandler();
var jwtToken = tokenHandler.ReadJwtToken(token);
SecurityToken secretToken = null;
var tokenValidationParameters = new TokenValidationParameters
{
// The signing key must match!
ValidateIssuerSigningKey = true,
ValidateAudience = false,
ValidateIssuer = false,
IssuerSigningKeys = new List <SecurityKey> {
GetSecretKey()
},
TokenDecryptionKey = GetSecretKey(),
// Validate the token expiry
ValidateLifetime = true,
};
var value = tokenHandler.ValidateToken(token, tokenValidationParameters, out secretToken);
var userIdClaim = jwtToken.Claims.FirstOrDefault(p => p.Type == JwtRegisteredClaimNames.Sub);
int userId = 0;
if (!string.IsNullOrEmpty(userIdClaim.Value))
{
Int32.TryParse(CryptogramHelper.Decrypt3DES(userIdClaim.Value, UidKey), out userId);
}
return(userId);
}
catch (SecurityTokenValidationException ex)
{
Log.Write($"Token校验不通过,token:{token}", MessageType.Error, typeof(JwtHelper), ex);
return(0);
}
}
/// <summary>
/// url加密
/// </summary>
/// <param name="source"></param>
/// <returns></returns>
public static string UrlEncode(this string source)
{
return(UrlHelper.UrlEncode(CryptogramHelper.Encrypt3DES(source)));
}
/// <summary>
/// url解密
/// </summary>
/// <param name="source"></param>
/// <returns></returns>
public static string UrlDecode(this string source)
{
return(CryptogramHelper.Decrypt3DES(UrlHelper.UrlDecode(source).Replace(" ", "+")));
}
public async Task <dynamic> ProcessRequest(Request request)
{
request.isValid = true;
var errorModel = new ErrorModel();
try
{
var val = await _messageService.GetErrorMessage("ECord1");
Logger.InformationLog($"In TransactionService.ProcessRequest, Process Request Start");
var merchantInfoResult = await _paymentService.GetMerchantInfo(errorModel, request.MerchantInfo.MerchantKey, request.MerchantInfo.IpAddress, Convert.ToInt32(request.MerchantInfo.ProcessorId));
if (errorModel.validationFailedMsg.Count > 0 || (errorModel.errors != null && errorModel.errors.Count > 0))
{
GatewayResult Result = BuildValidationOrErrorFailedStatusReturnObject(errorModel, request.MerchantInfo.TransactionType);
return(Result);
}
Logger.InformationLog($"In TransactionController.ProcessRequest, GetMerchantInfo: " + JsonConvert.SerializeObject(merchantInfoResult));
//If creditCardCryptogram is Not Null
if (!string.IsNullOrEmpty(request.CreditCardCryptogram) && string.IsNullOrEmpty(request.CardNumber))
{
var creditCardFromCryptogramResult = await _paymentService.GetCreditCardFromCryptogram(new PaymentDataFromCryptogramInput()
{
Cryptogram = request.CreditCardCryptogram,
TransactionType = Convert.ToString(request.MerchantInfo.TransactionType)
});
if (creditCardFromCryptogramResult.Message != null)
{
request.CardNumber = creditCardFromCryptogramResult.CardNumber;
request.CardExpMonth = Convert.ToInt32(creditCardFromCryptogramResult.CardExpMonth);
request.CardExpYear = Convert.ToInt32(creditCardFromCryptogramResult.CardExpYear);
request.CVV = Convert.ToInt32(creditCardFromCryptogramResult.CardSecurityCode);
request.ConvFeeAmount = Convert.ToDecimal(creditCardFromCryptogramResult.FeeAmount);
}
}
//If token number is null then call tokenizer to generate token number
if (string.IsNullOrEmpty(request.CreditCardToken) && !string.IsNullOrEmpty(request.CardNumber))
{
request.CreditCardToken = _paymentService.GetTokenFromCreditCard(request.CardNumber);
}
var oldToken = request.CreditCardToken;
//Check null values and MagData is empty
var isNullProperties = (!string.IsNullOrEmpty(request.CreditCardToken) && request.CardExpMonth != null &&
request.CardExpYear != null && string.IsNullOrEmpty(request.MagData));
var process = new Process();
if (isNullProperties)
{
request.isValid = false;
process.ExpMonth = request.CardExpMonth;
process.ExpYear = request.CardExpYear;
process.CardType = CreditCardHelper.GetCreditCardType(request.CardNumber ?? _paymentService.GetCreditCardNumberFromToken(request.CreditCardToken));
process.Token = request.CreditCardToken;
//GetUpdatedCardDetails
process = await _paymentService.GetUpdatedCardDetails(process);
//Re asign the expMonth, expYear and token
request.CardExpMonth = process.ExpMonth;
request.CardExpYear = process.ExpYear;
request.CreditCardToken = process.Token;
}
process = ValidateExpMonthAndYear(errorModel, process);
if (errorModel.validationFailedMsg.Count > 0 || (errorModel.errors != null && errorModel.errors.Count > 0))
{
GatewayResult Result = BuildValidationOrErrorFailedStatusReturnObject(errorModel, request.MerchantInfo.TransactionType);
return(Result);
}
ValidateExtensions.ValidateIpAddress(merchantInfoResult.IpAddress, errorModel);
if (merchantInfoResult.AccountType == IndustryTypesEnum.ach.ToString())
{
errorModel.errors.Add(string.Format("Invalid Account Type For Transaction ('{0}')", merchantInfoResult.AccountType));
return(null);
}
var ValidateHelper = new ValidateHelper();
var orderId = new ValidateHelper().ValidateOrderIdAndGenerateNewOrderIdIfNeededAsync(request, merchantInfoResult, errorModel);
process = await _paymentService.ValidateInitAndBuildProcessObject(request, merchantInfoResult, errorModel, process);
if (!request.isValid)
{
errorModel.validationFailedMsg.Add(new ValidationFailedMsg()
{
Key = "", Message = ""
}); //On Hold
}
if (errorModel.errors.Count > 0 || errorModel.validationFailedMsg.Count > 0)
{
GatewayResult Result = BuildValidationOrErrorFailedStatusReturnObject(errorModel, request.MerchantInfo.TransactionType);
return(Result);
}
if (!string.IsNullOrWhiteSpace(oldToken) && !string.IsNullOrWhiteSpace(process.Token))
{
if (!oldToken.Equals(process.Token))
{
process.CardNumber = _paymentService.GenerateCardNumberUsingToken(process.Token.Trim());
}
}
if (process != null && request.OtherFields != null && request.OtherFields.Count > 0)
{
_paymentService.ValidateAndAddCustomFields(process, request.OtherFields /*, info.processor*/);// On Hold
}
if (!string.IsNullOrWhiteSpace(request.CreditCardCryptogram))
{
request.expireCryptogram = CryptogramHelper.ForceExpireCryptogramAsync(_config.GetSection("CryptogramApi").Value, request);
}
IndustryTypesEnum industryType = request.MerchantInfo.accountType.ParseEnum <IndustryTypesEnum>();
return(process);
}
catch (Exception ex)
{
Logger.ErrorLog($"Exception In TransactionService.ProcessRequest. exception={ex.Message}, Trace={ex.StackTrace}");
throw ex;
}
finally
{
Logger.InformationLog($"Out TransactionService.ProcessRequest, Process Request End");
}
}
/// <summary>
/// 插入用户
/// </summary>
/// <param name="model"></param>
/// <returns></returns>
public bool AddSysUser(SysUserEntity model)
{
model.ModifyTime = DateTime.Now;
model.UserPwd = CryptogramHelper.GetMd5Hash(model.UserPwd);
return(_service.Insert(model));
}
