public IHttpActionResult Login() { try { var request = new RequestImpl(); var account = request.GetPostString("account"); var password = request.GetPostString("password"); var isAutoLogin = request.GetPostBool("isAutoLogin"); AdministratorInfo adminInfo; if (!DataProvider.AdministratorDao.Validate(account, password, true, out var userName, out var errorMessage)) { adminInfo = AdminManager.GetAdminInfoByUserName(userName); if (adminInfo != null) { DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfFailedLogin(adminInfo); // 记录最后登录时间、失败次数+1 } return(BadRequest(errorMessage)); } adminInfo = AdminManager.GetAdminInfoByUserName(userName); DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfLogin(adminInfo); // 记录最后登录时间、失败次数清零 var accessToken = request.AdminLogin(adminInfo.UserName, isAutoLogin); var expiresAt = DateTime.Now.AddDays(RequestImpl.AccessTokenExpireDays); return(Ok(new { Value = adminInfo, AccessToken = accessToken, ExpiresAt = expiresAt })); } catch (Exception ex) { LogUtils.AddErrorLog(ex); return(InternalServerError(ex)); } }