public IActionResult ProcessRegister(UserRegModel RegisterAttempt)
{
if (ModelState.IsValid)
{
User EmailCheck = _context.users.SingleOrDefault(user => user.Email == RegisterAttempt.Email);
if (EmailCheck == null)
{
User NewUser = new User {
FirstName = RegisterAttempt.FirstName,
LastName = RegisterAttempt.LastName,
Email = RegisterAttempt.Email,
Description = RegisterAttempt.Description,
Password = RegisterAttempt.Password,
PermissionLevel = 0
};
PasswordHasher <User> Hasher = new PasswordHasher <User>();
NewUser.Password = Hasher.HashPassword(NewUser, NewUser.Password);
_context.users.Add(NewUser);
_context.SaveChanges();
HttpContext.Session.SetInt32("id", NewUser.UserId);
HttpContext.Session.SetString("name", NewUser.FirstName + ' ' + NewUser.LastName);
HttpContext.Session.SetInt32("permission", NewUser.PermissionLevel);
return(RedirectToAction("Dashboard"));
}
else
{
ModelState.AddModelError("Email", "Please try another email address");
}
}
ViewBag.LoggedIn = false;
return(View("Register", RegisterAttempt));
}
public Result <string> Regiter(UserRegModel model)
{
if (model == null)
{
return(GetInvalidResult <string>(null, "无效的会员注册信息"));
}
if (string.IsNullOrEmpty(model.MerchantId))
{
return(GetInvalidResult <string>(null, "商户Id不能为空"));
}
if (string.IsNullOrEmpty(model.UserName))
{
return(GetInvalidResult <string>(null, "会员名称不能为空"));
}
if (string.IsNullOrEmpty(model.SignKey))
{
return(GetInvalidResult <string>(null, "签名不能为空"));
}
try
{
var result = this.UserService.RegiterUser(model);
return(GetSuccessResult(result));
}
catch (Exception ex)
{
return(GetExceptionResult <string>(null, ex));
}
}
public async Task <UserViewModel> UpdateUserDetails(UserRegModel Reg)
{
try
{
if (Reg.Id != null)
{
UserAttribute objModel = new UserAttribute();
objModel = _db.UserAttributes.Find(Reg.Id);
objModel.Id = Reg.Id;
objModel.FirstName = Reg.FirstName;
objModel.LastName = Reg.LastName;
objModel.PhoneNumber = Reg.PhoneNumber;
_db.Entry(objModel).State = EntityState.Modified;
_db.SaveChanges();
return(new UserViewModel {
FirstName = objModel.FirstName
});
}
else
{
return(new UserViewModel {
Exception = "Failed"
});
}
}
catch (Exception ex)
{
return(new UserViewModel {
Exception = ex.Message
});
}
}
private string ajaxRegiter(UserRegModel model)
{
string s = "123456";
this.doh.Reset();
this.doh.SqlCmd = "SELECT Id FROM [N_User] WHERE [UserName]='" + model.UserName + "'";
if (this.doh.GetDataTable().Rows.Count > 0)
{
return("用户名重复");
}
int userId = new UserDAL().Register("0", model.UserName, MD5.Lower32(s), 0M, model.MerchantId);
this.doh.Reset();
this.doh.ConditionExpress = "id=" + (object)userId;
this.doh.AddFieldItem("UserGroup", "6");
this.doh.AddFieldItem("UserCode", Strings.PadLeft(userId.ToString()));
if (this.doh.Update("N_User") > 0)
{
new LogAdminOperDAL().SaveLog(model.MerchantId, userId.ToString(), "会员管理", "添加了会员" + model.UserName);
return("");
}
return("用户注册失败");
}
public ActionResult DeleteConfirmed(string id)
{
UserRegModel userregmodel = db.UserRegistration.Find(id);
db.UserRegistration.Remove(userregmodel);
db.SaveChanges();
return(RedirectToAction("Index"));
}
public async System.Threading.Tasks.Task <JsonResult> AddUser(UserRegModel userRegModel)
{
try
{
DataTable _myDataTable = new DataTable();
_myDataTable.Columns.Add(new DataColumn("UserId"));
_myDataTable.Columns.Add(new DataColumn("Fund"));
if (userRegModel.Roles == "ABC_User" || userRegModel.Roles == "Admin")
{
for (int j = 0; j < userRegModel.fundMultiple.Length; j++)
{
DataRow dr = _myDataTable.NewRow();
dr[0] = userRegModel.ID;
dr[1] = userRegModel.fundMultiple[j];
_myDataTable.Rows.Add(dr);
}
}
else
{
DataRow dr = _myDataTable.NewRow();
dr[0] = userRegModel.ID;
dr[1] = userRegModel.fundSingle;
_myDataTable.Rows.Add(dr);
}
string CommandText = "UserReg";
var parameters = new List <IDbDataParameter>();
parameters.Add(db.CreateParameter("@id", userRegModel.ID, DbType.Int16));
parameters.Add(db.CreateParameter("@FirstName", userRegModel.FirstName, DbType.String));
parameters.Add(db.CreateParameter("@LastName", userRegModel.LastName, DbType.String));
parameters.Add(db.CreateParameter("@Role", userRegModel.Roles, DbType.String));
parameters.Add(db.CreateParameter("@UserName", userRegModel.UserName, DbType.String));
parameters.Add(db.CreateParameter("@AuthenticationType", userRegModel.AuthenticationType, DbType.String));
parameters.Add(db.CreateParameter("@Email", userRegModel.Email, DbType.String));
parameters.Add(db.CreateParameter("@User_FundTableType", _myDataTable, SqlDbType.Structured));
DataTable dt = new DataTable();
dt = db.GetDataTable(CommandText, CommandType.StoredProcedure, parameters.ToArray());
if (userRegModel.ID == 0)
{
if (dt.Rows.Count > 0)
{
if (dt.Rows[0]["Email"] != null && dt.Rows[0]["Email"].ToString() != "")
{
await Common.StaticClass.SendmailAsync(dt);
}
}
}
return(Json(true, JsonRequestBehavior.AllowGet));
}
catch (Exception ex)
{
TempData["Message"] = "Registration failed.Username and Password not supplied";
return(Json(false, JsonRequestBehavior.AllowGet));
}
}
public ActionResult GetUserAddEditHtml(int Id)
{
UserRegModel userRegModel = new UserRegModel();
string viewContent = "";
try
{
List <SelectListItem> Clients = GetFundDropDownListFill();
userRegModel.FundList = Clients;
if (Id != 0)
{
string Commandtext = "select * from [dbo].[UserLogin] where Id=" + Id;
DataTable dt = new DataTable();
dt = db.GetDataTable(Commandtext, CommandType.Text);
foreach (DataRow item in dt.Rows)
{
userRegModel.FirstName = item["FirstName"].ToString();
userRegModel.LastName = item["LastName"].ToString();
userRegModel.UserName = item["UserName"].ToString();
userRegModel.AuthenticationType = item["AuthenticationType"].ToString();
userRegModel.Email = item["Email"].ToString();
userRegModel.Roles = item["Role"].ToString();
userRegModel.ID = Convert.ToInt32(item["Id"]);
}
DataTable dt1 = new DataTable();
string Commandtext1 = "select Fund from [dbo].[User_Funds] where UserId=" + Id;
dt1 = db.GetDataTable(Commandtext1, CommandType.Text);
if (dt1.Rows.Count > 0)
{
if (userRegModel.Roles == "ABC_User" || userRegModel.Roles == "Admin")
{
userRegModel.fundMultiple = dt1.Rows.OfType <DataRow>().Select(k => k[0].ToString()).ToArray();
}
else
{
userRegModel.fundSingle = dt1.Rows[0]["Fund"].ToString();
}
}
}
viewContent = ConvertViewToString("_AddUserPartialView", userRegModel);
}
catch (Exception ex)
{
throw;
}
return(Json(new { viewContent = viewContent }, JsonRequestBehavior.AllowGet));
}
public ActionResult Edit(UserRegModel userregmodel)
{
if (ModelState.IsValid)
{
db.Entry(userregmodel).State = EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("Index"));
}
return(View(userregmodel));
}
//
// GET: /Registration/Delete/5
public ActionResult Delete(string id = null)
{
UserRegModel userregmodel = db.UserRegistration.Find(id);
if (userregmodel == null)
{
return(HttpNotFound());
}
return(View(userregmodel));
}
public ActionResult Create(UserRegModel userregmodel)
{
if (ModelState.IsValid)
{
db.UserRegistration.Add(userregmodel);
db.SaveChanges();
return(RedirectToAction("Index"));
}
return(View(userregmodel));
}
public int OnupdatePassword()
{
UserRegModel regModel = new UserRegModel();
regModel.ActivationCode = userModel.ActivationCode;
regModel.Password = userModel.Password;
regModel.Email = userModel.Email;
var res = _apiSignUpService.UpdatePassword(userModel);
return(1);
}
public async Task <UserViewModel> UpdatePassword(UserRegModel Reg)
{
try
{
if (Reg.ActivationCode != null)
{
var user = await _db.Users
.Include(u => u.UserAttribute)
.SingleOrDefaultAsync(u => u.Email == Reg.Email);
UserAttribute objModel = new UserAttribute();
objModel = _db.UserAttributes.Find(user.Id);
if (objModel.ActivationCode == Reg.ActivationCode)
{
string password = await _hasher.HashAsync(Reg.Password);
objModel.Id = objModel.Id;
objModel.FirstName = objModel.FirstName;
objModel.LastName = objModel.LastName;
objModel.PasswordHash = password;
_db.Entry(objModel).State = EntityState.Modified;
_db.SaveChanges();
return(new UserViewModel {
Exception = "Success"
});
}
else
{
return(new UserViewModel {
Exception = "failed"
});
}
}
else
{
return(new UserViewModel {
Exception = "Failed"
});
}
}
catch (Exception ex)
{
return(new UserViewModel {
Exception = ex.Message
});
}
}
public ActionResult Register(UserRegModel model)
{
if (ModelState.IsValid == false)
{
return(Json(new AjaxResult
{
Status = "error",
ErrorMsg = MVCHelper.GetValidMsg(ModelState)
}));
}
//比较输入验证码与服务器的验证码是否一致
string serverSmsCode = TempData["smsCode"].ToString();
if (model.SmsCode != serverSmsCode)
{
return(Json(new AjaxResult {
Status = "error", ErrorMsg = "短信验证码错误"
}));
}
//比较电话号码是否一致
string serverPhoneNum = (string)TempData["RegphoneNum"];
if (serverPhoneNum != model.PhoneNum)
{
return(Json(new AjaxResult
{
Status = "error",
ErrorMsg = "注册的手机号和获取验证码手机号不同"
}));
}
//漏洞
if (userService.GetByPhoneNum(model.PhoneNum) != null)
{
return(Json(new AjaxResult
{
Status = "error",
ErrorMsg = "此手机号已经被注册"
}));
}
userService.AddNew(model.PhoneNum, model.PassWord);
return(Json(new AjaxResult {
Status = "ok"
}));
}
public ActionResult Register(UserRegModel model)
{
//提交表单合法性验证
if (ModelState.IsValid == false)
{
return(Json(new AjaxResult
{
Status = "error",
ErrorMsg = MVCHelper.GetValidMsg(ModelState)
}));
}
//检查一下注册时候的手机号是不是被改掉了。防止漏洞
string serverPhoneNum = (string)TempData["RegPhoneNum"];
if (serverPhoneNum != model.PhoneNum)
{
return(Json(new AjaxResult
{
Status = "error",
ErrorMsg = "注册的手机号和刚才验证短信验证码的手机号不一致"
}));
}
//比较输入的短信验证码和服务器端保存的正确的验证码是否一致
string serverSmsCode = (string)TempData["smsCode"];
if (model.SmsCode != serverSmsCode)
{
return(Json(new AjaxResult {
Status = "error", ErrorMsg = "短信验证码错误"
}));
}
//漏洞(可以随便编一个手机号也能通过注册)
//检查手机号是不是已经存在
if (userService.GetByPhoneNum(model.PhoneNum) != null)
{
return(Json(new AjaxResult {
Status = "error", ErrorMsg = "此手机号已经被注册"
}));
}
userService.AddNew(model.PhoneNum, model.Password);
return(Json(new AjaxResult {
Status = "ok"
}));
}
public IActionResult CreateUser([FromBody] UserRegModel model)
{
int.TryParse(_config["security:pwdsize"], out var size);
var salt = PasswordService.GenerateSalt(size);
var passwd = PasswordService.HashPassword(model.Password, salt, size);
var user = _dataService.CreateUser(model.Email, model.Username, passwd, model.Location, salt);
if (user == null)
{
return(BadRequest());
}
var displayUser = Mapper.Map <GetUserModel>(user);
displayUser.Marks = Url.RouteUrl(nameof(MarkController.GetMarked));
displayUser.History = Url.RouteUrl(nameof(HistoryController.GetAllHistoryOfUser));
return(Created("", displayUser));
}
public async Task <UserViewModel> UserRegistration(UserRegModel Reg)
{
try
{
if (Reg != null)
{
string Password = await _hasher.HashAsync(Reg.Password);
var UserDetails = new User
{
Email = Reg.Email,
IsVerified = true
};
User UserSave = _mapper.Map <User>(UserDetails);
await _db.Users.AddAsync(UserDetails);
await _db.SaveChangesAsync();
Reg.Id = UserSave.Id;
UserAttribute UserAttr = _mapper.Map <UserAttribute>(Reg);
UserAttr.UserId = UserSave.Id;
UserAttr.PasswordHash = Password;
await _db.UserAttributes.AddAsync(UserAttr);
await _db.SaveChangesAsync();
return(new UserViewModel {
Email = UserSave.Email
});
}
else
{
return(new UserViewModel {
Exception = "Failed"
});
}
}
catch (Exception ex)
{
return(new UserViewModel {
Exception = ex.Message
});
}
}
public ActionResult Register(UserRegModel model)
{
//表单合法性验证
if (ModelState.IsValid == false)
{
return(Json(new AjaxResult
{
Status = "error",
ErrorMsg = MVCHelper.GetValidMsg(ModelState)
}));
}
//检查注册的是不刚刚发送验证码的手机号
string serverPhoneNum = (string)TempData["RegPhoneNum"];
if (serverPhoneNum != model.PhoneNum)
{
return(Json(new AjaxResult
{
Status = "error",
ErrorMsg = "注册的手机号和刚才发送短信的手机号不一致"
}));
}
//把服务器中smsCode取出来和输入的短信验证码比较是否一致
string serversmsCode = (string)TempData["smsCode"];
if (model.SmsCode != serversmsCode)
{
return(Json(new AjaxResult {
Status = "error", ErrorMsg = "短信验证码错误"
}));
}
//检查手机号是否被占用
if (userService.GetByPhoneNum(model.PhoneNum) != null)
{
return(Json(new AjaxResult {
Status = "error", ErrorMsg = "此手机号已被注册"
}));
}
userService.AddNew(model.PhoneNum, model.Password);
return(Json(new AjaxResult {
Status = "ok"
}));
}
public JsonResult DeleteUser(long Id)
{
UserRegModel userRegModel = new UserRegModel();
string viewContent = "";
try
{
string Commandtext = "DeleteUser";
var parameters = new List <IDbDataParameter>();
parameters.Add(db.CreateParameter("@Id", Id, DbType.Int64));
object result = db.GetScalarValue(Commandtext, CommandType.StoredProcedure, parameters.ToArray());
return(Json(true, JsonRequestBehavior.AllowGet));
}
catch (Exception ex)
{
throw;
}
return(Json(new { viewContent = viewContent }, JsonRequestBehavior.AllowGet));
}
public ActionResult Register(UserRegModel model)
{
if (ModelState.IsValid == false)
{
return(Json(new AjaxResult
{
Status = "error",
ErrorMsg = MVCHelper.GetValidMsg(ModelState)
}));
}
string serverSmsCode = (string)TempData["smsCode"];
if (model.SmsCode != serverSmsCode)
{
return(Json(new AjaxResult {
Status = "error", ErrorMsg = "短信验证码错误"
}));
}
var serverPhoneNum = (string)TempData["regPhoneNum"];
if (model.PhoneNum != serverPhoneNum)
{
return(Json(new AjaxResult {
Status = "error", ErrorMsg = "注册的手机号跟发送验证码手机号不一致"
}));
}
if (userService.GetByPhoneNum(model.PhoneNum) != null)
{
return(Json(new AjaxResult
{
Status = "error",
ErrorMsg = "此手机号已经被占用",
}));
}
userService.AddNew(model.PhoneNum, model.Password);
return(Json(new AjaxResult {
Status = "ok"
}));
}
public JsonResult GetUsersList(int Page_No, string Search_Data = "")
{
List <UserRegModel> UserModel = new List <UserRegModel>();
try
{
DataTable dt = new DataTable();
string Commandtext = "GetUsersList";
var parameters = new List <IDbDataParameter>();
parameters.Add(db.CreateParameter("@search", Search_Data, DbType.String));
parameters.Add(db.CreateParameter("@Page", Page_No, DbType.Int32));
parameters.Add(db.CreateParameter("@pageSize", 10, DbType.Int16));
dt = db.GetDataTable(Commandtext, CommandType.StoredProcedure, parameters.ToArray());
foreach (DataRow item in dt.Rows)
{
UserRegModel User = new UserRegModel();
User.FirstName = item["FirstName"].ToString();
User.LastName = item["LastName"].ToString();
User.UserName = item["UserName"].ToString();
User.AuthenticationType = item["AuthenticationType"].ToString() == "Username_and_Password"? "Username and Password": "******";
User.Email = item["Email"].ToString();
User.Roles = item["Role"].ToString() == "ABC_User"? "ABC User": (item["Role"].ToString() == "Admin")? "Admin":"Fund User";
User.ID = Convert.ToInt32(item["Id"]);
UserModel.Add(User);
}
}
catch (Exception ex)
{
throw;
}
string viewContent = ConvertViewToString("_UsersListPartilaView", UserModel);
return(Json(new { viewContent = viewContent }, JsonRequestBehavior.AllowGet));
//return Json(UserModel);
}
/// <summary>
/// Create new user account.
/// </summary>
/// <param name="user">User registration model <see cref="UserRegModel"/></param>
/// <returns>Html page with create user form.</returns>
public ActionResult Create(UserRegModel user)
{
try {
if (ModelState.IsValid)
{
IdentityResult result = repo.RegisterUser(user);
if (result.Succeeded)
{
ViewBag.ResultType = "success";
ViewBag.ResultMessage = "User " + user.UserName + " has been created";
}
else
{
ViewBag.ResultType = "danger";
ViewBag.ResultMessage = result.Errors.Aggregate((x, y) => x + "; " + y);
}
}
}
catch {
return(View());
}
return(View());
}
public JsonResult LoginUser(FormCollection collection)
{
try
{
success = false;
message = "Invalid User.";
string userId = collection["UserID"];
string password = collection["password"];
UserRegModel userregmodel = db.UserRegistration.Single(p => p.UserID == userId && p.Password == password);
if (userregmodel != null)
{
success = true;
message = "Loggedin Successfully.";
}
return(Json(new { success, message }, JsonRequestBehavior.AllowGet));
}
catch (Exception ex)
{
success = false;
message = ex.Message;
return(Json(new { success, message }, JsonRequestBehavior.AllowGet));
}
}
/// <summary>
/// 注册会员
/// </summary>
/// <param name="model">注册信息</param>
/// <returns>用户登录凭证Token</returns>
public string RegiterUser(UserRegModel model)
{
using (var dbContext = new TicketEntities())
{
if (string.IsNullOrEmpty(model.MerchantId) && string.IsNullOrEmpty(model.UserName) && string.IsNullOrEmpty(model.SignKey))
{
throw new InvalidOperationException("无效的用户登录信息");
}
//1, 判断用户是否存在
var merchantEntity = dbContext.N_Merchant.FirstOrDefault(it => (it.MerchantId.Equals(model.MerchantId, StringComparison.OrdinalIgnoreCase)));
if (merchantEntity == null)
{
Log.Error("商户不存在");
throw new InvalidOperationException("商户不存在");
}
if (string.IsNullOrEmpty(merchantEntity.Code))
{
Log.Error("无效的商户信息");
throw new InvalidOperationException("无效的商户信息");
}
//2, 验证加密串
//按顺序(商户Id&会员用户名&商户安全码)MD5加密串
var signKey = MD5Cryptology.GetMD5(string.Format("{0}&{1}&{2}", model.MerchantId, model.UserName, merchantEntity.Code), "gb2312");
if (string.Compare(signKey, model.SignKey, true) != 0)
{
Log.Error("无效的商户安全码" + signKey);
throw new InvalidOperationException("无效的商户安全码" + signKey);
}
var result = ajaxRegiter(model);
if (!string.IsNullOrEmpty(result))
{
Log.ErrorFormat("注册失败: {0}", result);
throw new InvalidOperationException(result);
}
//3,验证用户
var userEntity = dbContext.N_User.FirstOrDefault(it => it.UserName.Equals(model.UserName, StringComparison.OrdinalIgnoreCase));
if (userEntity == null)
{
Log.Error("新用户注册失败");
throw new InvalidOperationException("新用户注册失败");
}
var token = this.GenerateToken(); // 获取用户登录Token
userEntity.Token = token;
userEntity.ExpirationTime = DateTime.Now.AddDays(2); // 设置Token有效期
SaveDbChanges(dbContext);
string message = null;
if (string.IsNullOrEmpty(token))
{
message = "新用户注册失败,请重新注册!";
}
message = "恭喜你,新用户注册成功!";
return(token + "@" + message);
}
}
public async Task <IActionResult> Registration([FromBody] UserRegModel reg)
{
var resonse = await _regandLogin.UserRegistration(reg);
return(Ok(resonse));
}
public async Task <IActionResult> UpdatePassword([FromBody] UserRegModel reg)
{
var res = await _regandLogin.UpdatePassword(reg);
return(Ok(res));
}
public async Task <IActionResult> UpdateUserDetails([FromBody] UserRegModel reg)
{
var resonse = await _regandLogin.UpdateUserDetails(reg);
return(Ok(resonse));
}
