private bool ValidateLogOn(string userName, string password, out UserModel loginUser)
{
loginUser = null;
if (string.IsNullOrEmpty(userName))
{
ModelState.AddModelError("errorMsg", "用户名为空");
return(false);
}
if (string.IsNullOrEmpty(password))
{
ModelState.AddModelError("errorMsg", "密码为空");
return(false);
}
UserModel user = _userService.Get(t => t.UserName == userName);
if (user == null)
{
ModelState.AddModelError("errorMsg", "用户名不存在");
return(false);
}
string pwdhash = MD5Helper.ComputeMD5((userName + password).Trim());
if (user.Password != pwdhash)
{
ModelState.AddModelError("errorMsg", "用户名与密码不匹配");
return(false);
}
loginUser = user;
return(true);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
await Task.Factory.StartNew(() => context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }));
/*
* 对用户名、密码进行数据校验
*/
var password = MD5Helper.ComputeMD5(context.Password);
string sql = "SELECT * FROM T_USER WHERE USERNAME = @P_USERNAME AND PASSWORD= @P_PASSWORD";
var repo = new RepositoryBase(new SessionBase());
var user = repo.GetFirstOrDefault <T_User>(sql, new { P_USERNAME = context.UserName, P_PASSWORD = password });
if (user == null)
{
context.SetError("invalid_grant", "用户名或密码无效");
return;
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("role", "user"));
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
context.Validated(identity);
}
/// <summary>
/// 根据用户名和密码查询用户信息
/// </summary>
/// <param name="model"></param>
/// <returns></returns>
public T_UserDto LoginByUsername(T_UserSingleModel model)
{
var password = MD5Helper.ComputeMD5(model.Password);
string sql = "SELECT * FROM T_USER WHERE USERNAME = @P_USERNAME AND PASSWORD= @P_PASSWORD";
var user = DataRepository.GetFirstOrDefault <T_User>(sql, new { P_USERNAME = model.Username, P_PASSWORD = password });
return(AutoMapperHelper <T_User, T_UserDto> .AutoConvert(user));
}
public static string GetIdentity(this Request request)
{
int retryCount = request.GetRetryCount();
var input = new
{
request.Method,
request.Uri,
request.Encoding.EncodingName,
request.Headers,
request.Referer,
retryCount,
};
return(string.Concat(MD5Helper.ComputeMD5(Encoding.UTF8.GetBytes(JsonHelper.Serialize(input))).Select(t => t.ToString("X2"))));
}
public ActionResult Register(string username, string useremail, string passwd, string confirmpasswd)
{
if (!ValidateRegistration(username, useremail, passwd, confirmpasswd))
{
return(View());
}
var user = new UserModel
{
UserName = username,
Email = useremail,
Password = MD5Helper.ComputeMD5((username + passwd).Trim()),
Birthday = DateTime.Now,
RegDate = DateTime.Now,
Gender = 'F',
};
if (_userService.Exists(user))
{
ModelState.AddModelError("errorMsg", " 该用户已存在");
return(View());
}
_userService.Add(user);
RedisHelper.SetUserInfo(user.UserName + ":master", user);
string claimIdentifier = Util.GetUserClaimIdentifier(username).ToString();
_logService.Add(new LoginLogModel
{
UserName = user.UserName,
AddTime = DateTime.Now,
Flag = 1,
ID = Guid.NewGuid(),
OpenIdClaimedIdentifier = claimIdentifier,
OpenIdFriendlyIdentifier = claimIdentifier
});
_formsAuthService.SignIn(user, false);
return(RedirectToAction("Index", "Home"));
}
