public virtual ActionResult Register(RegisterEditModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var user = model.AsUser();
if (_userService.AddUser(user).Id <= 0)
{
return(View(model));
}
var adminCookie = new HttpCookie("ChiakiCookie" + user.UserName)
{
Value = UserPasswordHelper.MD5(true.ToString())
};
if (!string.IsNullOrEmpty(FormsAuthentication.CookieDomain))
{
adminCookie.Domain = FormsAuthentication.CookieDomain;
}
adminCookie.HttpOnly = true;
Response.Cookies.Add(adminCookie);
FormsAuthentication.SetAuthCookie(model.UserName, false);
return(RedirectToAction(MVC.Channel.Home()));
}
// This method must be thread-safe since it is called by the thread-safe OnCacheAuthorization() method.
protected virtual bool AuthorizeCore(AuthorizationContext filterContext)
{
var currentUser = UserContext.CurrentUser;
if (currentUser == null)
{
return(false);
}
if (!CheckCookie)
{
return(false);
}
var adminCookie = filterContext.HttpContext.Request.Cookies["ChiakiAdminCookie" + currentUser.Id];
if (adminCookie == null)
{
return(false);
}
var isLoginMarked = false;
try
{
if (UserPasswordHelper.MD5(true.ToString()).Equals(adminCookie.Value))
{
isLoginMarked = true;
}
}
catch
{
// ignored
}
return(isLoginMarked);
}
/// <summary>
/// Updates the password question and answer.
/// </summary>
/// <param name="passwordQuestion">The password question</param>
/// <param name="passwordAnswer">The password answer</param>
/// <remarks>This method does not save the user record.</remarks>
public void SetPasswordQuestion(string passwordQuestion, string passwordAnswer)
{
this.PasswordQuestion = passwordQuestion;
string encodedPasswordAnswer = string.Empty;
if (!string.IsNullOrEmpty(passwordAnswer))
{
encodedPasswordAnswer = UserPasswordHelper.EncodePassword(passwordAnswer, "SHA1");
}
this.PasswordAnswer = encodedPasswordAnswer;
}
/// <summary>
/// Processes a request to update the password question and answer for a membership user.
/// </summary>
/// <param name="username">The user to change the password question and answer for. </param>
/// <param name="password">The password for the specified user.</param>
/// <param name="newPasswordQuestion">The new password question for the specified user</param>
/// <param name="newPasswordAnswer">The new password answer for the specified user. </param>
/// <returns>true if the password question and answer are updated successfully; otherwise, false.</returns>
public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)
{
User user = UserDataSource.LoadForUserName(username);
if ((user != null) && user.CheckPassword(password))
{
user.PasswordQuestion = newPasswordQuestion;
//password answer is always encoded in SHA1
user.PasswordAnswer = UserPasswordHelper.EncodePassword(newPasswordAnswer, "SHA1");
return(user.Save() != SaveResult.Failed);
}
return(false);
}
public User AsUser()
{
var user = new User
{
UserName = UserName,
NickName = NickName,
PasswordFormat = UserPasswordFormat.Md5,
Password = UserPasswordHelper.EncodePassword("123456", UserPasswordFormat.Md5),
AccountEmail = AccountEmail,
AccountMobile = AccountMobile
};
return(user);
}
/// <summary>
/// Updates the user password
/// </summary>
/// <param name="newPassword">new password</param>
/// <param name="forceExpiration">force expiration</param>
/// <returns>True if the password was set successfully; false otherwise</returns>
public bool SetPassword(string newPassword, bool forceExpiration)
{
bool isAdmin = this.IsAdmin;
PasswordPolicy policy;
if (isAdmin)
{
policy = new MerchantPasswordPolicy();
}
else
{
policy = new CustomerPasswordPolicy();
}
int historyDays = policy.HistoryDays;
int historyCount = policy.HistoryCount;
DateTime lastPasswordDate = LocaleHelper.LocalNow.AddDays(-1 * historyDays);
UserPasswordCollection passwordCollection = this.Passwords;
int passwordCount = passwordCollection.Count;
for (int i = passwordCount - 1; i >= 0; i--)
{
UserPassword oldPassword = passwordCollection[i];
if ((oldPassword.PasswordNumber >= historyCount) && (oldPassword.CreateDate <= lastPasswordDate))
{
passwordCollection[i].Delete();
passwordCollection.RemoveAt(i);
}
else
{
passwordCollection[i].PasswordNumber++;
}
}
UserPassword userPassword = new UserPassword();
userPassword.Password = UserPasswordHelper.EncodePassword(newPassword, policy.PasswordFormat);
userPassword.PasswordFormat = policy.PasswordFormat;
userPassword.PasswordNumber = 1;
userPassword.CreateDate = LocaleHelper.LocalNow;
userPassword.ForceExpiration = forceExpiration;
passwordCollection.Add(userPassword);
this.LastPasswordChangedDate = userPassword.CreateDate;
bool result = (this.Save() != SaveResult.Failed);
if (isAdmin)
{
Logger.Audit(AuditEventType.PasswordChanged, result, string.Empty);
}
return(result);
}
/// <summary>
/// 验证用户名密码
/// </summary>
/// <param name="userName">用户名/注册邮箱/注册手机</param>
/// <param name="password">密码</param>
/// <returns></returns>
public UserLoginStatus ValidateUser(string userName, string password)
{
var user =
_userRepository.Table
.FirstOrDefault(
n => n.UserName == userName || n.AccountEmail == userName || n.AccountMobile == userName);
if (user == null)
{
return(UserLoginStatus.IsNotExist);
}
if (!UserPasswordHelper.CheckPassword(password, user.Password, user.PasswordFormat))
{
return(UserLoginStatus.InvalidCredentials);
}
return(!user.IsActived ? UserLoginStatus.NotActivated : UserLoginStatus.Success);
}
public JsonResult _Step2_Install_InitialData()
{
ConcurrentDictionary <string, string> messages = new ConcurrentDictionary <string, string>();
string connectString = Request.Form.Get <string>("connectString", string.Empty);
//连接新库
SqlConnection dbConnection = GetSqlConnection(connectString, out messages);
if (messages.Keys.Count > 0)
{
return(Json(new StatusMessageData(StatusMessageType.Error, "连接字符串不对!")));
}
string administrator = Request.Form.Get <string>("Administrator", string.Empty);
string userPassword = Request.Form.Get <string>("UserPassword", string.Empty);
KeyValuePair <string, string> adminInfo = new KeyValuePair <string, string>(administrator, UserPasswordHelper.EncodePassword(userPassword, Tunynet.Common.UserPasswordFormat.MD5));
string mainRootSiteUrl = Request.Form.Get <string>("MainRootSiteUrl", string.Empty);
List <string> fileList = SetupHelper.GetInstallFiles(null, true).Where(n => n.Contains("InitialData") || n.Contains("CreateAdministrator")).ToList();
string message = string.Empty;
foreach (var file in fileList)
{
try
{
SetupHelper.ExecuteInFile(dbConnection, file, out messages, adminInfo, mainRootSiteUrl);
}
catch { }
if (messages.Count > 0)
{
WriteLogFile(messages);
return(Json(new StatusMessageData(StatusMessageType.Error, "执行数据库初始化脚本时出现错误,请查看安装日志!")));
}
}
return(Json(new StatusMessageData(StatusMessageType.Success, "安装数据库表结构成功!")));
}
/// <summary>
/// Checks the given password to see if it is equal to the password represented by this instance.
/// </summary>
/// <param name="password">The unencrypted password to check</param>
/// <returns>True if the input is equal to the password stored in this instance; false otherwise.</returns>
public bool VerifyPassword(string password)
{
return(UserPasswordHelper.VerifyPassword(password, this.PasswordFormat, this.Password));
}
public virtual ActionResult ManageLogin(LoginViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var user = model.AsUser();
var userLoginStatus = _userService.ValidateUser(user.UserName, user.Password);
switch (userLoginStatus)
{
case UserLoginStatus.Success:
user = _userService.GetAll().FirstOrDefault(n => n.UserName == user.UserName);
break;
case UserLoginStatus.IsNotExist:
TempData["StatusMessageData"] = "账号不存在!";
break;
case UserLoginStatus.InvalidCredentials:
TempData["StatusMessageData"] = "帐号或密码错误,请重新输入!";
break;
case UserLoginStatus.NotActivated:
TempData["StatusMessageData"] = "账号未激活!";
break;
case UserLoginStatus.Banned:
TempData["StatusMessageData"] = "账号被封禁!";
break;
case UserLoginStatus.UnknownError:
TempData["StatusMessageData"] = "未知错误,请重试!";
break;
default:
TempData["StatusMessageData"] = "未知错误,请重试!";
break;
}
if (userLoginStatus != UserLoginStatus.Success)
{
return(View(model));
}
FormsAuthentication.SignOut();
var adminCookie = new HttpCookie("ChiakiAdminCookie" + user.Id)
{
Value = UserPasswordHelper.MD5(true.ToString())
};
if (!string.IsNullOrEmpty(FormsAuthentication.CookieDomain))
{
adminCookie.Domain = FormsAuthentication.CookieDomain;
}
adminCookie.HttpOnly = true;
Response.Cookies.Add(adminCookie);
FormsAuthentication.SetAuthCookie(user.UserName, model.RememberMe);
var returnUrl = string.IsNullOrEmpty(model.ReturnUrl)
? Request.QueryString.Get("ReturnUrl")
: model.ReturnUrl;
if (string.IsNullOrWhiteSpace(returnUrl))
{
return(RedirectToAction(MVC.Admin.Admin.Home()));
}
return(Redirect(returnUrl));
}
){kind=link}
){kind=link}