public JsonResult SecureLogin(string userCode, string password)
{
bool loginResult = false;
object result;
string enableCheckCode = System.Configuration.ConfigurationManager.AppSettings["EnableCheckCode"] + string.Empty;
try
{
if (enableCheckCode != "0")
{
string[] wait = System.Configuration.ConfigurationManager.AppSettings["WaitTime"].Split(',');
var sql = "SELECT COUNT(1) FROM OT_CHECKCODE WHERE STATE = 0 AND USERCODE = N'" + userCode.Replace("'", "''") + "'";
int c = Convert.ToInt32(Engine.EngineConfig.CommandFactory.CreateCommand().ExecuteScalar(sql) + string.Empty);
int waits = 0;
int.TryParse(wait[c >= wait.Length ? wait.Length - 1 : c], out waits);
string ret = Engine.EngineConfig.CommandFactory.CreateCommand().ExecuteScalar("SELECT Max(CREATETIME) FROM OT_CHECKCODE WHERE STATE = 0 AND USERCODE = N'" + userCode.Replace("'", "''") + "'") + string.Empty;
DateTime dt = Convert.ToDateTime(string.IsNullOrWhiteSpace(ret) ? "2019-01-01 00:00:00" : ret);
if (waits > 0 && (DateTime.Now - dt).TotalSeconds < waits)
{
return(Json(new { Success = false, Message = "NeedCheckCode" }, JsonRequestBehavior.AllowGet));
}
}
loginResult = UserValidatorFactory.Login(
OThinker.Clusterware.AuthenticationType.Forms,
string.Empty,
userCode,
password,
OThinker.H3.Site.PortalType.Portal);
}
catch (Exception ex)
{
//ConnectionFailed
if (ex.Message.Contains("ConnectionFailed"))
{
return(Json(new { Success = false, Message = "ConnectionFailed" }, JsonRequestBehavior.AllowGet));
}
else if (ex.Message.Contains("PasswordInvalid"))
{
return(Json(new { Success = false, Message = "EnginePasswordInvalid" }, JsonRequestBehavior.AllowGet));
}
}
if (loginResult)
{
if (enableCheckCode != "0")
{
string sql = "UPDATE OT_CHECKCODE SET STATE = 1 WHERE USERCODE = N'" + userCode.Replace("'", "''") + "'";
Engine.EngineConfig.CommandFactory.CreateCommand().ExecuteNonQuery(sql);
}
#region 校验密码复杂度
//Regex reg = new Regex(@"^(((?=.*[0-9])(?=.*[a-zA-Z]))|((?=.*[0-9])(?=.*[!@#$%\^&*\(\)]))|((?=.*[a-zA-Z])(?=.*[!@#$%\^&*\(\)]))).{6,16}$", RegexOptions.None);
if (!RegValidate(password))
{
UserValidatorFactory.Exit(this);
Session.Clear();
Session.Abandon();
result = new
{
Success = false,
ErrorCode = 1,
Message = "密码复杂度不符合要求"
};
}
else
{
result = getCurrentUser();
FormsAuthentication.SetAuthCookie(this.UserValidator.User.Code, false);
}
#endregion
}
else
{
result = new
{
Success = false,
ErrorCode = 2,
Message = "用户名或密码错误"
};
if (enableCheckCode != "0")
{
string model = "INSERT INTO OT_CHECKCODE(OBJECTID,USERCODE,IP,SYSTEMINFO,BROWSER,CODE,STATE,LOGINTIME, CREATETIME)VALUES('[OBJECTID]','" + userCode.Replace("'", "''") + "','" + Request.UserHostAddress.Replace("'", "''") + "','" + Request.UserAgent.Replace("'", "''") + "','" + Request.Browser.Browser.Replace("'", "''") + "/" + Request.Browser.Version.Replace("'", "''") + "','',[STATE],to_date('" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "','yyyy-MM-dd HH24:mi:ss'),to_date('" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "','yyyy-MM-dd HH24:mi:ss'))";
string sql = model.Replace("[OBJECTID]", Guid.NewGuid().ToString()).Replace("[STATE]", "0");
Engine.EngineConfig.CommandFactory.CreateCommand().ExecuteNonQuery(sql);
}
UserValidatorFactory.Exit(this);
Session.Clear();
Session.Abandon();
}
return(Json(result, JsonRequestBehavior.AllowGet));
}
public void LoginOut()
{
UserValidatorFactory.Exit(this);
Session.Clear();
Session.Abandon();
}