public async Task <JsonResult> Login(IFormCollection collection)
{
var service = new UserService();
var model = new LoginViewModel();
await TryUpdateModelAsync(model);
if (!ModelState.IsValid)
{
List <string> errorMsg = new List <string>();
foreach (var key in ModelState.Keys)
{
var errors = ModelState[key].Errors.ToList();
foreach (var error in errors)
{
errorMsg.Add(error.ErrorMessage);
}
}
return(Json(ResultUtil.Do(ResultCodes.验证失败, string.Join(";", errorMsg))));
}
var user = service.Login(model.Name, model.Pw);
if (user == null)
{
return(Json(ResultUtil.Do(ResultCodes.数据不存在, "用户不存在")));
}
else if (AESEncriptUtil.Decrypt(user.Pw) != model.Pw)
{
return(Json(ResultUtil.Do(ResultCodes.验证失败, "帐号或密码错误")));
}
else
{
ClaimsIdentity identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme);
identity.AddClaim(new Claim(ClaimTypes.Name, user.Name));
identity.AddClaim(new Claim(ClaimTypes.Role, user.Name == "admin" ? "admin" : "user"));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()));
identity.AddClaim(new Claim(ClaimTypes.Version, user.Version));
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, new AuthenticationProperties
{
IsPersistent = false,
//ExpiresUtc = DateTime.Today.AddDays(7),
//ExpiresUtc = DateTime.Now.AddMinutes(1),
RedirectUri = "/Login"
});
//HttpContext.Session.Set<AppUserDto>("User", new AppUserDto { Id = user.Id, Name = user.Name });
return(Json(new Result {
Code = 200, Message = ""
}));
}
}
public Result ResetPw(int id, IAppUser u)
{
var user = Load(id);
if (user == null)
{
return(ResultUtil.Do(ResultCodes.验证失败, "请求的数据不存在"));
}
user.Version = Guid.NewGuid().ToString("N");
user.Pw = AESEncriptUtil.Encrypt("123456");
user.BeforeUpdate(u);
return(Update(user, u));
}
public Result <int> Create(User u, IAppUser user)
{
var error = Validate(u);
if (!string.IsNullOrWhiteSpace(error))
{
return(ResultUtil.Do(ResultCodes.验证失败, 0, error));
}
u.Pw = AESEncriptUtil.Encrypt("123456");
u.Version = Guid.NewGuid().ToString("N");
u.BeforeCreate(user);
var id = _db.Create(u);
return(id > 0 ? ResultUtil.Success(id) : ResultUtil.Do(ResultCodes.数据库操作失败, 0));
}
public Result ChangePw(int id, string oldPw, string newPw)
{
var entity = Load(id);
if (entity == null || entity.IsDel)
{
return(ResultUtil.Do(ResultCodes.验证失败, "请求的用户不存在或已删除"));
}
if (AESEncriptUtil.Decrypt(entity.Pw) != oldPw)
{
return(ResultUtil.Do(ResultCodes.验证失败, "原始密码不正确"));
}
entity.Pw = AESEncriptUtil.Encrypt(newPw);
const string sql = "UPDATE Base_User SET Pw=@Pw WHERE Id=@Id";
var row = _db.Execute(sql, new { Id = id, entity.Pw });
return(row > 0 ? ResultUtil.Success() : ResultUtil.Do(ResultCodes.数据库操作失败));
}
