public CSign Post(CSign value)
{
using (var dal =DalBuilder.CreateDal(ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString, 0))
{
bool ok;
try
{
dal.Open();
}
catch(Exception ex)
{
LogBll.Write(dal,new CLog
{
LogUser = string.Format("{0}-{1}",value.UserCode,value.UserName),
LogContent = string.Format("{0}#{1}", "Signin", ex.Message),
LogType = LogType.系统异常
});
throw new HttpResponseException(new SystemExceptionMessage());
}
var tokenCookie = HttpContext.Current.Request.Cookies["Token"];
if (value.Remain && tokenCookie != null && string.IsNullOrEmpty(value.UserCode) && string.IsNullOrEmpty(value.UPwd))
{
//Token不为空 用户名和密码为空,则使用token登录
ok = SignBll.Signin(dal, tokenCookie.Values["User"],tokenCookie.Values["Value"], value);
}
else
{
//使用用户名密码登录
ok=SignBll.Signin(dal, value);
}
if (!ok)
{
throw new HttpResponseException(new DataNotFoundMessage());
}
HttpContext.Current.Session[ConfigurationManager.AppSettings["AuthSaveKey"]] = value;
//生成Token
var token = Guid.NewGuid().ToString();
SignBll.UpdateToken(dal,token,value.UserCode);
HttpContext.Current.Response.Cookies["Token"].Values["User"] = value.UserCode;
HttpContext.Current.Response.Cookies["Token"].Values["Value"] =token;
HttpContext.Current.Response.Cookies["Token"].Expires = DateTime.Now.AddDays(30);
if (value.Remain) return value;
HttpContext.Current.Response.Cookies["Token"].Expires = DateTime.Now.AddDays(-1);
SignBll.DropToken(dal, value.UserCode);
dal.Close();
return value;
}
}
/// <summary>
/// 通过用户名密码登录
/// </summary>
/// <param name="dal"></param>
/// <param name="authorityModel"></param>
/// <returns></returns>
public static bool Signin(IDal dal,CSign authorityModel)
{
int i;
var pwd = MD5.Create().ComputeHash(Encoding.Default.GetBytes(authorityModel.UserCode + authorityModel.UPwd));
var dt = dal.Select("select * from tUser where UserCode=@UserCode And UPassword=@UPassword And Enabled=1", out i,
dal.CreateParameter("@UserCode",authorityModel.UserCode),
dal.CreateParameter("@UPassword", pwd));
if (i == 0)
{
return false;
}
authorityModel.Id = Convert.ToInt16(dt.Rows[0]["Id"]);
authorityModel.UserName = Convert.ToString(dt.Rows[0]["UserName"]);
authorityModel.GroupCode =Convert.ToString(dt.Rows[0]["GroupCode"]);
authorityModel.DeptCode = Convert.ToString(dt.Rows[0]["DeptCode"]);
return true;
}
/// <summary>
/// 通过token登录
/// </summary>
/// <param name="dal"></param>
/// <param name="token"></param>
/// <param name="user"></param>
/// <param name="authorityModel"></param>
/// <returns></returns>
public static bool Signin(IDal dal, string user, string token, CSign authorityModel)
{
int i;
var tk = MD5.Create().ComputeHash(Encoding.Default.GetBytes(token));
var dt = dal.Select(" select * from tUser where UserCode=@UserCode And Token=@Token ", out i,
dal.CreateParameter("@UserCode",user),
dal.CreateParameter("@Token", tk));
if (i == 0)
{
return false;
}
authorityModel.Id = Convert.ToInt16(dt.Rows[0]["Id"]);
authorityModel.UserName = Convert.ToString(dt.Rows[0]["UserName"]);
authorityModel.UserCode = Convert.ToString(dt.Rows[0]["UserCode"]);
authorityModel.GroupCode =Convert.ToString(dt.Rows[0]["GroupCode"]);
authorityModel.DeptCode = Convert.ToString(dt.Rows[0]["DeptCode"]);
return true;
}
/// <summary>
/// 更新当前Token
/// </summary>
/// <param name="filterContext"></param>
/// <param name="dal"></param>
/// <param name="authorityModel"></param>
public void UpdateToken(AuthorizationContext filterContext, IDal dal, CSign authorityModel)
{
var token = Guid.NewGuid().ToString();
filterContext.HttpContext.Response.Cookies["Token"].Values["User"] = authorityModel.UserCode;
filterContext.HttpContext.Response.Cookies["Token"].Values["Value"] =token;
filterContext.HttpContext.Response.Cookies["Token"].Expires = DateTime.Now.AddDays(30);
SignBll.UpdateToken(dal, token, authorityModel.UserCode);
}
/// <summary>
/// 处理用户登录
/// </summary>
/// <param name="filterContext"></param>
public void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.HttpContext == null)
{
throw new Exception("此特性只适合于Web应用程序使用!");
}
if (filterContext.HttpContext.Session == null)
{
throw new Exception("服务器Session不可用!");
}
if (filterContext.ActionDescriptor.IsDefined(typeof (AllowAnonymousAttribute), true) ||
filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof (AllowAnonymousAttribute), true))
return;
using (var dal =DalBuilder.CreateDal(ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString, 0))
{
var httpCookie = filterContext.HttpContext.Request.Cookies["Token"];
if (filterContext.HttpContext.Session[_authSaveKey] != null)
{
/* if (httpCookie != null)
//更新Token
UpdateToken(filterContext, dal, (CAuthorityModel)filterContext.HttpContext.Session[_authSaveKey]);*/
return;
}
if (httpCookie != null)
{
try
{
dal.Open();
}
catch
{
throw new HttpResponseException(new SystemExceptionMessage());
}
//存在Token,进行Token登录
var authorityModel = new CSign();
if (SignBll.Signin(dal, httpCookie.Values["User"],httpCookie.Values["Value"], authorityModel))
{
filterContext.HttpContext.Session.Add(ConfigurationManager.AppSettings["AuthSaveKey"], authorityModel);
//更新Token
UpdateToken(filterContext, dal, authorityModel);
}
else
{
filterContext.Result = new RedirectResult(_authUrl);
}
dal.Close();
}
else
{
filterContext.Result = new RedirectResult(_authUrl);
}
}
}