public ValidLoginModel <Base_User> ChangePassword(ChangePasswordModel model)
{
ValidLoginModel <Base_User> loginModel = new ValidLoginModel <Base_User>();
loginModel.Success = false;
loginModel.Token = model.token;
loginModel.User = null;
var user = GetUserInfoByAccount(model.Accont);
user.Password = EncryptorHelper.GetMD5(model.NewPassword + user.Salt);
_sysUserRepository.update(user, true);
//缓存
_cache.SetCache(String.Format(MODEL_KEY, user.Id), user, DateTimeOffset.Now.AddHours(4));
loginModel.User = user;
return(loginModel);
}
/// <summary>
/// 验证登录状态
/// </summary>
/// <param name="account">登录账号</param>
/// <param name="password">登录密码</param>
/// <param name="r">登录随机数</param>
/// <returns></returns>
public ValidLoginModel <Base_User> ValidateUser(string account, string password, string r)
{
ValidLoginModel <Base_User> loginModel = new ValidLoginModel <Base_User>();
loginModel.Success = false;
loginModel.Token = "";
loginModel.User = null;
var user = GetUserInfoByAccount(account);
if (user == null)
{
loginModel.Message = "未找到对应帐号";
return(loginModel);
}
if (!user.Enabled)
{
loginModel.Message = "你的账号已被冻结";
return(loginModel);
}
if (user.LoginLock)
{
if (user.AllowLoginTime > DateTime.Now)
{
loginModel.Message = "账号已被锁定" + ((int)(user.AllowLoginTime - DateTime.Now).Value.TotalSeconds + 1) + "秒。";
return(loginModel);
}
}
var md5Password = EncryptorHelper.GetMD5(user.Password + r);
//匹配密码
if (password.Equals(md5Password, StringComparison.InvariantCultureIgnoreCase))
{
user.LoginLock = false;
user.LoginFailedNum = 0;
user.AllowLoginTime = null;
user.LastLoginTime = DateTime.Now;
user.LastIpAddress = "";
loginModel.Success = true;
loginModel.Message = "登录成功";
loginModel.Token = Guid.NewGuid().ToString();
loginModel.User = user;
_sysUserTokenRepository.DbContext.Add(new Base_UserToken()
{
Id = loginModel.Token,
ExpireTime = DateTime.Now.AddDays(15),
UserId = user.Id
});
_sysOperateLogRepository.DbContext.Add(new Base_OperateLog()
{
Id = Guid.NewGuid().ToString(),
UserId = user.Id,
CreateTime = DateTime.Now,
OperateCotent = "登录成功",
OperateType = "LoginIn",
IpAddress = this._httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString()
});
}
else
{
user.LoginFailedNum++;
if (user.LoginFailedNum > 4)
{
user.LoginLock = true;
user.AllowLoginTime = DateTime.Now.AddMinutes(2);
user.LoginFailedNum = 0;
loginModel.Message = "账号已被锁定,请2分钟后再登录";
}
else
{
loginModel.Message = $"登录密码错误,还有{5-user.LoginFailedNum}次机会";
}
}
_sysUserRepository.DbContext.SaveChanges();
return(loginModel);
}
