/// <summary>
/// 用户登录验证
/// <para>返回的哈希表包含键值:</para>
/// <para>Msg 消息正文,值为[refresh]时需要刷新整个页面</para>
/// <para>Url 跳转的URL链接</para>
/// <para>IsCode 刷新验证码</para>
/// </summary>
/// <param name="userName">帐号名称</param>
/// <param name="userPwd">帐号密码</param>
/// <param name="checkCode">验证码</param>
/// <param name="returnUrl">登录跳转页面</param>
/// <param name="outEx">异常信息对象</param>
/// <returns>验证结果</returns>
public static Hashtable VerifyLogin(string userName, string userPwd, string checkCode, string returnUrl, out Exception outEx)
{
outEx = null;
Hashtable ht = new Hashtable();
ht.Add("Msg", GeneralHandler.FBaseInfo);
ht.Add("Url", GeneralHandler.SiteLoginUrl);
ht.Add("IsCode", false);
try
{
if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(userPwd) || string.IsNullOrEmpty(checkCode))
{
return(ht);
}
userPwd = CryptoHelper.MD5(userPwd, true);
checkCode = checkCode.ToLower();
string verifyCode = HttpContext.Current.Session["CheckCode"] as string;
verifyCode = verifyCode.ToLower();
if (checkCode.Length != 4 || !ValidHelper.EngIsEngAndNum(checkCode) || checkCode != verifyCode)
{
ht["Msg"] = "您输入的验证码不正确[4个字符]。";
ht["IsCode"] = true;
}
else if (userName.Length < 4 || userName.Length > 16 || !ValidHelper.EngIsRegisters(userName))
{
ht["Msg"] = "您输入的用户名不正确[4-16个字符]。";
}
else if (ValidHelper.IsSqlFilter(userName))
{
ht["Msg"] = "您输入的用户名不正确[4-16个字符]。IsSqlFilter";
}
else if (!DawnAuthUserBLL.ExistsOfName(userName))
{
ht["Msg"] = "您输入的用户名不存在!";
}
else
{
var userIList = DawnAuthUserBLL.ISelect(string.Format("[user_name]='{0}' and [user_pwd]='{1}'", userName, userPwd));
if (userIList.Count == 0)
{
ht["Msg"] = "您输入的用户名与密码不匹配!";
}
else if (userIList.Count > 1)
{
ht["Msg"] = "您的账号存在异常,请联系管理员!";
}
else
{
var userInfo = userIList.First();
if (userInfo.UserStatus == 0)
{
ht["Msg"] = "您的账号存已禁用,请联系管理员!";
}
else if (userInfo.UserGrade < 1)
{
ht["Msg"] = "对不起,您的管理级别不符合!";
}
else
{
userIList.Clear();
HttpContext.Current.Session["LoginName"] = userName;
HttpContext.Current.Session[userName] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userInfo), GeneralHandler.TokenKey);
var userAuth = DawnAuthUserBLL.GetUserAuthority(userInfo.UserId);
HttpContext.Current.Session["LoginAuthority"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userAuth), GeneralHandler.TokenKey);
var userStat = DawnAuthUserBLL.GetUserStatus(userInfo.UserId);
HttpContext.Current.Session["LoginStatus"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userStat), GeneralHandler.TokenKey);
var userExtent = DawnAuthUserExtentBLL.ISelect(string.Format("user_id='{0}'", userInfo.UserId));
HttpContext.Current.Session["LoginExtent"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userExtent), GeneralHandler.TokenKey);
FormsAuthentication.SetAuthCookie(CryptoHelper.Encrypt(userName, GeneralHandler.TokenKey), false);
#region 登录日志
DawnAuthUserLoginMDL dataInfo = new DawnAuthUserLoginMDL();
dataInfo.UserId = userInfo.UserId;
dataInfo.LogTime = DateTime.Now;
dataInfo.LogIp = RequestHelper.GetIPAddress();
dataInfo.LogMac = DawnXZ.PHYUtility.ManagementHelper.Instance().MacAddress.ToUpper();
dataInfo.LogComputer = "Unknown";
dataInfo.LogAttach = null;
dataInfo.LogCount = 1;
DawnAuthUserLoginBLL.Insert(dataInfo);
#endregion
ht["Msg"] = GeneralHandler.StateSuccess;
ht["Url"] = string.IsNullOrEmpty(returnUrl) ? GeneralHandler.SiteLoginedUrl : returnUrl;
}
}
}
}
catch (Exception ex)
{
outEx = ex;
ht["Msg"] = GeneralHandler.StateRefresh;
}
return(ht);
}
public JsonResult Logined(FormCollection form)
{
Hashtable ht = new Hashtable();
ht.Add("Msg", GeneralHandler.FBaseInfo);
ht.Add("Url", GeneralHandler.SiteLoginUrl);
ht.Add("IsCode", false);
try
{
string txtUname = form["txtUname"] as string;
string txtUpwd = form["txtUpwd"] as string;
txtUpwd = CryptoHelper.MD5(txtUpwd, true);
string txtCheckCode = form["txtCheckCode"] as string;
txtCheckCode = txtCheckCode.ToLower();
string strCheckCode = Session["CheckCode"] as string;
strCheckCode = strCheckCode.ToLower();
if (txtCheckCode.Length != 4 || !ValidHelper.EngIsEngAndNum(txtCheckCode) || txtCheckCode != strCheckCode)
{
ht["Msg"] = "您输入的验证码不正确[4个字符]。";
ht["IsCode"] = true;
}
else if (txtUname.Length < 4 || txtUname.Length > 16 || !ValidHelper.EngIsRegisters(txtUname))
{
ht["Msg"] = "您输入的用户名不正确[4-16个字符]。";
}
else if (ValidHelper.IsSqlFilter(txtUname))
{
ht["Msg"] = "您输入的用户名不正确[4-16个字符]。IsSqlFilter";
}
else if (!DawnAuthUserBLL.ExistsOfName(txtUname))
{
ht["Msg"] = "您输入的用户名不存在!";
}
else
{
var userIList = DawnAuthUserBLL.ISelect(string.Format("[user_name]='{0}' and [user_pwd]='{1}'", txtUname, txtUpwd));
if (userIList.Count == 0)
{
ht["Msg"] = "您输入的用户名与密码不匹配!";
}
else if (userIList.Count > 1)
{
ht["Msg"] = "您的账号存在异常,请联系管理员!";
}
else
{
var userInfo = userIList.First();
if (userInfo.UserStatus == 0)
{
ht["Msg"] = "您的账号存已禁用,请联系管理员!";
}
else if (userInfo.UserGrade < 2)
{
ht["Msg"] = "对不起,您的管理级别不符合!";
}
else
{
userIList.Clear();
Session["LoginName"] = txtUname;
Session[txtUname] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userInfo), GeneralHandler.TokenKey);
var userAuth = DawnAuthUserBLL.GetUserAuthority(userInfo.UserId);
Session["LoginAuthority"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userAuth), GeneralHandler.TokenKey);
var userStat = DawnAuthUserBLL.GetUserStatus(userInfo.UserId);
Session["LoginStatus"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userStat), GeneralHandler.TokenKey);
var userExtent = DawnAuthUserExtentBLL.ISelect(string.Format("user_id='{0}'", userInfo.UserId));
Session["LoginExtent"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userExtent), GeneralHandler.TokenKey);
FormsAuthentication.SetAuthCookie(CryptoHelper.Encrypt(txtUname, GeneralHandler.TokenKey), false);
#region 登录日志
DawnAuthUserLoginMDL dataInfo = new DawnAuthUserLoginMDL();
dataInfo.UserId = userInfo.UserId;
dataInfo.LogTime = DateTime.Now;
dataInfo.LogIp = RequestHelper.GetIPAddress();
dataInfo.LogMac = "Unknown";
dataInfo.LogComputer = "Unknown";
dataInfo.LogAttach = null;
dataInfo.LogCount = 1;
DawnAuthUserLoginBLL.Insert(dataInfo);
#endregion
ht["Msg"] = GeneralHandler.StateSuccess;
ht["Url"] = GeneralHandler.SiteLoginedUrl;
//var hidReturnUrl = form["hidReturnUrl"] as string;
//ht["Url"] = string.IsNullOrEmpty(hidReturnUrl) ? GeneralHandler.SiteLoginedUrl : hidReturnUrl;
}
}
}
}
catch (Exception ex)
{
//ht["Msg"] = GeneralHandler.StateRefresh;
ht["Msg"] = "对不起!无法与数据库建立连接!请联系管理员!";
GeneralHandler.InsertByError(ex);
}
return(Json(ht));
}