Esempio n. 1
0
        /// <summary>
        /// 修改密码.
        /// </summary>
        /// <returns>
        /// The <see cref="JsonResult"/>.
        /// </returns>
        public JsonResult ModifyPassword()
        {
            try
            {
                var userID = this.GetUserID();
                if (userID == 0)
                {
                    return this.Json(new AjaxResponse(0, "未登录!"));
                }

                var oldpwd = Request.Form["op"];
                var newpwd = Request.Form["np"];

                if (string.IsNullOrEmpty(oldpwd))
                {
                    return this.Json(new AjaxResponse(0, "原密码不能为空"));
                }

                if (string.IsNullOrEmpty(newpwd))
                {
                    return this.Json(new AjaxResponse(0, "新密码不能为空"));
                }

                var rsa = new RSACryptoServiceProvider();
                rsa.FromXmlString((string)Session["private_key"]);
                byte[] oldResult = rsa.Decrypt(HexStringToBytes(oldpwd), false); // 用私钥将密码解密出来
                byte[] newResult = rsa.Decrypt(HexStringToBytes(newpwd), false); // 用私钥将密码解密出来
                var enc = new ASCIIEncoding();

                oldpwd = enc.GetString(oldResult);
                newpwd = enc.GetString(newResult);

                var userService = new UserService();
                var user = userService.QueryUserByID(userID);
                if (user == null)
                {
                    return this.Json(new AjaxResponse(0, "用户名不存在"));
                }

                if (string.Compare(oldpwd, user.LoginPassword, StringComparison.OrdinalIgnoreCase) == 0
                    || string.Compare(
                        Encrypt.HashByMD5(oldpwd),
                        user.LoginPassword,
                        StringComparison.OrdinalIgnoreCase) == 0)
                {
                    userService.ModifyPassword(userID, newpwd);
                    return this.Json(new AjaxResponse(1, "修改完成"));
                }

                return this.Json(new AjaxResponse(0, "密码不正确"));
            }
            catch (Exception exception)
            {
                return this.Json(new AjaxResponse(0, exception.Message));
            }
        }