private void Application_AuthenticateRequest(object sender, EventArgs e)
{
FormsAuthenticationTicket ticket = null;
HttpApplication application = (HttpApplication)sender;
HttpContext context = application.Context;
if ((context.Request.Url.ToString().IndexOf("/Install/Default.aspx", StringComparison.OrdinalIgnoreCase) < 0) && (context.Request.Url.ToString().IndexOf("/Install/Upgrade.aspx", StringComparison.OrdinalIgnoreCase) < 0))
{
//获取用于存储 Forms 身份验证票证的 Cookie 名称
string name = FormsAuthentication.FormsCookieName + "AdminCookie";
ticket = ExtractTicketFromCookie(context, name);
if (ticket != null)
{
SlidingExpiration(context, ticket, name);
AdminPrincipal principal = AdminPrincipal.CreatePrincipal(ticket);
if (principal.Identity.IsAuthenticated)
{
principal.AdministratorInfo = Administrators.GetAdministratorByAdminName(principal.AdminName);
//在这里获取管理员的权限列表
principal.Roles = RoleMembers.GetRoleIdListByAdminId(principal.AdministratorInfo.AdminId);
PEContext.Current.Admin = principal;
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (PEContext.Current.Admin.Identity.IsAuthenticated)
{
LogInfo info = new LogInfo();
info.UserName = PEContext.Current.Admin.AdminName;
info.UserIP = PEContext.Current.UserHostAddress;
info.ScriptName = base.Request.RawUrl;
info.Timestamp = DateTime.Now;
info.PostString = "\r\nFORM: " + HttpContext.Current.Request.Form.ToString() + "\r\nQUERYSTRING: " + HttpContext.Current.Request.QueryString.ToString();
info.Source = "";
string name = FormsAuthentication.FormsCookieName + "AdminCookie";
string str2 = string.Empty;
if (HttpContext.Current.Request.Browser["supportsEmptyStringInCookieValue"] == "false")
{
str2 = "NoCookie";
}
HttpCookie cookie = new HttpCookie(name, str2);
cookie.HttpOnly = true;
cookie.Path = FormsAuthentication.FormsCookiePath;
cookie.Expires = new DateTime(0x7cf, 10, 12);
cookie.Secure = FormsAuthentication.RequireSSL;
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
HttpContext.Current.Response.Cookies.Remove(name);
HttpContext.Current.Response.Cookies.Add(cookie);
FormsAuthentication.SignOut();
AdministratorInfo administratorByAdminName = Administrators.GetAdministratorByAdminName(PEContext.Current.Admin.AdministratorInfo.AdminName);
administratorByAdminName.LastLogOffTime = new DateTime?(DateTime.Now);
Administrators.Update(administratorByAdminName);
info.Category = LogCategory.LogOff;
info.Message = "退出成功";
info.Title = info.UserName + " 退出成功";
info.Priority = LogPriority.Normal;
LogFactory.CreateLog().Add(info);
}
BasePage.ResponseRedirect("index.aspx");
}
protected void BtnSubmit_Click(object sender, EventArgs e)
{
AdministratorInfo administratorByAdminName = Administrators.GetAdministratorByAdminName(PEContext.Current.Admin.AdministratorInfo.AdminName);
if (StringHelper.ValidateMD5(StringHelper.MD5(this.TxtOldPassword.Text), administratorByAdminName.AdminPassword))
{
administratorByAdminName.AdminPassword = StringHelper.MD5(this.TxtPassword.Text);
administratorByAdminName.LastModifyPasswordTime = new DateTime?(DateTime.Now);
if (Administrators.Update(administratorByAdminName))
{
AdminPage.WriteSuccessMsg("修改密码成功!", "MyWorktable.aspx");
}
else
{
AdminPage.WriteErrMsg("修改密码失败!");
}
}
else
{
AdminPage.WriteErrMsg("您的旧密码不对,请与超级管理员联系!");
}
}