Esempio n. 1
0
 public void LoginAsync(string loginName, string password, Action <DataResponse <LoginedUser>, Exception> callback)
 {
     RpcRoot.JsonRpc.PostAsync(
         _controllerName,
         nameof(IUserController.Login),
         RpcUser.GetSignData(loginName, password),
         new object(),
         callback);
 }
Esempio n. 2
0
        protected bool IsValidAdmin <TResponse>(ISignableData data, out TResponse response, out UserData user) where TResponse : ResponseBase, new()
        {
            user = null;
            if (!WebApiRoot.UserSet.IsReadied)
            {
                string message = "服务器用户集启动中,请稍后";
                response = ResponseBase.NotExist <TResponse>(message);
                return(false);
            }
            ClientSignData query = ClientSign;

            if (!Timestamp.IsInTime(query.Timestamp))
            {
                response = ResponseBase.Expired <TResponse>();
                return(false);
            }
            if (!string.IsNullOrEmpty(query.LoginName))
            {
                user = WebApiRoot.UserSet.GetUser(query.UserId);
            }
            if (user == null && !string.IsNullOrEmpty(query.LoginName))
            {
                user = WebApiRoot.UserSet.GetUser(query.UserId);
            }
            if (user == null)
            {
                string message = "用户不存在";
                response = ResponseBase.NotExist <TResponse>(message);
                return(false);
            }
            else if (!user.IsAdmin())
            {
                string message = "对不起,您不是超管";
                response = ResponseBase.NotExist <TResponse>(message);
                return(false);
            }
            string mySign = RpcUser.CalcSign(user.LoginName, user.Password, query.Timestamp, data);

            if (query.Sign != mySign)
            {
                string message = "登录名或密码错误";
                response = ResponseBase.Forbidden <TResponse>(message);
                Write.DevDebug(() => $"{message} sign:{query.Sign} mySign:{mySign}");
                return(false);
            }
            response = null;
            return(true);
        }
Esempio n. 3
0
        private static bool IsValidUser(
            ClientSignData clientSign, ISignableData data, bool isLoginAction,
            out ResponseBase response, out UserData user)
        {
            user = null;
            if (!AppRoot.UserSet.IsReadied)
            {
                string message = "服务器用户集启动中,请稍后";
                response = ResponseBase.NotExist(message);
                return(false);
            }
            if (!Timestamp.IsInTime(clientSign.Timestamp))
            {
                response = ResponseBase.Expired();
                return(false);
            }
            if (!string.IsNullOrEmpty(clientSign.LoginName))
            {
                user = AppRoot.UserSet.GetUser(clientSign.UserId);
            }
            if (user == null)
            {
                string message = "用户不存在";
                response = ResponseBase.NotExist(message);
                return(false);
            }
            if (isLoginAction)
            {
                if (!AppRoot.UserSet.CheckLoginTimes(clientSign.LoginName))
                {
                    response = ResponseBase.Forbidden("对不起,您的尝试太过频繁");
                    return(false);
                }
            }
            string mySign = RpcUser.CalcSign(user.LoginName, user.Password, clientSign.Timestamp, data);

            if (clientSign.Sign != mySign)
            {
                string message = "签名错误:1. 可能因为登录名或密码错误;2. 可能因为软件版本过期需要升级软件。";
                response = ResponseBase.Forbidden(message);
                return(false);
            }
            response = null;
            return(true);
        }
Esempio n. 4
0
        protected bool IsValidUser <TResponse>(ISignableData data, out TResponse response, out UserData user) where TResponse : ResponseBase, new()
        {
            user = null;
            if (!WebApiRoot.UserSet.IsReadied)
            {
                string message = "服务器用户集启动中,请稍后";
                response = ResponseBase.NotExist <TResponse>(message);
                return(false);
            }
            ClientSignData query = ClientSign;

            if (!Timestamp.IsInTime(query.Timestamp))
            {
                response = ResponseBase.Expired <TResponse>();
                return(false);
            }
            // 对于User来说LoginName可以是LoginName、Email、Mobile
            if (!string.IsNullOrEmpty(query.LoginName))
            {
                user = WebApiRoot.UserSet.GetUser(UserId.Create(query.LoginName));
            }
            if (user == null)
            {
                string message = "用户不存在";
                response = ResponseBase.NotExist <TResponse>(message);
                return(false);
            }
            if (user.IsAdmin())
            {
                response = null;
                return(true);
            }
            string mySign = RpcUser.CalcSign(user.LoginName, user.Password, query.Timestamp, data);

            if (query.Sign != mySign)
            {
                string message = "签名错误:1. 可能因为登录名或密码错误;2. 可能因为软件版本过期需要升级软件,请将软件升级到最新版本再试。";
                response = ResponseBase.Forbidden <TResponse>(message);
                return(false);
            }
            response = null;
            return(true);
        }
Esempio n. 5
0
 public void LoginAsync(string loginName, string password, Action <DataResponse <LoginedUser>, Exception> callback)
 {
     RpcRoot.PostAsync(RpcRoot.OfficialServerHost, RpcRoot.OfficialServerPort, _controllerName, nameof(IUserController.Login), RpcUser.GetSignData(loginName, password), new SignRequest(), callback);
 }