public void Verify(SMSBusiness business, string uniqueKey, string code, bool deleteCode) { bool isOnlyCellphoneVerify = business != SMSBusiness.SecurityValidate; var securityVerify = new SecurityVerification(Platform); if (isOnlyCellphoneVerify) { securityVerify.CheckErrorCount(business, uniqueKey); } var keyByCode = $"{Platform.ToString()}:{SecurityMethod.CellphoneCode.ToString()}:{business.ToString()}:Code:{uniqueKey}"; var codeInDb = RedisHelper.StringGet(Constant.REDIS_SMS_DBINDEX, keyByCode); if (codeInDb != null && codeInDb == code)//验证通过 { if (deleteCode) { DeleteSMSCode(business, uniqueKey); } else { //如果验证通过,并且不删除这个验证码,表示以后还要用这个验证码验证 RedisHelper.KeyExpire(keyByCode, TimeSpan.FromMinutes(Constant.SMS_EXPIRED_TIME)); } if (isOnlyCellphoneVerify) { securityVerify.DeleteErrorCount(business, uniqueKey); } return; } if (isOnlyCellphoneVerify) { securityVerify.IncreaseErrorCount(business, uniqueKey); } else { securityVerify.IncreaseErrorCount(SecurityMethod.SecurityValidate, uniqueKey, SecurityMethod.CellphoneCode); } }
private InvestorAccount CheckUser(string username, string password) { var user = new InvestorAccountDAC().GetByUsername(username); if (user == null) { throw new CommonException(ReasonCode.ACCOUNT_NOT_EXISTS, R.AccountNotExist); } var securityVerify = new SecurityVerification(SystemPlatform.FiiiCoinWork); var loginErrorCountsInt = securityVerify.CheckErrorCount(SecurityMethod.Password, user.Id.ToString()); if (user.Status == 0) { throw new CommonException(ReasonCode.ACCOUNT_DISABLED, R.该账户已被禁用); } if (!PasswordHasher.VerifyHashedPassword(user.Password, password)) { securityVerify.IncreaseErrorCount(SecurityMethod.Password, user.Id.ToString()); } securityVerify.DeleteErrorCount(SecurityMethod.Password, user.Id.ToString()); return(user); }
private UserAccount CheckUser(int countryId, string cellphone, string password) { var user = new UserAccountDAC().GetByCountryIdAndCellphone(countryId, cellphone); if (user == null) { throw new CommonException(ReasonCode.ACCOUNT_NOT_EXISTS, MessageResources.AccountNotFound); } var securityVerify = new SecurityVerification(SystemPlatform.FiiiPay); var loginErrorCountsInt = securityVerify.CheckErrorCount(SecurityMethod.Password, user.Id.ToString()); if (user.Status == 0) { throw new CommonException(ReasonCode.ACCOUNT_DISABLED, MessageResources.AccountDisabled); } if (IsNullOrWhiteSpace(user.Password) || IsNullOrWhiteSpace(password) || !PasswordHasher.VerifyHashedPassword(user.Password, password)) { securityVerify.IncreaseErrorCount(SecurityMethod.Password, user.Id.ToString()); } securityVerify.DeleteErrorCount(SecurityMethod.Password, user.Id.ToString()); return(user); }
public ActionResult Index(Account account, string TokenGid, string VerificationCode) { var securityVerify = new SecurityVerification(SystemPlatform.BackOffice); var loginBll = new LoginBLL(); string loginMessage = String.Empty; try { var loginErrorCountsInt = securityVerify.CheckErrorCount(SecurityMethod.Password, account.Username); var cacheCode = RedisHelper.StringGet(TokenGid); if (string.IsNullOrEmpty(cacheCode)) { loginMessage = "Verification code was expired"; securityVerify.IncreaseErrorCount(SecurityMethod.Password, account.Username); } if (VerificationCode.ToUpper() != cacheCode.ToUpper()) { loginMessage = "Verification code is wrong"; securityVerify.IncreaseErrorCount(SecurityMethod.Password, account.Username); } bool checkResult = loginBll.CheckUser(account.Username, account.Password, out account, ref loginMessage); if (!checkResult) { securityVerify.IncreaseErrorCount(SecurityMethod.Password, account.Username); } RedisHelper.KeyDelete(TokenGid); securityVerify.DeleteErrorCount(SecurityMethod.Password, account.Username); } catch (Framework.Exceptions.CommonException ex) { ViewBag.LoginMessage = string.IsNullOrEmpty(loginMessage) ? ex.Message : loginMessage; return(View(account)); } LoginUser lu = new LoginUser(); int roleId = account.RoleId.Value; lu.UserId = account.Id; lu.UserName = account.Username; lu.RoleId = roleId; lu.IsAdmin = false;// account.Username == "fiiipayadmin"; if (lu.IsAdmin) { lu.PerimissionList = loginBll.GetAllPermission(roleId); } else { lu.PerimissionList = loginBll.GetUserPermissionByRoleId(roleId); } RedisHelper.Set("loginuser" + account.Id, lu, new TimeSpan(1, 0, 0)); var userCookie = Request.Cookies["LoginUser"]; if (userCookie == null) { var cookie = Response.Cookies["LoginUser"]; cookie.Value = Encrypts.GetEncryptString(account.Id.ToString()); cookie.HttpOnly = true; cookie.Expires = DateTime.Now.AddDays(1); } else { Response.Cookies.Add(Request.Cookies["LoginUser"]); Response.Cookies["LoginUser"].Value = Encrypts.GetEncryptString(account.Id.ToString()); Response.Cookies["LoginUser"].Expires = DateTime.Now.AddDays(1); Response.Cookies["LoginUser"].HttpOnly = true; } return(RedirectToAction("Index", "Home")); }