public void OnActionExecuting(ActionExecutingContext context)
{
string user = context.HttpContext.Session.GetString("User");
if (user == null || user.Equals(string.Empty))
{
if (context.HttpContext.Request.Cookies["UserName"] != null && context.HttpContext.Request.Cookies["UserName"] != string.Empty && context.HttpContext.Request.Cookies["Password"] != null && context.HttpContext.Request.Cookies["Password"] != string.Empty)
{
dataProtectorUtil.PrivateKeyJson = cookieSettings.CookiePrivateKeyJson;
User userObj = userService.GetUserByUserName(dataProtectorUtil.DecryptString(context.HttpContext.Request.Cookies["UserName"]));
if (userObj.Password.Equals(dataProtectorUtil.DecryptString(context.HttpContext.Request.Cookies["Password"])))
{
context.HttpContext.Session.SetString("User", Newtonsoft.Json.JsonConvert.SerializeObject(userObj));
userService.AddLoginTimes(userObj.Id);
}
else
{
context.Result = new RedirectResult("/User/Login");
}
}
else
{
context.Result = new RedirectResult("/User/Login");
}
}
}
public bool ActivateUser(string code, string emailAddress, out string message)
{
// 解决get不能传“+”的问题
code = code.Replace("_", "+");
var user = userRepository.SelectByEmail(emailAddress);
if (user == null)
{
message = "用户不存在!";
return(false);
}
var email = emailRepository.SelectLastByUserId(user.Id, 0);
// 使用RSA解密算法,解密code
dataProtectorUtil.PrivateKeyJson = email.PrivateKeyJson;
string deCode = "";
try
{
deCode = dataProtectorUtil.DecryptString(code);
}
catch (FormatException)
{
message = "参数错误!";
return(false);
}
if (user.IsActivate)
{
message = "已经激活过了!";
return(false);
}
if (deCode.Equals(user.UserName + user.Password))
{
userRepository.UpdateStatus(user.Id, 1); // 1状态表示已经激活,且可以正常使用的状态
}
else
{
message = "激活码错误!";
return(false);
}
message = "激活成功!";
return(true);
}
public IActionResult Login(string password)
{
if (password == null || password.Equals(string.Empty))
{
return(new JsonResult(new { IsSuccess = false, Message = "请填写密码!" }));
}
// 解密password
dataProtectorUtil.PrivateKeyJson = HttpContext.Session.GetString("PrivateKeyJson");
dataProtectorUtil.PublicKeyJson = HttpContext.Session.GetString("PublicKeyJson");
password = dataProtectorUtil.DecryptString(password);
var configration = new ConfigurationBuilder().AddJsonFile("appGlobal.json").Build();
var truePassword = configration["ManagerPassword"];
if (password.Equals(truePassword))
{
HttpContext.Session.SetString("IsManagerLogin", true.ToString());
return(new JsonResult(new { IsSuccess = true }));
}
else
{
return(new JsonResult(new { IsSuccess = false, Message = "密码错误!" }));
}
}
public IActionResult Login(LoginViewModel model)
{
var result = new LoginResult();
result.IsValidUserName = true;
result.IsValidPassword = true;
if (model.UserName == null || model.UserName.Equals(string.Empty))
{
result.UserNameErrorMessage = "登陆用户名不可为空!";
result.IsValidUserName = false;
}
if (model.Password == null || model.Password.Equals(string.Empty))
{
result.PasswordErrorMessage = "密码不可为空!";
result.IsValidPassword = false;
}
if (result.IsValidUserName && result.IsValidPassword)
{
// 使用非对称解密算法,获取用户登录名和密码
dataProtectorUtil.PrivateKeyJson = HttpContext.Session.GetString("PrivateKeyJson");
dataProtectorUtil.PublicKeyJson = HttpContext.Session.GetString("PublicKeyJson");
model.UserName = dataProtectorUtil.DecryptString(model.UserName);
model.Password = dataProtectorUtil.DecryptString(model.Password);
User user = userService.GetUserByUserName(model.UserName);
if (user == null)
{
result.IsValidUserName = false;
result.UserNameErrorMessage = "该登陆用户名不存在!";
}
else
{
result.IsValidUserName = true;
if (model.Password.Equals(user.Password))
{
if (!user.IsActivate)
{
result.IsSuccess = false;
result.message = "该用户没有被激活!";
return(new JsonResult(result));
}
// 登陆信息正确,将用户信息写入Session
HttpContext.Session.SetString("User", Newtonsoft.Json.JsonConvert.SerializeObject(user));
result.IsValidPassword = true;
result.IsSuccess = true;
userService.AddLoginTimes(user.Id);
// 如果用户选择下次自动登陆,则将用户密码和用户登录名使用公钥加密后写入Cookie中
// Cookie加密使用本机上设置的密钥,不用现在生成
if (model.IsRemember)
{
dataProtectorUtil.PublicKeyJson = cookieSettings.CookiePublicKeyJson;
dataProtectorUtil.PrivateKeyJson = cookieSettings.CookiePrivateKeyJson;
HttpContext.Response.Cookies.Append("UserName", dataProtectorUtil.EncryptString(user.DisplayName), new CookieOptions()
{
Expires = DateTime.Now.AddDays(cookieSettings.ExpiresValue)
});
HttpContext.Response.Cookies.Append("Password", dataProtectorUtil.EncryptString(user.Password), new CookieOptions()
{
Expires = DateTime.Now.AddDays(cookieSettings.ExpiresValue)
});
}
return(new JsonResult(result));
}
else
{
result.IsValidPassword = false;
result.PasswordErrorMessage = "密码不正确!";
}
}
}
result.IsSuccess = false;
return(new JsonResult(result));
}
