public ActionResult LogOff()
{
HttpCookie cookie = Request.Cookies.Get(BaseAuthorizeHelper.GuidCodeCookieKey);
//退出写入日志
if (User.Identity.IsAuthenticated)
{
string userName = User.Identity.Name;
B_User usr = B_UserManager.GetB_User(m => m.UserName == userName);
if (usr != null)
{
//如果是当前用户
if (cookie != null && cookie.Value == usr.GuidCode)
{
B_UserManager.LogOff(userName);
}
}
B_MenuRights.RemoveHashMenuRights(userName);
FormsAuthentication.SignOut();
}
if (cookie != null)
{
cookie.Values.Clear();
cookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Add(cookie);
}
return(RedirectToAction("Login", "Home"));
}
public ContentResult Login(B_User user)
{
try
{
string rtn = string.Empty;
if (string.IsNullOrWhiteSpace(user.UserName))
{
rtn = "账号不能为空!";
return(Content(rtn));
}
if (user.UserName == WeConfig.robot)
{
rtn = "没有此账号!";
return(Content(rtn));
}
if (string.IsNullOrWhiteSpace(user.PassWord))
{
rtn = "密码不能为空!";
return(Content(rtn));
}
if (string.IsNullOrWhiteSpace(user.valiCode))
{
return(Content("验证码不能为空"));
}
if (Session["ValidateCode"] == null)
{
rtn = "验证码超时!";
return(Content(rtn));
}
else
{
if (!user.valiCode.Equals(Session["ValidateCode"]))
{
rtn = "验证码错误!";
return(Content(rtn));
}
}
string error = string.Empty;
string userName = user.UserName;
string guidCode = DAL.MD5Helper.GetMD5UTF8(Request.UserHostAddress + "," + Guid.NewGuid().ToString());
user.LoginLastDat = DateTime.Now;
user.CurrentTime = user.LoginLastDat.AddSeconds(System.Web.Security.FormsAuthentication.Timeout.TotalSeconds);
user.LoginLastIp = Request.UserHostAddress;
user.GuidCode = guidCode;
//业务逻辑(判断和设置)
Func <B_User, bool, bool> func = (dbUser, usrExists) =>
{
if (usrExists)
{
TempData["Msg"] = dbUser.UserName + "已下线,请重新登录!";
}
if (dbUser.IsValid == false)
{
error = "您的帐号已被禁用,请及时联系管理员!";
return(false);
}
//快捷生成ticket
FormsAuthentication.SetAuthCookie(dbUser.UserName, false);
HttpCookie cookie = Request.Cookies.Get(BaseAuthorizeHelper.GuidCodeCookieKey);
if (cookie == null)
{
cookie = new HttpCookie(BaseAuthorizeHelper.GuidCodeCookieKey);
}
cookie.Value = guidCode;
Response.Cookies.Add(cookie);
return(true);
};
if (B_UserManager.Login(user, func))
{
string url = string.Concat("/", this.ControllerContext.RouteData.Values["controller"].ToString(),
"/", this.ControllerContext.RouteData.Values["action"].ToString());
SYSLog.add("电脑端后台用户登录", "后台用户" + user.Name + "(" + user.UserName + ")登录,ip为" + Request.UserHostAddress, "/Home/Login", "登录", "电脑端后台");
return(Content("ok"));
}
rtn = "账号或密码错误";
if (!string.IsNullOrWhiteSpace(error))
{
rtn = error;
}
return(Content(rtn));
}
catch (Exception ex)
{
DAL.Log.Instance.Write(ex.ToString(), "Login_error");
return(Content("连接数据库出错"));
}
}
/// <summary>
/// 根据context获取基础授权
/// </summary>
/// <param name="context"></param>
/// <param name="curUrl"></param>
/// <returns></returns>
public static BaseAuthorizeModel GetAuthorizeModel(HttpContextBase context, string curUrl = null)
{
string error = "您的帐号已下线,请重新登录后再操作!";
BaseAuthorizeModel auth = new BaseAuthorizeModel
{
IsAuthorize = false
};
bool isAuthenticated = context.User.Identity.IsAuthenticated;
if (isAuthenticated == false)
{
auth.TempDataMsg = error;
return(auth);
}
//取唯一标识和判断是否第一次登录
HttpCookie cookie = context.Request.Cookies.Get(GuidCodeCookieKey);
if (cookie == null)
{
FormsAuthentication.SignOut();
auth.TempDataMsg = error;
return(auth);
}
auth.GuidCode = cookie.Value;
auth.UserName = context.User.Identity.Name;
//处理应用程序重启还在线的用户
B_User usr = B_UserManager.GetB_UserAndRefresh(u => u.UserName == auth.UserName, curUrl);
if (usr == null)
{
if (B_UserManager.IsInitTimeOut == false)
{
usr = B_UserManager.GetB_UserAndLogin(auth.UserName, u =>
{
if (u.IsValid == false)
{
error = "您的帐号被禁用,请及时联系管理员!";
return(false);
}
if (u.GuidCode != auth.GuidCode)
{
//error = "您的帐号在其他地方登录,您已下线!";
return(false);
}
return(true);
});
}
if (usr == null)
{
auth.TempDataMsg = error;
FormsAuthentication.SignOut();
return(auth);
}
}
//同步系统超时(精确到秒所以比实际延迟一点)
if (usr.IsLoginedTimeOut)
{
auth.TempDataMsg = "您的帐号已超时,请重新登录后再操作!";
//不用移除登录用户(登录时会自动移除超时用户)
FormsAuthentication.SignOut();
return(auth);
}
if (usr.GuidCode != auth.GuidCode)
{
//auth.TempDataMsg = "您的帐号已在其他地方登录,您已下线!";
//不用移除登录用户(不能移除在别处登录的用户)
FormsAuthentication.SignOut();
return(auth);
}
//如果处理中有设置错误消息
if (usr.IsNoError == false)
{
auth.TempDataMsg = usr.ErrorData;
B_UserManager.RemoveUser(usr.UserName);
FormsAuthentication.SignOut();
return(auth);
}
auth.IsAuthorize = true;
auth.CurrentSYSUser = usr;
return(auth);
}
