public ActionResult LogOff() { HttpCookie cookie = Request.Cookies.Get(BaseAuthorizeHelper.GuidCodeCookieKey); //退出写入日志 if (User.Identity.IsAuthenticated) { string userName = User.Identity.Name; B_User usr = B_UserManager.GetB_User(m => m.UserName == userName); if (usr != null) { //如果是当前用户 if (cookie != null && cookie.Value == usr.GuidCode) { B_UserManager.LogOff(userName); } } B_MenuRights.RemoveHashMenuRights(userName); FormsAuthentication.SignOut(); } if (cookie != null) { cookie.Values.Clear(); cookie.Expires = DateTime.Now.AddDays(-1); Response.Cookies.Add(cookie); } return(RedirectToAction("Login", "Home")); }
public ContentResult Login(B_User user) { try { string rtn = string.Empty; if (string.IsNullOrWhiteSpace(user.UserName)) { rtn = "账号不能为空!"; return(Content(rtn)); } if (user.UserName == WeConfig.robot) { rtn = "没有此账号!"; return(Content(rtn)); } if (string.IsNullOrWhiteSpace(user.PassWord)) { rtn = "密码不能为空!"; return(Content(rtn)); } if (string.IsNullOrWhiteSpace(user.valiCode)) { return(Content("验证码不能为空")); } if (Session["ValidateCode"] == null) { rtn = "验证码超时!"; return(Content(rtn)); } else { if (!user.valiCode.Equals(Session["ValidateCode"])) { rtn = "验证码错误!"; return(Content(rtn)); } } string error = string.Empty; string userName = user.UserName; string guidCode = DAL.MD5Helper.GetMD5UTF8(Request.UserHostAddress + "," + Guid.NewGuid().ToString()); user.LoginLastDat = DateTime.Now; user.CurrentTime = user.LoginLastDat.AddSeconds(System.Web.Security.FormsAuthentication.Timeout.TotalSeconds); user.LoginLastIp = Request.UserHostAddress; user.GuidCode = guidCode; //业务逻辑(判断和设置) Func <B_User, bool, bool> func = (dbUser, usrExists) => { if (usrExists) { TempData["Msg"] = dbUser.UserName + "已下线,请重新登录!"; } if (dbUser.IsValid == false) { error = "您的帐号已被禁用,请及时联系管理员!"; return(false); } //快捷生成ticket FormsAuthentication.SetAuthCookie(dbUser.UserName, false); HttpCookie cookie = Request.Cookies.Get(BaseAuthorizeHelper.GuidCodeCookieKey); if (cookie == null) { cookie = new HttpCookie(BaseAuthorizeHelper.GuidCodeCookieKey); } cookie.Value = guidCode; Response.Cookies.Add(cookie); return(true); }; if (B_UserManager.Login(user, func)) { string url = string.Concat("/", this.ControllerContext.RouteData.Values["controller"].ToString(), "/", this.ControllerContext.RouteData.Values["action"].ToString()); SYSLog.add("电脑端后台用户登录", "后台用户" + user.Name + "(" + user.UserName + ")登录,ip为" + Request.UserHostAddress, "/Home/Login", "登录", "电脑端后台"); return(Content("ok")); } rtn = "账号或密码错误"; if (!string.IsNullOrWhiteSpace(error)) { rtn = error; } return(Content(rtn)); } catch (Exception ex) { DAL.Log.Instance.Write(ex.ToString(), "Login_error"); return(Content("连接数据库出错")); } }
/// <summary> /// 根据context获取基础授权 /// </summary> /// <param name="context"></param> /// <param name="curUrl"></param> /// <returns></returns> public static BaseAuthorizeModel GetAuthorizeModel(HttpContextBase context, string curUrl = null) { string error = "您的帐号已下线,请重新登录后再操作!"; BaseAuthorizeModel auth = new BaseAuthorizeModel { IsAuthorize = false }; bool isAuthenticated = context.User.Identity.IsAuthenticated; if (isAuthenticated == false) { auth.TempDataMsg = error; return(auth); } //取唯一标识和判断是否第一次登录 HttpCookie cookie = context.Request.Cookies.Get(GuidCodeCookieKey); if (cookie == null) { FormsAuthentication.SignOut(); auth.TempDataMsg = error; return(auth); } auth.GuidCode = cookie.Value; auth.UserName = context.User.Identity.Name; //处理应用程序重启还在线的用户 B_User usr = B_UserManager.GetB_UserAndRefresh(u => u.UserName == auth.UserName, curUrl); if (usr == null) { if (B_UserManager.IsInitTimeOut == false) { usr = B_UserManager.GetB_UserAndLogin(auth.UserName, u => { if (u.IsValid == false) { error = "您的帐号被禁用,请及时联系管理员!"; return(false); } if (u.GuidCode != auth.GuidCode) { //error = "您的帐号在其他地方登录,您已下线!"; return(false); } return(true); }); } if (usr == null) { auth.TempDataMsg = error; FormsAuthentication.SignOut(); return(auth); } } //同步系统超时(精确到秒所以比实际延迟一点) if (usr.IsLoginedTimeOut) { auth.TempDataMsg = "您的帐号已超时,请重新登录后再操作!"; //不用移除登录用户(登录时会自动移除超时用户) FormsAuthentication.SignOut(); return(auth); } if (usr.GuidCode != auth.GuidCode) { //auth.TempDataMsg = "您的帐号已在其他地方登录,您已下线!"; //不用移除登录用户(不能移除在别处登录的用户) FormsAuthentication.SignOut(); return(auth); } //如果处理中有设置错误消息 if (usr.IsNoError == false) { auth.TempDataMsg = usr.ErrorData; B_UserManager.RemoveUser(usr.UserName); FormsAuthentication.SignOut(); return(auth); } auth.IsAuthorize = true; auth.CurrentSYSUser = usr; return(auth); }