public bool ChangeUserPassword(string username, string oldPassword, string newPassword, string domain) { var success = false; var config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None); var localAdminUser = ((AppSettingsSection)config.GetSection("localAdmin")).Settings["LocalAdminUser"].Value; var localAdminPassword = ((AppSettingsSection)config.GetSection("localAdmin")).Settings["localAdminPassword"].Value; if (username.Equals(localAdminUser)) { if (!localAdminPassword.Equals("admin")) { localAdminPassword = CryptoHelper.AES_Decrypt(localAdminPassword, localAdminUser); } if (oldPassword.Equals(localAdminPassword)) { ((AppSettingsSection)config.GetSection("localAdmin")).Settings["localAdminPassword"].Value = CryptoHelper.AES_Encrypt(newPassword, localAdminUser); config.Save(ConfigurationSaveMode.Modified); ConfigurationManager.RefreshSection("localAdmin"); success = true; } } return(success); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { var controller = filterContext.Controller as BaseController; var controllerName = filterContext.RouteData.Values["Controller"].ToString(); string requestUrl = filterContext.HttpContext.Request.Url.ToString(); var obj = filterContext.RequestContext.HttpContext.Session[Params.UserCookieName]; if (obj == null) { RedirectResult redirectResult = new RedirectResult("/Accout/Login?redirecturl=" + requestUrl); filterContext.Result = redirectResult; } else { var user = (CryptoHelper.AES_Decrypt(obj.ToString(), Params.SecretKey)).DeserializeJson <User>(); if (user == null) { RedirectResult redirectResult = new RedirectResult("/Accout/Login?redirecturl=" + requestUrl); filterContext.Result = redirectResult; } else { var url = filterContext.HttpContext.Request.RawUrl; if (!user.IsAdmin) { if (!url.Equals("/home/index", StringComparison.CurrentCultureIgnoreCase) && !url.Equals("/", StringComparison.CurrentCultureIgnoreCase)) { if (!new WebService(new WebClient(filterContext.HttpContext)).IsHavePage(url)) { filterContext.Result = new RedirectResult("/Home/Index"); } } } if (user.OperateFlag.HasValue && user.OperateFlag.Value != -1) { var operateFlag = user.OperateFlag.Value; if (!new WebService(new WebClient(filterContext.HttpContext)).IsHaveAuthority(operateFlag, url)) { var result = new WebResult <bool> { Code = ErrorCode.sys_user_role_error, Result = false }; JsonResult jsonResult = new JsonResult(); jsonResult.Data = result; jsonResult.JsonRequestBehavior = JsonRequestBehavior.AllowGet; filterContext.Result = jsonResult; } } } } }
public void TestRunner(string text, string password, byte[] salt) { var encrypted = CryptoHelper.AES_Encrypt(text, password, salt); System.Console.WriteLine(encrypted); var decrypted = CryptoHelper.AES_Decrypt(encrypted, password, salt); System.Console.WriteLine(decrypted); Assert.AreEqual(text, decrypted, "Decrypted text did not match original text."); }
/// <summary> /// 获取当前用户 /// </summary> /// <returns></returns> public static User GetCurrentUser() { HttpCookie cookie = HttpContext.Current.Request.Cookies[Params.UserCookieName]; if (cookie == null) { return(null); } User user = (CryptoHelper.AES_Decrypt(cookie.Value, Params.SecretKey)).DeserializeJson <User>(); return(user); }
/// <summary> /// 获取当前用户 /// </summary> /// <returns></returns> public static Person GetCurrentPeople() { HttpCookie cookie = HttpContext.Current.Request.Cookies[Params.PeopleCookieName]; if (cookie == null) { return(null); } string value = CryptoHelper.AES_Decrypt(cookie.Value, Params.SecretKey); return(value.DeserializeJson <Person>()); }
public EnterpriseConnectionDetails GetSessionConnectionDetails(string sessionID, long hostID, string sessionKey) { using (var db = new MyrtilleEnterpriseDBContext()) { var sessionInfo = db.Session .Where(m => m.SessionID == sessionID && m.Expire > DateTime.Now) .Select(m => new { SessionID = m.SessionID, OneTime = m.OneTime, IsAdmin = m.IsAdmin }) .FirstOrDefault(); EnterpriseConnectionDetails result = null; if (sessionInfo != null) { if (sessionInfo.OneTime) { result = (from s in db.Session from h in db.Host where s.SessionID == sessionID && h.ID == hostID && s.Expire > DateTime.Now select new EnterpriseConnectionDetails { HostID = h.ID , HostName = h.HostName , HostAddress = h.HostAddress , VMGuid = h.VMGuid , VMEnhancedMode = h.VMEnhancedMode , HostType = h.HostType , Domain = s.Domain , Username = s.Username , Password = s.Password , Protocol = h.Protocol , StartRemoteProgram = h.StartRemoteProgram }) .FirstOrDefault(); } else { if (sessionInfo.IsAdmin) { result = (from s in db.Session from h in db.Host join sc in db.SessionHostCredentials on new { x1 = s.ID, x2 = h.ID } equals new { x1 = sc.SessionID, x2 = sc.HostID } into scl from sc in scl.DefaultIfEmpty() where s.SessionID == sessionID && h.ID == hostID && s.Expire > DateTime.Now select new EnterpriseConnectionDetails { HostID = h.ID , HostName = h.HostName , HostAddress = h.HostAddress , VMGuid = h.VMGuid , VMEnhancedMode = h.VMEnhancedMode , HostType = h.HostType , Domain = (h.PromptForCredentials ? sc.Domain : s.Domain) , Username = (h.PromptForCredentials ? sc.Username : s.Username) , Password = (h.PromptForCredentials ? sc.Password : s.Password) , Protocol = h.Protocol , StartRemoteProgram = h.StartRemoteProgram }) .FirstOrDefault(); } else { result = (from s in db.Session join sg in db.SessionGroup on s.ID equals sg.SessionID join hag in db.HostAccessGroups on sg.DirectoryGroup equals hag.AccessGroup join h in db.Host on hag.HostID equals h.ID join sc in db.SessionHostCredentials on new { x1 = s.ID, x2 = h.ID } equals new { x1 = sc.SessionID, x2 = sc.HostID } into scl from sc in scl.DefaultIfEmpty() where s.SessionID == sessionID && h.ID == hostID && s.Expire > DateTime.Now select new EnterpriseConnectionDetails { HostID = h.ID , HostName = h.HostName , HostAddress = h.HostAddress , VMGuid = h.VMGuid , VMEnhancedMode = h.VMEnhancedMode , HostType = h.HostType , Domain = (h.PromptForCredentials ? sc.Domain : s.Domain) , Username = (h.PromptForCredentials ? sc.Username : s.Username) , Password = (h.PromptForCredentials ? sc.Password : s.Password) , Protocol = h.Protocol , StartRemoteProgram = h.StartRemoteProgram }) .FirstOrDefault(); } } if (result != null) { result.Password = CryptoHelper.AES_Decrypt(result.Password, sessionKey); } // when connected from the login page, the session logout is based on expiration or user action // when connected from a one time url, the logout is done immediately if (sessionInfo.OneTime) { Logout(sessionID); } } return(result); } }
public EnterpriseSession Authenticate(string username, string password, string adminGroup, string domain, string netbiosDomain) { EnterpriseSession enterpriseSession = null; try { var config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None); var localAdminUser = ((AppSettingsSection)config.GetSection("localAdmin")).Settings["LocalAdminUser"].Value; var localAdminPassword = ((AppSettingsSection)config.GetSection("localAdmin")).Settings["localAdminPassword"].Value; if (!username.Equals(localAdminUser)) { enterpriseSession = new EnterpriseSession { AuthenticationErrorCode = EnterpriseAuthenticationErrorCode.USER_NOT_FOUND }; } else { if (!localAdminPassword.Equals("admin")) { localAdminPassword = CryptoHelper.AES_Decrypt(localAdminPassword, localAdminUser); } if (!password.Equals(localAdminPassword)) { enterpriseSession = new EnterpriseSession { AuthenticationErrorCode = EnterpriseAuthenticationErrorCode.INVALID_LOGIN_CREDENTIALS }; } else { if (password.Equals("admin")) { enterpriseSession = new EnterpriseSession { AuthenticationErrorCode = EnterpriseAuthenticationErrorCode.PASSWORD_EXPIRED }; } else { using (var db = new MyrtilleEnterpriseDBContext()) { var session = db.Session.FirstOrDefault(m => m.Username == username); if (session != null) { db.Session.Remove(session); db.SaveChanges(); } string sessionID = Guid.NewGuid().ToString(); string sessionKey = Guid.NewGuid().ToString("n"); session = new Session { Domain = netbiosDomain, Username = username, Password = CryptoHelper.AES_Encrypt(CryptoHelper.RDP_Encrypt(password), sessionKey), SessionID = sessionID, IsAdmin = true }; db.Session.Add(session); db.SaveChanges(); enterpriseSession = new EnterpriseSession { Domain = netbiosDomain, UserName = username, SessionID = sessionID, SessionKey = sessionKey, IsAdmin = true, SingleUseConnection = false }; } } } } } catch (Exception) { enterpriseSession = new EnterpriseSession { AuthenticationErrorCode = EnterpriseAuthenticationErrorCode.UNKNOWN_ERROR }; } return(enterpriseSession); }