Esempio n. 1
0
        public async Task <ActionResult> Login()
        {
            //统一登陆
            if (WebConfigurationManager.AppSettings["LoginMode"] == "SSL")
            {
                var returnurl = Server.UrlEncode(HttpContext.Request.Url.AbsoluteUri);
                if (!Request.Url.AbsoluteUri.ToLower().Contains(WebConfigurationManager.AppSettings["LoginKey"].ToLower()))
                {
                    Response.Redirect(WebConfigurationManager.AppSettings["LoginUrl"] + "?returnUrl=" + returnurl + "&systemName=" + WebConfigurationManager.AppSettings["SystemName"]);
                    return(null);
                }
                byte[]                      _Key           = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["Cryptokey"] ?? "HSJF!@#$12345678");
                byte[]                      _IV            = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["CryptoIV"] ?? "HSJF^%$#12345678");
                var                         userinfo       = Request.QueryString[WebConfigurationManager.AppSettings["LoginKey"]];
                byte[]                      outputb        = Convert.FromBase64String(userinfo);
                SymmCrypto                  symm           = new SymmCrypto(_Key, _IV);
                var                         userstr        = symm.DecryptToString(outputb, Encoding.UTF8);
                JavaScriptSerializer        jsonSerializer = new JavaScriptSerializer();
                var                         luser          = (LoginUser)jsonSerializer.Deserialize(userstr, typeof(LoginUser));
                Microsoft.Owin.IOwinContext OwinContext    = HttpContext.GetOwinContext();

                //初始化用户管理相关
                UserStore   userStore   = new UserStore();
                UserDAL     userdal     = new UserDAL();
                UserManager UserManager = new UserManager(userStore);
                Com.HSJF.Infrastructure.Identity.Model.User user = new Com.HSJF.Infrastructure.Identity.Model.User {
                    UserName = luser.LoginName
                };
                //byte[] _Key = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["Cryptokey"] ?? "HSJF!@#$12345678");
                //byte[] _IV = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["CryptoIV"] ?? "HSJF^%$#12345678");
                var newuser = UserManager.FindByName(luser.LoginName);
                user.Password = symm.DecryptToString(Convert.FromBase64String(newuser.Password));
                if (!userdal.FindUser(user.UserName, Convert.ToBase64String(symm.EncryptFromString(user.Password))))
                {
                    ModelState.AddModelError("", "用户名不存在或者已被禁用!");
                    return(View());
                }
                Microsoft.AspNet.Identity.Owin.SignInStatus SignInStatus = await PrivateLogin(user.UserName, user.Password);

                System.Web.HttpContext.Current.Session["_currentUser"] = UserManager.FindByName(user.UserName);
                return(RedirectToAction("Index", "Home"));
            }
            return(View());
        }
        public string Post(string encryptStr)
        {
            byte[] encrptBytes = Convert.FromBase64String(encryptStr);

            string decryptStr = symm.DecryptToString(encrptBytes, Encoding.UTF8);

            var obj = Newtonsoft.Json.JsonConvert.DeserializeObject <List <AfterCase> >(decryptStr);

            return(decryptStr);
        }
Esempio n. 3
0
        public async Task <ActionResult> Login(LoginViewModel usermodel)
        {
            if (!ModelState.IsValid)
            {
                return(View(usermodel));
            }

            Microsoft.Owin.IOwinContext OwinContext = HttpContext.GetOwinContext();

            //初始化用户管理相关
            UserStore   userStore   = new UserStore();
            UserDAL     userdal     = new UserDAL();
            UserManager UserManager = new UserManager(userStore);

            //初始化权限管理相关
            PermissionStore   ps = new PermissionStore();
            PermissionManager pm = new PermissionManager(ps);
            //登录
            SignInManager signInManager = new SignInManager(UserManager, OwinContext.Authentication);

            Microsoft.AspNet.Identity.Owin.SignInStatus SignInStatus;
            string pass     = usermodel.Password;
            string username = usermodel.LoginName;
            var    user     = new Com.HSJF.Infrastructure.Identity.Model.User {
                UserName = username, Password = pass
            };

            byte[]     _Key = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["Cryptokey"] ?? "HSJF!@#$12345678");
            byte[]     _IV  = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["CryptoIV"] ?? "HSJF^%$#12345678");
            SymmCrypto symm = new SymmCrypto(_Key, _IV);

            if (!userdal.FindUser(usermodel.LoginName, Convert.ToBase64String(symm.EncryptFromString(usermodel.Password))))
            {
                ModelState.AddModelError("", "用户名不存在或者已被禁用!");
                return(View());
            }
            //域登陆
            if (WebConfigurationManager.AppSettings["LoginMode"] == "LDAP")
            {
                LdapAuthentication ldap = new LdapAuthentication();
                if (!ldap.IsAuthenticated(usermodel.LoginName, usermodel.Password))
                {
                    ModelState.AddModelError("", "用户名或者密码错误!");
                    return(View());
                }
                var newuser = UserManager.FindByName(username);
                user.Password = symm.DecryptToString(Convert.FromBase64String(newuser.Password));
            }

            SignInStatus = await PrivateLogin(user.UserName, user.Password);

            switch (SignInStatus)
            {
            //成功
            case Microsoft.AspNet.Identity.Owin.SignInStatus.Success:
                //此处表示已经在startup 中配置
                //标示
                //System.Security.Claims.ClaimsIdentity identity = UserManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);

                //授权登陆
                //AutherticationManager.SignIn(new Microsoft.Owin.Security.AuthenticationProperties { IsPersistent = true }, identity);

                System.Web.HttpContext.Current.Session["_currentUser"] = signInManager.UserManager.FindByName(user.UserName);
                return(RedirectToAction("Index", "Home"));

            //锁定
            case Microsoft.AspNet.Identity.Owin.SignInStatus.LockedOut:
                Response.Write("LockedOut!");
                break;

            //要求验证
            case Microsoft.AspNet.Identity.Owin.SignInStatus.RequiresVerification:
                Response.Write("RequiresVerification!");
                break;

            //登录失败
            case Microsoft.AspNet.Identity.Owin.SignInStatus.Failure:
                ModelState.AddModelError("", @"用户名或者密码错误!");
                return(View());
            }
            return(View());
        }