public async Task <JsonResult> Login([FromServices] BlogUtil util, [FromBody] LoginModel model)
{
if (util.CheckCaptchaError(model.Captcha, ""))
{
ModelState.AddModelError("Captcha", "验证码计算错误,请重试。");
}
if (ModelState.IsValid)
{
var user = await _userManager.FindByNameAsync(model.UserName);
if (user != null)
{
if (await _userManager.IsInRoleAsync(user, "Banned"))
{
return(Json(new
{
success = false,
errors = new[] { "此账户已被封禁,如有疑问请联系管理员邮箱。" },
}));
}
var result = await _signInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, false);
if (result.Succeeded)
{
user.LastLoginDate = DateTime.Now;
user.LastLoginIP = ExpUtil.GetIPAddress(HttpContext);
await _userManager.UpdateAsync(user);
return(Json(new { success = true }));
}
if (result.IsLockedOut)
{
return(Json(new
{
success = false,
errors = new[] { "此账户由于登陆尝试次数过多已被暂时锁定,请稍后再试。" },
}));
}
else if (result.RequiresTwoFactor)
{
return(Json(new
{
success = true,
require2fa = true,
}));
}
}
// 如果我们进行到这一步时某个地方出代楷则重新显示表单
ModelState.AddModelError("", "提供的用户名或密码不正确");
}
return(Json(new {
success = false,
errors = ModelState.Values.SelectMany(m => m.Errors).Select(e => e.ErrorMessage).ToList()
}));
}
private void CheckPost(string Captcha, string Prefix, string Content)
{
if (_blogUtil.CheckCaptchaError(Captcha, Prefix))
{
throw new BlogException("验证码计算错误,请重试。");
}
DateTime?lastpost = HttpContext.Session.GetDateTime("LastPostTime");
if (lastpost.HasValue)
{
var diff = DateTime.Now - lastpost.Value;
if (diff.TotalSeconds < 30 && _expUtil.getUserLvl(User.Identity.Name) < 10)
{
throw new BlogException("回复CD为30秒,请等" + (30 - diff.Seconds) + "秒后再试");
}
}
if (string.IsNullOrWhiteSpace(BlogHelper.removeAllTags(Content)))
{
throw new BlogException("回复不能为空或纯表情");
}
}
public async Task <JsonResult> Forget(string email, string Captcha)
{
if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(Captcha))
{
return(Json(new { err = "请输入邮箱地址和验证码。" }));
}
else if (_blogUtil.CheckCaptchaError(Captcha, null))
{
return(Json(new { err = "验证码计算错误,请重试。" }));
}
else
{
DateTime?lastpost = HttpContext.Session.GetDateTime("LastPostTime");
if (lastpost.HasValue)
{
var diff = DateTime.Now - lastpost.Value;
if (diff.TotalSeconds < 60)
{
return(Json(new { err = "请不要短时间内多次发送邮件!" }));
}
}
UserProfile user = await _userManager.FindByEmailAsync(email);
if (user == null)
{
return(Json(new { err = "该电子邮件地址未被注册。" }));
}
else
{
var token = await _userManager.GeneratePasswordResetTokenAsync(user);
await _emailSender.SendPWEmailForUserAsync(user, Url.Action("ResetPW", null, new { token = token, email = email }, Request.Scheme));
HttpContext.Session.SetDateTime("LastPostTime", DateTime.Now);
}
}
return(Json(new { ok = true }));
}