Esempio n. 1
0
        public HttpResponseMessage LoginIn(LoginUserMoel loginUser)
        {
            var systemUser = commonService.GetSystemUserByNTId(loginUser.UserName, 1);

            if (systemUser == null)
            {
                return(Request.CreateResponse(HttpStatusCode.NotFound, "ACCOUNT NOT EXIST"));
            }
            if (systemUser.Enable_Flag == false)
            {
                return(Request.CreateResponse(HttpStatusCode.Forbidden, "ACCOUNT NOT ENABLED"));
            }

            //var userInfo = commonService.GetUserInfo(systemUser.Account_UID);

            var LDAPswitch = ConfigurationManager.AppSettings["LDAPAuthentication"].ToString();

            //判断WebConfig里面是否开启了需要输入密码登录
            if (!string.IsNullOrWhiteSpace(LDAPswitch) && LDAPswitch.Equals("ON", StringComparison.CurrentCultureIgnoreCase))
            {
                ValidateUser validateUser = new ValidateUser(settingService);
                //如果是物料员登录,则要判断是成都还是无锡的专案,成都的不需要输入密码,无锡的需要输入密码
                if (systemUser.MH_Flag)
                {
                    var projectSite = commonService.GetProjectSite(systemUser.Account_UID);
                    switch (projectSite)
                    {
                    case "CTU":
                        break;

                    case "WUXI_M":
                        if (string.IsNullOrEmpty(loginUser.Password) ||
                            !validateUser.LDAPValidateByMHFlag(loginUser.UserName, loginUser.Password, loginUser.IsEmployee))
                        {
                            return(Request.CreateResponse(HttpStatusCode.Unauthorized, "WRONG PASSWORD"));
                        }
                        break;
                    }
                }
                else if (systemUser.RoleList != null && systemUser.RoleList.Exists(x => x.Role_ID == "PlayBoardPlayUser"))
                {
                    //硬编码的角色Role_ID,这个角色免密码登录,直接显示播放看板
                    //PlayBoardPlayUser 播放看板播放账号
                }
                else if (systemUser.User_Name.Contains("电子看板"))
                {
                }
                else
                {
                    if (string.IsNullOrEmpty(loginUser.Password) ||
                        !validateUser.LDAPValidate(loginUser.UserName, loginUser.Password, loginUser.IsEmployee))
                    {
                        return(Request.CreateResponse(HttpStatusCode.Unauthorized, "WRONG PASSWORD"));
                    }

                    //loginUser.Password = "******";
                }
                //如果不是物料员帐号登录则需要密码

                //if (!systemUser.MH_Flag && !systemUser.User_Name.Contains("电子看板"))
                //{
                //    //LDAP Authentication

                //    ValidateUser validateUser = new ValidateUser(settingService);
                //    if (string.IsNullOrEmpty(loginUser.Password) ||
                //        !validateUser.LDAPValidate(loginUser.UserName, loginUser.Password, loginUser.IsEmployee))
                //    {
                //        return Request.CreateResponse(HttpStatusCode.Unauthorized, "WRONG PASSWORD");
                //    }
                //}
                //else
                //    loginUser.Password = "******";
            }
            else
            {
                loginUser.Password = string.Empty;
            }

            //登录后,更新登录时间

            systemService.updateLastLoginDate(systemUser.Account_UID);
            //从db获取token数据并解密
            var  userlogintoken = string.Empty;
            bool refresh        = systemUser.LoginToken == null;
            FormsAuthenticationTicket ticket = null;

            if (!refresh)
            {
                userlogintoken = systemUser.LoginToken;

                try
                {
                    ticket = FormsAuthentication.Decrypt(userlogintoken);
                }
                catch
                {
                    refresh = true;
                }
            }

            if (refresh || loginUser.Password != ticket.UserData || loginUser.UserName != ticket.Name)
            {
                //userlogintoken = ReFreshToken(systemUser.Account_UID, loginUser.Password);
            }

            return(Request.CreateResponse(new AuthorizedLoginUser {
                Account_UID = systemUser.Account_UID,
                User_Name = systemUser.User_Name,
                System_Language_UID = systemUser.System_Language_UID,
                Token = userlogintoken,
                MH_Flag = systemUser.MH_Flag,
                IsMulitProject = systemUser.IsMulitProject,
                flowChartMaster_Uid = systemUser.flowChartMaster_Uid,
                USER_Ntid = systemUser.User_NTID,
                RoleList = systemUser.RoleList
            }));
        }