public virtual JObject Login(HttpContext context)
{
YZRequest request = new YZRequest(context);
string lang = request.GetString("lang", "zh-chs");
string uid = request.GetString("uid");
string pwd = request.GetString("pwd", null);
bool isapp = request.GetBool("isapp");
string cordova = request.GetString("cordova");
string model = request.GetString("model");
string name = request.GetString("name", model);
string platform = request.GetString("platform");
string uuid = request.GetString("uuid");
string version = request.GetString("version");
string manufacturer = request.GetString("manufacturer");
bool isVirtual = request.GetBool("isVirtual", false);
string serial = request.GetString("serial");
bool validationPanelShow = request.GetBool("validationPanelShow");
string smsGuid = request.GetString("smsGuid", null);
string vcode = request.GetString("vcode", null);
string keystore = request.GetString("keystore", null);
//用私钥解密
if (!String.IsNullOrEmpty(keystore))
{
string privateKey = (string)YZTempStorageManager.CurrentStore.Load(keystore);
RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider(1024);
rsaProvider.FromXmlString(privateKey);
uid = System.Text.Encoding.UTF8.GetString(rsaProvider.Decrypt(Convert.FromBase64String(uid), false));
pwd = System.Text.Encoding.UTF8.GetString(rsaProvider.Decrypt(Convert.FromBase64String(pwd), false));
}
Device device = null;
SMS sms = null;
JObject rv;
if (isapp)
{
using (IYZDbProvider provider = YZDbProviderManager.DefaultProvider)
{
using (IDbConnection cn = provider.OpenConnection())
{
device = DeviceManager.TryGetDevice(provider, cn, uid, uuid);
}
}
//设备禁用
if (device != null && device.Disabled)
{
rv = new JObject();
rv[YZJsonProperty.success] = false;
rv["prompt"] = true;
rv[YZJsonProperty.errorMessage] = Resources.YZMobile.Aspx_Auth_DeviceDisabled;
return(rv);
}
//账号保护
if (device == null)
{
bool IsAppLoginProtected;
using (BPMConnection cn = new BPMConnection())
{
cn.WebOpenAnonymous();
IsAppLoginProtected = User.IsAppLoginProtected(cn, uid);
}
if (IsAppLoginProtected)
{
if (!validationPanelShow)
{
rv = new JObject();
rv[YZJsonProperty.success] = false;
rv["needSmsValidation"] = true;
rv[YZJsonProperty.errorMessage] = Resources.YZMobile.Aspx_Auth_StrangerDevice;
return(rv);
}
if (String.IsNullOrEmpty(smsGuid))
{
throw new Exception(Resources.YZMobile.Aspx_Auth_GetValidationCodeFirst);
}
using (IYZDbProvider provider = YZDbProviderManager.DefaultProvider)
{
using (IDbConnection cn = provider.OpenConnection())
{
sms = SMSManager.TryGetSMS(provider, cn, smsGuid);
}
}
if (sms == null)
{
throw new Exception(Resources.YZMobile.Aspx_Auth_GetValidationCodeAgain);
}
if (sms.ValidationCode != vcode)
{
throw new Exception(Resources.YZMobile.Aspx_Auth_IncorrectValidationCode);
}
if (sms.ExpireDate < DateTime.Now)
{
throw new Exception(Resources.YZMobile.Aspx_Auth_GetValidationCodeAgain);
}
}
}
}
if (String.IsNullOrEmpty(uid) /*|| String.IsNullOrEmpty(password)*/)
{
throw new Exception(Resources.YZStrings.Aspx_Login_EnterAccountTip);
}
string realAccount = null;
string token = null;
if (!BPMConnection.Authenticate(YZAuthHelper.BPMServerName, YZAuthHelper.BPMServerPort, uid, pwd, out realAccount, out token))
{
throw new Exception(Resources.YZStrings.Aspx_Login_Fail);
}
YZAuthHelper.SetAuthCookie(realAccount, token);
YZAuthHelper.SetLangSession(YZCultureInfoParse.Parse(lang, YZCultureInfoParse.DefauleCultureInfo).LCID);
YZAuthHelper.ClearLogoutFlag();
rv = this.GenLoginResult(realAccount, false);
//登录成功后处理
if (isapp)
{
using (IYZDbProvider provider = YZDbProviderManager.DefaultProvider)
{
using (IDbConnection cn = provider.OpenConnection())
{
if (device != null)
{
device.LastLogin = DateTime.Now;
DeviceManager.Update(provider, cn, device);
}
else
{
device = new Device();
device.Account = realAccount;
device.UUID = uuid;
device.Name = name;
device.Model = model;
device.Description = String.Format("{0} {1} {2} {3}", manufacturer, model, platform, version);
device.Disabled = false;
device.RegisterAt = DateTime.Now;
device.LastLogin = device.RegisterAt;
DeviceManager.Insert(provider, cn, device);
}
if (sms != null)
{
SMSManager.DeleteSMS(provider, cn, sms.ItemGUID);
}
}
}
}
return(rv);
}
public virtual void SMSValidation(HttpContext context)
{
YZRequest request = new YZRequest(context);
string validateItemGUID = request.GetString("validateItemGUID");
string validateCode = request.GetString("validateCode");
string action = request.GetString("action", null);
string uid = YZAuthHelper.LoginUserAccount;
using (IYZDbProvider provider = YZDbProviderManager.DefaultProvider)
{
using (IDbConnection cn = provider.OpenConnection())
{
SMS sms = SMSManager.TryGetSMS(provider, cn, validateItemGUID);
if (sms == null)
{
throw new Exception(Resources.YZMobile.Aspx_Auth_GetValidationCodeAgain);
}
if (sms.ValidationCode != validateCode)
{
throw new Exception(Resources.YZMobile.Aspx_Auth_IncorrectValidationCode);
}
if (sms.ExpireDate < DateTime.Now)
{
throw new Exception(Resources.YZMobile.Aspx_Auth_GetValidationCodeAgain);
}
SMSManager.DeleteSMS(provider, cn, validateItemGUID);
}
}
if (NameCompare.EquName(action, "bindandprotect"))
{
string iddcode = request.GetString("iddcode");
string phoneNumber = request.GetString("phoneNumber");
using (BPMConnection cn = new BPMConnection())
{
cn.WebOpen();
User.SetAppLoginProtect(cn, uid, true);
User.BindPhone(cn, uid, iddcode, phoneNumber);
User user = User.TryGetUser(cn, uid);
if (user != null)
{
if ((user.Permision & BPMObjectPermision.Edit) == BPMObjectPermision.Edit)
{
user.Mobile = phoneNumber;
User.Update(cn, uid, user);
}
}
}
}
if (NameCompare.EquName(action, "changebind"))
{
string iddcode = request.GetString("iddcode");
string phoneNumber = request.GetString("phoneNumber");
using (BPMConnection cn = new BPMConnection())
{
cn.WebOpen();
User.BindPhone(cn, uid, iddcode, phoneNumber);
User user = User.TryGetUser(cn, uid);
if (user != null)
{
if ((user.Permision & BPMObjectPermision.Edit) == BPMObjectPermision.Edit)
{
user.Mobile = phoneNumber;
User.Update(cn, uid, user);
}
}
}
}
}
