public IHttpActionResult ResetPwd(AccountResetPwdModel accountResetPwdModel) { var account = _accountService.GetAccountUserByUsername(accountResetPwdModel.UserName); if (account.Password != _encryptionService.EncryptText(accountResetPwdModel.Password)) { return(BadRequest("原密码输入不正确!")); } if (accountResetPwdModel.Newpassword != accountResetPwdModel.Againpassword) { return(BadRequest("两次输入的密码不一致!")); } account.Password = _encryptionService.EncryptText(accountResetPwdModel.Newpassword); //保存用户 _accountService.UpdateAccountUser(account); //activity log _accountUserActivityService.InsertActivity("UpdateAccount", "更新 名为 {0} 的用户的基本信息", account.UserName); //SuccessNotification(_localizationService.GetResource("Admin.Catalog.Categories.Added")); return(Ok()); }
/// <summary> /// 验证用户的正确性 /// </summary> /// <param name="account"></param> /// <param name="password"></param> /// <returns></returns> public Task <AccountUser> ValidateAccountUserAsync(string account, string password) { if (string.IsNullOrWhiteSpace(password)) { throw new ArgumentNullException("密码不能为空"); } var accountUser = _accountUserService.GetAccountUserByUsername(account); if (accountUser != null) { bool passwordCorrect = false; switch (accountUser.PasswordFormat) { case PasswordFormat.Clear: { passwordCorrect = password == accountUser.Password; } break; case PasswordFormat.Encrypted: { passwordCorrect = _encryptionService.EncryptText(password) == accountUser.Password; } break; case PasswordFormat.Hashed: { string saltKey = _encryptionService.CreateSaltKey(5); passwordCorrect = _encryptionService.CreatePasswordHash(password, saltKey, _customerSettings.HashedPasswordFormat) == accountUser.Password; } break; default: break; } if (passwordCorrect) { accountUser.LastLoginDate = DateTime.Now; _accountUserService.UpdateAccountUser(accountUser); return(Task.FromResult(accountUser)); } } return(Task.FromResult <AccountUser>(null));; }
/// <summary> /// 用户注册 /// </summary> /// <param name="request"></param> /// <returns></returns> public virtual AccountUserRegistrationResult RegisterAccountUser(AccountUserRegistrationRequest request) { if (request == null) { throw new ArgumentNullException("request"); } if (request.AccountUser == null) { throw new ArgumentNullException("无法加载当前用户"); } var result = new AccountUserRegistrationResult(); if (request.AccountUser.IsSearchEngineAccount()) { result.AddError("搜索引擎用户无法注册"); return(result); } if (request.AccountUser.IsBackgroundTaskAccount()) { result.AddError("Background task account can't be registered"); return(result); } if (String.IsNullOrWhiteSpace(request.Password)) { result.AddError("密码不能为空"); return(result); } //暂时 if (_customerSettings.UsernamesEnabled) { if (String.IsNullOrEmpty(request.Username)) { result.AddError("用户名不能为空"); return(result); } } if (_customerService.GetAccountUserByUsername(request.Username) != null) { result.AddError(string.Format("用户名已经注册用户")); return(result); } //at this point request is valid request.AccountUser.UserName = request.Username; request.AccountUser.PasswordFormat = request.PasswordFormat; switch (request.PasswordFormat) { case PasswordFormat.Clear: { request.AccountUser.Password = request.Password; } break; case PasswordFormat.Encrypted: { request.AccountUser.Password = _encryptionService.EncryptText(request.Password); } break; case PasswordFormat.Hashed: { string saltKey = _encryptionService.CreateSaltKey(5); request.AccountUser.PasswordSalt = saltKey; request.AccountUser.Password = _encryptionService.CreatePasswordHash(request.Password, saltKey, _customerSettings.HashedPasswordFormat); } break; default: break; } request.AccountUser.Active = request.IsApproved; //add to 'Registered' role var registeredRole = _customerService.GetAccountUserRoleBySystemName(SystemAccountUserRoleNames.Registered); if (registeredRole == null) { throw new QZCHYException("'Registered' role could not be loaded"); } request.AccountUser.AccountUserRoles.Add(registeredRole); //remove from 'Guests' role var guestRole = request.AccountUser.AccountUserRoles.FirstOrDefault(cr => cr.SystemName == SystemAccountUserRoleNames.Guests); if (guestRole != null) { request.AccountUser.AccountUserRoles.Remove(guestRole); } //Add reward points for customer registration (if enabled) if (_rewardPointsSettings.Enabled && _rewardPointsSettings.PointsForRegistration > 0) { //TODO:注册获得积分 // request.AccountUser.AddRewardPointsHistoryEntry(_rewardPointsSettings.PointsForRegistration, "注册获得积分"); } _customerService.UpdateAccountUser(request.AccountUser); return(result); }