public ActionResult login(string tendangnhap, string matkhau)
{
var dal = new WebMasterDAL();
var getpwd = dal.getpasswordbytk(tendangnhap);
if (getpwd == null)
{
ModelState.AddModelError("", "Sai Tài Khoản! Vui lòng kiểm tra lại");
}
else
{
if (MD5Encryptor.MD5Hash(matkhau).Equals(getpwd))
{
var web = dal.getuserbytk(tendangnhap);
var wSession = new weblogin();
wSession.MAWEBMASTER = web.MAWEBMASTER;
wSession.TENDANGNHAP = web.TENDANGNHAP;
wSession.TENWEBMASTER = web.TENWEBMASTER;
wSession.EMAIL = web.EMAIL;
wSession.MATKHAU = web.MATKHAU;
wSession.SDT = web.SDT;
Session.Add(constant.WEBMASTER_SESSION, wSession);
return(RedirectToAction("listmuagoitin", "quanlimer"));
}
else
{
ModelState.AddModelError("", "Sai mật khẩu");
}
}
return(View());
}
public HttpCookie CreateFormsAuthenticationCookie(OpenIdUser user)
{
Random rand = new Random();
int randomInt = rand.Next(0, int.MaxValue);
string hashValue = MD5Encryptor.GetHash(randomInt.ToString());
using (CookiesRepository cookiesRep = new CookiesRepository())
{
Cooky existingCookie = cookiesRep.GetList().FirstOrDefault(x => x.UserId == user.UserId);
if (existingCookie != null)
{
if (cookiesRep.Delete(existingCookie.Id) == false)
{
return(null);
}
}
Cooky newCookie = new Cooky()
{
UserId = user.UserId,
HashValue = hashValue
};
if (cookiesRep.Create(newCookie) == false)
{
return(null);
}
}
//var ticket = new FormsAuthenticationTicket(1, user.FullName, DateTime.Now, DateTime.Now.AddDays(7), true, user.GetCookieString(hashValue));
//var encrypted = FormsAuthentication.Encrypt(ticket).ToString();
var cookie = new HttpCookie(LOGIN_COOKIE_NAME, user.GetCookieString(hashValue));
return(cookie);
}
public ActionResult login(string email, string matkhau)
{
var dal = new CUSTOMERDAL();
var getpwd = dal.getpasswordbyemail(email);
if (getpwd == null)
{
ModelState.AddModelError("", "Sai email! Vui lòng kiểm tra lại");
}
else
{
if ((MD5Encryptor.MD5Hash(matkhau)).Equals(getpwd))
{
var customer = dal.getuserbyemail(email);
var cSession = new customerlogin();
cSession.MACUSTOMER = customer.MACUSTOMER;
cSession.TENCUSTOMER = customer.TENCUSTOMER;
cSession.EMAIL = customer.EMAIL;
cSession.DIACHI = customer.DIACHI;
cSession.MATKHAU = matkhau;
cSession.NGAYSINH = customer.NGAYSINH;
cSession.RATING = customer.RATING;
cSession.SDT = customer.SDT;
Session.Add(constant.CUSTOMER_SESSION, cSession);
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError("", "Sai mật khẩu");
}
}
return(View());
}
// PUT: api/User/5
public IHttpActionResult Put(string id, [FromBody] UserViewModel value)
{
if (string.IsNullOrWhiteSpace(id))
{
return(BadRequest("用户名不能为空"));
}
if (value == null || (value.User == null && value.Privilege == null))
{
return(BadRequest("数据不能为空"));
}
if (value.User != null)
{
value.User.UserName = id;
if (string.IsNullOrWhiteSpace(value.User.Password))
{
var oldUI = UserInfoPersistence.Instance.GetInfo(id);
if (oldUI != null)
{
value.User.Password = oldUI.Password;
}
}
else
{
//MD5加密
value.User.Password = MD5Encryptor.GetMD5Hash(value.User.Password);
}
UserInfoPersistence.Instance.Put(id, value.User);
}
if (value.Privilege != null)
{
value.Privilege.UserName = id;
UserPrivilegePersistence.Instance.Put(id, value.Privilege);
}
return(Ok("修改用户信息成功"));
}
private Tuple <bool, string> ValidateSignature(string signature, string timestamp, string nonce, string appSecret, int timspanExpiredMinutes)
{
Tuple <bool, string> _checkeResult = new Tuple <bool, string>(false, "数据完整性检查不通过");
string[] _arrayParamter = { appSecret, timestamp, nonce };
Array.Sort(_arrayParamter);
string _signatureString = string.Join("", _arrayParamter);
_signatureString = MD5Encryptor.Encrypt(_signatureString);
if (signature.CompareIgnoreCase(signature) && CheckHelper.IsNumber(timestamp))
{
DateTime _timestampMillis = UnixEpochHelper.DateTimeFromUnixTimestampMillis(timestamp.ToDoubleOrDefault(0f));
double _minutes = DateTime.UtcNow.Subtract(_timestampMillis).TotalMinutes;
if (_minutes > timspanExpiredMinutes)
{
_checkeResult = new Tuple <bool, string>(false, "签名时间戳失效");
}
else
{
_checkeResult = new Tuple <bool, string>(true, string.Empty);
}
}
return(_checkeResult);
}
/// <summary>
/// 修改密码
/// </summary>
/// <param name="userId">用户编号</param>
/// <param name="pwd">新密码</param>
/// <param name="oldpwd">旧密码</param>
/// <returns>修改结果</returns>
public CustomResult UpdatePassword(Guid userId, string pwd, string oldpwd)
{
using (DataSubmittedEntities db = new DataSubmittedEntities())
{
using (TransactionScope transaction = new TransactionScope())
{
MD5Encryptor md5 = new MD5Encryptor();
string password = md5.Encrypt(oldpwd);
var list = db.OT_User.Where(a => a.Id == userId & a.Password == password & a.IsDelete == (byte)EUserStatus.Normal).ToList();
if (list != null && list.Count > 0)
{
password = md5.Encrypt(pwd);
foreach (var info in list)
{
info.Password = password;
}
SessionManage.SetSession("UserInfo", null);
return(Result.SaveUpdateResult(db, transaction));
}
else
{
CustomResult pReturnValue = new CustomResult();
pReturnValue.ResultKey = (byte)EResult.Fail;//程序已经使用多处,所有不变动
pReturnValue.ResultValue = Wttech.DataSubmitted.Common.Resources.TipInfo.OldPasswordError;
return(pReturnValue);
}
}
}
}
public void ToMD5Test()
{
string _data = "yanzhiwei";
string _actual = MD5Encryptor.Encrypt(_data);
Assert.AreEqual("b07ec574a666d8e7582885ce334b4d00", _actual);
}
// POST: api/User
public IHttpActionResult Post([FromBody] UserViewModel uvm)
{
if (uvm == null || uvm.User == null)
{
return(BadRequest("数据不能为空"));
}
if (string.IsNullOrWhiteSpace(uvm.User.UserName) || string.IsNullOrWhiteSpace(uvm.User.Password))
{
return(BadRequest("用户名或密码不能为空"));
}
var oldUser = UserInfoPersistence.Instance.GetInfo(uvm.User.UserName);
if (oldUser != null)
{
return(BadRequest($"用户 {uvm.User.UserName} 已存在。"));
}
//MD5加密
uvm.User.Password = MD5Encryptor.GetMD5Hash(uvm.User.Password);
UserInfoPersistence.Instance.Put(uvm.User.UserName, uvm.User);
if (uvm.Privilege != null)
{
uvm.Privilege.UserName = uvm.User.UserName;
UserPrivilegePersistence.Instance.Put(uvm.User.UserName, uvm.Privilege);
}
return(Ok("添加用户信息成功"));
}
/// <summary>
/// 生成签名字符串
/// </summary>
/// <param name="appSecret">接入秘钥</param>
/// <param name="timestamp">时间戳</param>
/// <param name="nonce">随机数</param>
private static string SignatureString(string appSecret, string timestamp, string nonce)
{
string[] ArrTmp = { appSecret, timestamp, nonce };
Array.Sort(ArrTmp);
string tmpStr = string.Join("", ArrTmp);
tmpStr = MD5Encryptor.Encrypt(tmpStr);
return(tmpStr.ToLower());
}
/// <summary>
/// 生成签名字符串
/// </summary>
/// <param name="appSecret">签名加密键</param>
/// <param name="timestamp">时间戳</param>
/// <param name="nonce">随机数</param>
public static string Create(string appSecret, string timestamp, string nonce)
{
string[] _array = { appSecret, timestamp, nonce };
Array.Sort(_array);
string _signatureString = string.Join("", _array);
_signatureString = MD5Encryptor.Encrypt(_signatureString);
return(_signatureString);
}
/// <summary>
/// 生成签名字符串
/// </summary>
/// <param name="appSecret">签名加密键</param>
/// <param name="timestamp">时间戳</param>
/// <param name="nonce">随机数</param>
public static string Create(string appSecret, string timestamp, string nonce)
{
string[] data = { appSecret, timestamp, nonce };
Array.Sort(data);
string signatureString = string.Join("", data);
signatureString = MD5Encryptor.Encrypt(signatureString);
return(signatureString);
}
public ActionResult register(REGISTERViewModel r)
{
if (ModelState.IsValid)
{
MERCHANTDAL dal = new MERCHANTDAL();
var email = dal.kiemtratendangnhap(r.EMAIL);
var tendn = dal.kiemtratendangnhap(r.TENDANGNHAP);
var cmd = dal.kiemtracmnd(r.CMND);
if (email != null)
{
ModelState.AddModelError("", "Email đã đươc sử dụng");
}
if (tendn != null)
{
ModelState.AddModelError("", "Tên dăng nhập đã đươc sử dụng");
}
if (cmd != null)
{
ModelState.AddModelError("", "CMND đã đươc sử dụng");
}
else
{
var m = new MERCHANT();
m.TENDANGNHAP = r.TENDANGNHAP;
m.TENMERCHANT = r.TENMERCHANT;
m.MATKHAU = MD5Encryptor.MD5Hash(r.MATKHAU);
m.DIACHI = r.DIACHI;
m.EMAIL = r.EMAIL;
m.NGAYSINH = r.NGAYSINH;
m.SDT = r.SDT;
m.NGAYDK = DateTime.Today;
m.TINHTRANG = 0;
m.SOTINHIENTAI = 0;
m.SOLANBIKHOA = 0;
m.RATING = 0;
m.CMND = r.CMND;
var ver = dal.newme(m);
if (ver > 0)
{
ViewBag.Success = "Đăng kí thành công. Vui lòng kiểm tra email để kích hoạt tài khoản";
BuildEmailTemplate(ver);
}
else
{
ModelState.AddModelError("", "Đăng kí không thành công");
}
}
}
return(View(r));
}
public ActionResult register(CUSTOMER_REGISTERViewModel cr)
{
if (ModelState.IsValid)
{
var dao = new CUSTOMERDAL();
if (dao.checkemail(cr.EMAIL))
{
ModelState.AddModelError("", "Email đã đươc sử dụng");
}
else
{
var user = new CUSTOMER();
user.TENCUSTOMER = cr.TENCUSTOMER;
user.MATKHAU = MD5Encryptor.MD5Hash(cr.MATKHAU);
user.DIACHI = cr.DIACHI;
user.EMAIL = cr.EMAIL;
user.NGAYSINH = cr.NGAYSINH;
user.SDT = cr.SDT;
user.NGAYDK = DateTime.Today;
user.TINHTRANG = 0;
var result = dao.AddCustomer(user);
if (result > 0)
{
ViewBag.Success = "Đăng kí thành công. Vui lòng kiểm tra email để kích hoạt tài khoản";
BuildEmailTemplate(result);
/*
* phần này khi tạo đơn hàng xong thì gửi thông tin đơn hàng cho khách hàng
* string content = System.IO.File.ReadAllText(Server.MapPath("~/Assets/Customer/templates/neworder.html"));
* content = content.Replace("{{TENCUSTOMER}}", cr.TENCUSTOMER);
* content = content.Replace("{{SDT}}", cr.SDT);
* content = content.Replace("{{EMAIL}}", cr.EMAIL);
* content = content.Replace("{{DIACHI}}", cr.DIACHI);
* content=content.Replace("{{TONGTIEN}}",TONGTIEN.ToString("NO");
* var toEmail = ConfigurationManager.AppSettings["ToEmailAddress"];
* new MailHelper().SendEmail(cr.EMAIL, "Đơn hàng mới từ shop", content);
* new MailHelper().SendEmail(toEmail, "Đơn hàng mới từ shop", content);
*/
}
else
{
ModelState.AddModelError("", "Đăng kí không thành công");
}
}
}
return(View(cr));
}
public IHttpActionResult Login(CCTVUserInfo ui)
{
if (ui == null)
{
return(BadRequest("登录用户信息不能为空"));
}
if (string.IsNullOrWhiteSpace(ui.UserName))
{
return(BadRequest("用户名不能为空"));
}
var user = UserInfoPersistence.Instance.GetInfo(ui.UserName);
if (user == null)
{
if (ui.UserName != "admin")
{
return(BadRequest($"用户 {ui.UserName} 不存在"));
}
else
{
if (ui.Password == "admin")
{
return(Ok(new CCTVUserInfo()
{
UserName = "******",
IsAdmin = true,
ChineseName = "超级管理员"
}));
}
else
{
return(BadRequest("密码错误"));
}
}
}
if (!user.Password.Equals(MD5Encryptor.GetMD5Hash(ui.Password)))
{
return(BadRequest("密码错误"));
}
return(Ok(cloneUser(user)));
}
/// <summary>
/// 验证WebApi签名
/// </summary>
/// <param name="signature">签名</param>
/// <param name="timestamp">时间戳</param>
/// <param name="nonce">随机数</param>
/// <param name="appSecret">签名加密键</param>
/// <param name="signatureExpiredMinutes">签名过期分钟</param>
/// <returns>CheckResult</returns>
internal static CheckResult Validate(string signature, string timestamp, string nonce, string appSecret, int signatureExpiredMinutes)
{
string[] _arrayParamter = { appSecret, timestamp, nonce };
Array.Sort(_arrayParamter);
string _signatureString = string.Join("", _arrayParamter);
_signatureString = MD5Encryptor.Encrypt(_signatureString);
if (signature.CompareIgnoreCase(signature) && CheckHelper.IsNumber(timestamp))
{
DateTime _timestampMillis =
UnixEpochHelper.DateTimeFromUnixTimestampMillis(timestamp.ToDoubleOrDefault(0f));
double _minutes = DateTime.UtcNow.Subtract(_timestampMillis).TotalMinutes;
if (_minutes > signatureExpiredMinutes)
{
return(CheckResult.Fail("签名时间戳失效"));
}
}
return(CheckResult.Success());
}
/// <summary>
/// 登录
/// </summary>
/// <param name="name">用户名</param>
/// <param name="pwd">密码</param>
/// <param name="Session">用户信息缓存</param>
/// <returns><验证结果/returns>
public byte Login(string name, string pwd)
{
using (DataSubmittedEntities db = new DataSubmittedEntities())
{
//查找数据库中用户名匹配的记录
List <OT_User> list = db.OT_User.Where(a => a.Name == name).ToList();
//存在该用户名
if (list != null && list.Count > 0)
{
//对密码进行加密
MD5Encryptor md5 = new MD5Encryptor();
string password = md5.Encrypt(pwd);
//密码比对
if (list[0].Password == password)
{
//检查状态
if (list[0].IsDelete == (byte)EUserStatus.Normal)
{
SaveUserInfo(list[0].Id);
return((byte)ELoginResult.Succeed);
}
else
{
return((byte)ELoginResult.IsDelete);
}
}
else
{
return((byte)ELoginResult.PasswordError);
}
}
else
{
return((byte)ELoginResult.NameInexist);
}
}
}
public ActionResult login(string tendangnhap, string matkhau)
{
var ver = new MERCHANTDAL().login(tendangnhap, MD5Encryptor.MD5Hash(matkhau));
if (ver != null)
{
var mSession = new merchantlogin();
mSession.EMAIL = ver.EMAIL;
mSession.MAMERCHANT = ver.MAMERCHANT;
mSession.MATKHAU = matkhau;
mSession.RATING = ver.RATING;
mSession.SOLANBIKHOA = ver.SOLANBIKHOA;
mSession.SOTINHIENTAI = ver.SOTINHIENTAI;
mSession.TENDANGNHAP = ver.TENDANGNHAP;
mSession.TENMERCHANT = ver.TENMERCHANT;
Session.Add(constant.MERCHANT_SESSION, mSession);
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError("", "Sai mật khẩu hoặc tên đăng nhập!Vui lòng kiểm tra lại!");
}
return(View());
}
public string Hash(string password)
{
return(MD5Encryptor.Encrypt(password));
}
private static string StringToMD5(string str)
{
var encryptor = new MD5Encryptor();
return(encryptor.GetMD5(str).Replace("-", "").ToLower());
}
private static string GetKey(Expression expression)
{
return(MD5Encryptor.Encrypt(expression.ToString()));
}
public void BeforeEach()
{
encryptor = new MD5Encryptor();
}
public ActionResult Accept(int idcustomer, string password)
{
var dal = new CUSTOMERDAL().doimatkhau(idcustomer, MD5Encryptor.MD5Hash(password));
return(RedirectToAction("listsanphamtronggiohang"));
}
// GET: GetToken
public JsonResult Index(string corpid, string secret)
{
int errCode = 0;
string errMsg = "";
string token = "";
int expires_time = 0;
#region 条件判断
if (string.IsNullOrEmpty(time))
{
errCode = 10000;
errMsg = "expires_time setting missing";
}
else if (string.IsNullOrEmpty(corpid))
{
errCode = 10001;
errMsg = "corpid missing";
}
else if (string.IsNullOrEmpty(secret))
{
errCode = 10002;
errMsg = "secret missing";
}
if (errCode != 0)
{
return(Json(new
{
errcode = errCode,
errmsg = errMsg,
access_token = token,
expires_in = expires_time
}, JsonRequestBehavior.AllowGet));
}
var companyInfo = AppUtility.Engine.SSOManager.GetSSOSystem(corpid);
if (companyInfo == null)
{
errCode = 10003;
errMsg = "corpid error";
}
else if (companyInfo.Secret != MD5Encryptor.GetMD5(secret))
{
errCode = 10004;
errMsg = "secret error";
}
if (errCode != 0)
{
return(Json(new
{
errcode = errCode,
errmsg = errMsg,
access_token = token,
expires_in = expires_time
}, JsonRequestBehavior.AllowGet));
}
#endregion
int T = Convert.ToInt32(time);
string encryptString = corpid + "|" + secret + "|" + System.DateTime.Now.Ticks + "|" + T;
token = EncryptHelper.Encrypt(encryptString, key);
return(Json(new
{
errcode = 0,
errmsg = "",
access_token = token,
expires_in = T
}, JsonRequestBehavior.AllowGet));
}
