/// <summary> /// 构造验证邮件链接 /// </summary> /// <param name="step"></param> /// <returns></returns> private string buldValidateEmail(MessageStep step, string email, string code, out int expiredTime) { string url = LoadSettingsByKeys(Settings.ValidateEmailLink).Value; //var user = DataOperateBasic<Base_User>.Get().GetModel(receiveId); string sourceData = step.ToString() + "#" + email + "#" + code; //处理时解密校验 string encryptData = DesTool.DesEncrypt(sourceData); expiredTime = 0; //构造链接 switch (step) { case MessageStep.RegisterActive: expiredTime = LoadSettingsByKeys(Settings.RegisterActiveUrlValidity).Value.ToInt32Req() * 60; break; case MessageStep.CertificationValid: expiredTime = LoadSettingsByKeys(Settings.CertificationValidTime).Value.ToInt32Req(); break; case MessageStep.FindPwd: expiredTime = LoadSettingsByKeys(Settings.FindPwdUrlValidity).Value.ToInt32Req(); break; default: throw new Exception("该消息类型不支持生成Email链接类邮件"); } string strLink = string.Format("{0}?code={1}", url, encryptData); return(strLink); }
public AdminClientProxy(hc.Plat.Common.Global.ClientProxyExType cpet) { //传输当前用户的信息; ApplicationContext.Current.UserID = cpet.UserID; ApplicationContext.Current.WebIP = cpet.IP_WebServer; ApplicationContext.Current.ClientIP = cpet.IP_Client; if (cpet.CurrentUser != null) { UserView userView = cpet.CurrentUser as UserView; if (userView != null) { ApplicationContext.Current.UserName = userView.UserName; ApplicationContext.Current.CompanyId = userView.CompanyId.ToString(); ApplicationContext.Current.CompanyName = userView.CompanyName; ApplicationContext.Current.RoleType = userView.RoleType.ToString(); } } /*以下密码是用作在应用服务器中使用程序验证密码的作用*/ string FilePath = AppDomain.CurrentDomain.BaseDirectory + "bin\\"; string user = ""; string pass = ""; string msg = DesTool.LoadCertUserPass(FilePath, out user, out pass); if (msg != "") { throw new Exception(msg); } ClientCredentials.UserName.UserName = user; ClientCredentials.UserName.Password = pass; /*OK*/ }
public ActionResult ChangePasswod(string oldPWD, string newPWD, string confirmPWD) { oldPWD = DesTool.DesEncrypt(oldPWD); ResultView <int> view = new ResultView <int>(); if (newPWD != confirmPWD) { view.Flag = false; view.Message = "请重新确认密码!"; return(Json(view)); } Result <Base_User> userResult = new Result <Base_User>(); Result <int> result = new Result <int>(); using (AdminClientProxy proxy = new AdminClientProxy(ProxyEx(Request))) { var id = CurrentUser.UserId; userResult = proxy.GetUserModel(id); if (userResult.Data.PassWord != oldPWD) { view.Flag = false; view.Message = "原密码输入错误!"; return(Json(view)); } else { result = proxy.UpdateUserPassword(id, DesTool.DesEncrypt(newPWD)); } } return(Json(result.ToResultView())); }
/// <summary> /// 验证码校验 /// 如果是邮件链接,步骤/接收人/邮箱无须传入 /// 如果是验证码,则接收人和邮箱二者必须传入一个 /// </summary> /// <param name="code"></param> /// <param name="receiveId"></param> /// <param name="email"></param> /// <returns></returns> private Result <Msg_EmailValidate> ValidateEmailCode(string code, MessageStep step, long receiveId = 0, string email = "") { Result <Msg_EmailValidate> result = new Result <Msg_EmailValidate>(); try { string strStep = step.ToString(); //链接里的验证码校验 if (receiveId == 0 && string.IsNullOrEmpty(email)) { //解密校验 string sourceData = DesTool.DesDecrypt(code); IList <string> decryptData = sourceData.SplitString("#"); strStep = decryptData[0]; email = decryptData[1]; code = decryptData[2]; } var model = DataOperateMsg <Msg_EmailValidate> .Get().Single(i => (i.ReceiveId == receiveId || i.ReceiveEmail == email) && i.Code == code && i.ValidateType == strStep); if (model == null) { throw new Exception("验证码错误"); } else { if (model.State == ValCodeState.Used.ToString()) { throw new Exception("验证码已经使用过"); } if (model.ExpiredTime < DateTime.Now) { throw new Exception("验证码已过期"); } //更新验证码 model.State = ValCodeState.Used.ToString(); DataOperateMsg <Msg_EmailValidate> .Get().Update(model); result.Data = model; result.Flag = EResultFlag.Success; } } catch (Exception ex) { result.Data = null; result.Flag = EResultFlag.Failure; result.Exception = new ExceptionEx(ex, "ValidateEmailCode"); } return(result); }
public override void Validate(string userName, string password) { string FilePath = AppDomain.CurrentDomain.BaseDirectory; string user = ""; string pass = ""; string msg = DesTool.LoadCertUserPass(FilePath, out user, out pass); if (msg != "") { throw new System.ServiceModel.Security.SecurityNegotiationException(msg); } if (userName != user || password != pass) { throw new System.ServiceModel.Security.SecurityNegotiationException("验证用户名和密码时,未通过检测"); } }
public ActionResult Add(Base_User model) { string fileDataJson = Request.Form["fileDataJson"]; //获取上传文件json字符串 List <Base_Files> fileList = JsonConvert.DeserializeObject <List <Base_Files> >(fileDataJson); //将文件信息json字符串序列化为列表 string belong = RoleType.Supplier.ToString(); Result <int> result = new Result <int>(); using (AdminClientProxy proxy = new AdminClientProxy(ProxyEx(Request))) { model.PassWord = "******"; model.PassWord = DesTool.DesEncrypt(model.PassWord);//用户密码加密 result = proxy.AddUser(model, fileList); } return(Json(result.ToResultView())); }
public ActionResult Add(Base_User model) { //权限检查 Helper.IsCheck(HttpContext, AdminModule.AdminUserManager.ToString(), SystemRight.Add.ToString(), true); string fileDataJson = Request.Form["fileDataJsonFile"]; //获取上传文件json字符串 List <Base_Files> fileList = JsonConvert.DeserializeObject <List <Base_Files> >(fileDataJson); //将文件信息json字符串序列化为列表 Result <int> result = new Result <int>(); using (AdminClientProxy proxy = new AdminClientProxy(ProxyEx(Request))) { model.PassWord = DesTool.DesEncrypt("123456");//用户密码加密 result = proxy.AddUser(model, fileList); } return(Json(result.ToResultView())); }
/// <summary> /// 登录 /// </summary> /// <param name="isOut"></param> /// <returns></returns> public ActionResult Login(string isOut = "") { //返回URL链接 ViewBag.autoLogin = false; Result <Base_Config> result = new Result <Base_Config>(); //加载网站配置 using (AdminClientProxy proxy = new AdminClientProxy(ProxyEx(Request))) { //result = proxy.LoadConfig(); //ViewBag.webConfig = result.Data; ViewBag.userName = ""; ViewBag.password = ""; //是否已登录 if (string.IsNullOrEmpty(isOut)) { var userInfo = HttpContext.Session[ConstStr_Session.CurrentUserEntity] as UserView; if (userInfo != null) { return(RedirectToAction("Index", "Home")); } } //是否是自动登录 HttpCookie username = Request.Cookies[ConstString.COOKIEADMINNAME]; HttpCookie password = Request.Cookies[ConstString.COOKIEADMINPWD]; if (username != null && password != null && !string.IsNullOrEmpty(username.Value) && !string.IsNullOrEmpty(password.Value)) { ViewBag.autoLogin = true; ViewBag.userName = username.Value; ViewBag.password = DesTool.DesDecrypt(password.Value); if (string.IsNullOrEmpty(isOut)) { Result <UserView> loginResult = new Result <UserView>(); loginResult = proxy.Login(username.Value, password.Value, RoleType.Admin); if (loginResult.Flag == 0) { Session[ConstStr_Session.CurrentUserEntity] = loginResult.Data; return(RedirectToAction("Index", "Home")); } } } } return(View()); }
public object UpdatePwd(UserPwd model) { if (model == null) { return(Json(APIResult.GetErrorResult("请输入旧密码!"))); } string oldpwd = model.oldpwd; string pwd = model.pwd; if (string.IsNullOrWhiteSpace(oldpwd)) { return(Json(APIResult.GetErrorResult("请输入旧密码!"))); } if (string.IsNullOrWhiteSpace(pwd)) { return(Json(APIResult.GetErrorResult("请输入新密码!"))); } if (pwd.Equals(oldpwd)) { return(Json(APIResult.GetErrorResult("新密码不能和旧密码相同!"))); } oldpwd = APIAESTool.AesDecrypt(oldpwd); oldpwd = DesTool.DesEncrypt(oldpwd); pwd = APIAESTool.AesDecrypt(pwd); pwd = DesTool.DesEncrypt(pwd); var user = CurrentUserView; if (user != null) { using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(user))) { var result = proxy.UpdatePassword(user.UserId, oldpwd, pwd); if (result.Flag == EResultFlag.Success) { return(Json(APIResult.GetSuccessResult("密码修改成功!"))); } return(Json(APIResult.GetErrorResult(MsgCode.CommonError, result.Exception.Decription))); } } return(Json(APIResult.GetErrorResult(MsgCode.InvalidToken))); }
public BusinessClientProxy(hc.Plat.Common.Global.ClientProxyExType cpet) { //传输当前用户的信息; ApplicationContext.Current.UserID = cpet.UserID; ApplicationContext.Current.WebIP = cpet.IP_WebServer; ApplicationContext.Current.ClientIP = cpet.IP_Client; /*以下密码是用作在应用服务器中使用程序验证密码的作用*/ string FilePath = AppDomain.CurrentDomain.BaseDirectory + "bin\\"; string user = ""; string pass = ""; string msg = DesTool.LoadCertUserPass(FilePath, out user, out pass); if (msg != "") { throw new Exception(msg); } ClientCredentials.UserName.UserName = user; ClientCredentials.UserName.Password = pass; /*OK*/ }
public ActionResult Login(string userName, string password, string verifyCode, string isRemember) { ResultView <string> result; try { userName = userName ?? Request.Form["userName"]; password = password ?? Request.Form["password"]; verifyCode = verifyCode ?? Request.Form["verifyCode"]; isRemember = isRemember ?? Request.Form["isRemember"]; if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(password)) { result = (new ResultView <string> { Flag = false, Message = "用户名或登录密码为空!" }); return(Json(result)); } if (string.IsNullOrWhiteSpace(verifyCode)) { result = (new ResultView <string> { Flag = false, Message = "请输入验证码!" }); return(Json(result)); } string code = (Session[ConstStr_Session.CurrValidateCode] ?? "").ToString(); if (string.IsNullOrWhiteSpace(code)) { result = (new ResultView <string> { Flag = false, Message = "验证码超时!" }); return(Json(result)); } if (!verifyCode.Equals(code)) { result = (new ResultView <string> { Flag = false, Message = "验证码错误,请重新输入!" }); return(Json(result)); } password = DesTool.DesEncrypt(password); using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(Request))) { Result <UserView> loginResult = proxy.Login(userName, password, IsOpenSxLogin); if (loginResult.Flag == 0) { Session[ConstStr_Session.CurrentUserEntity] = loginResult.Data; //自动登录 if ("true".Equals(isRemember)) { //保存用户名 HttpCookie cook = new HttpCookie(ConstString.COOKIEADMINNAME); cook.Value = userName; cook.Expires = DateTime.Now.AddDays(7); Response.Cookies.Add(cook); //保存密码 cook = new HttpCookie(ConstString.COOKIEADMINPWD); cook.Value = password; cook.Expires = DateTime.Now.AddDays(7); Response.Cookies.Add(cook); //存储在票据中,使用User.Identity或Request 中的Cookie 解密获取Ticket FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, userName, DateTime.Now, DateTime.Now.AddMinutes(Session.Timeout - 1), false, userName); string encryptedTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); authCookie.HttpOnly = true; Response.Cookies.Add(authCookie); authTicket = new FormsAuthenticationTicket(1, password, DateTime.Now, DateTime.Now.AddMinutes(Session.Timeout - 1), false, password); encryptedTicket = FormsAuthentication.Encrypt(authTicket); authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); authCookie.HttpOnly = true; Response.Cookies.Add(authCookie); } else//清除cookie { var nameCookie = new HttpCookie(ConstString.COOKIEADMINNAME); var pwdCookie = new HttpCookie(ConstString.COOKIEADMINPWD); nameCookie.Expires = DateTime.Now.AddDays(-1); pwdCookie.Expires = DateTime.Now.AddDays(-1); Response.Cookies.Add(nameCookie); Response.Cookies.Add(pwdCookie); } LoadUserRight(loginResult.Data.RoleType.ToString(), loginResult.Data.UserId); result = (new ResultView <string> { Flag = true, Message = "登录成功,正在跳转...", Data = "/Home/SignIndex" }); } else { result = (new ResultView <string> { Flag = false, Message = loginResult.Exception.Decription }); } } } catch (Exception e) { //验证不通过,给出错误提示 return(Json(new ResultView <string> { Flag = false, Message = "登录异常!" + e.Message })); } return(Json(result)); }
public ActionResult Login(string username, string password, string verifyCode) { //IAcsClient client = null; //IClientProfile profile = DefaultProfile.GetProfile("cn-hangzhou", ConstString.KeyId, ConstString.KeySecret); //client = new DefaultAcsClient(profile); //DefaultProfile.AddEndpoint("cn-hangzhou", "cn-hangzhou", "Jaq", "jaq.aliyuncs.com"); //AfsCheckRequest request = new AfsCheckRequest(); //request.Platform = 3;//必填参数,请求来源: 1:Android端; 2:iOS端; 3:PC端及其他 //request.Session = Request.Params["csessionid"];// 必填参数,从前端获取,不可更改 //request.Sig = Request.Params["sig"];// 必填参数,从前端获取,不可更改 //request.Token = Request.Params["token"];// 必填参数,从前端获取,不可更改 //request.Scene = Request.Params["scene"];// 必填参数,从前端获取,不可更改 ResultView <string> result = new ResultView <string>(); password = DesTool.DesEncrypt(password); try { if (string.IsNullOrWhiteSpace(verifyCode)) { result = (new ResultView <string> { Flag = false, Message = "请输入验证码!" }); return(Json(result)); } string code = (Session[ConstStr_Session.CurrValidateCode] ?? "").ToString(); if (string.IsNullOrWhiteSpace(code)) { result = (new ResultView <string> { Flag = false, Message = "验证码超时!" }); return(Json(result)); } if (!verifyCode.Equals(code)) { result = (new ResultView <string> { Flag = false, Message = "验证码错误,请重新输入!" }); return(Json(result)); } //AfsCheckResponse response = client.GetAcsResponse(request); //if (response.ErrorCode == null || response.ErrorCode.Value == 0) //{ Result <UserView> loginResult = new Result <UserView>(); using (AdminClientProxy proxy = new AdminClientProxy(ProxyEx(Request, username))) { loginResult = proxy.Login(username, password, RoleType.Admin); } if (loginResult.Flag == 0) { Session[ConstStr_Session.CurrentUserEntity] = loginResult.Data; string isAuto = Request.Form["autologin"]; //自动登录 if (!string.IsNullOrEmpty(isAuto)) { //保存用户名 HttpCookie cook = new HttpCookie(ConstString.COOKIEADMINNAME); cook.Value = username; cook.Expires = DateTime.Now.AddDays(7); Response.Cookies.Add(cook); //保存密码 cook = new HttpCookie(ConstString.COOKIEADMINPWD); cook.Value = password; cook.Expires = DateTime.Now.AddDays(7); Response.Cookies.Add(cook); //存储在票据中,使用User.Identity或Request 中的Cookie 解密获取Ticket FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(Session.Timeout - 1), false, username); string encryptedTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); authCookie.HttpOnly = true; Response.Cookies.Add(authCookie); authTicket = new FormsAuthenticationTicket(1, password, DateTime.Now, DateTime.Now.AddMinutes(Session.Timeout - 1), false, password); encryptedTicket = FormsAuthentication.Encrypt(authTicket); authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); authCookie.HttpOnly = true; Response.Cookies.Add(authCookie); } else//清除cookie { var nameCookie = new HttpCookie(ConstString.COOKIEADMINNAME); var pwdCookie = new HttpCookie(ConstString.COOKIEADMINPWD); nameCookie.Expires = DateTime.Now.AddDays(-1); pwdCookie.Expires = DateTime.Now.AddDays(-1); Response.Cookies.Add(nameCookie); Response.Cookies.Add(pwdCookie); //Response.Cookies.Remove(ConstString.COOKIEADMINNAME); //Response.Cookies.Remove(ConstString.COOKIEADMINPWD); } result = (new ResultView <string> { Flag = true, Message = "登录成功,正在跳转..." }); } else { result = (new ResultView <string> { Flag = false, Message = loginResult.Exception.Decription }); } //} //else //{ // result = (new ResultView<string> { Flag = false, Message = "Error:验证码错误" }); //} } catch (Exception e) { //验证不通过,给出错误提示 return(Json(new ResultView <string> { Flag = false, Message = "验证码错误" + e.Message })); } return(Json(result)); }
/// <summary> /// 执行登录 /// </summary> /// <param name="user"></param> /// <param name="pwd">OCeSdjE6K7zhDnoxh07rqg==,是111111的aes加密结果,DF57306D30FED672是平台111111加密结果</param> /// <param name="type"></param> /// <param name="token">登录成功输出token</param> /// <returns></returns> private bool login(string user, string pwd, int sys, out string token) { //移动端过来的密码先通过通用解密,再通过c#加密 pwd = APIAESTool.AesDecrypt(pwd); pwd = DesTool.DesEncrypt(pwd); token = ""; #region 调用基础平台验证用户账号密码 if (IsOpenHbLogin == "1") { string url = LoginUrl + "?RequestParam={%22Param%22:{%22envRoot%22:{%22Product%22:%22BIM%22},%22paramRoot%22:{%22UserName%22:%22" + user + "%22,%22UserPass%22:%22" + pwd + "%22}}}"; HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url); request.Method = "GET"; request.ContentType = "multipart/form-data"; string responseStr = string.Empty; using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) { StreamReader reader = new StreamReader(response.GetResponseStream(), Encoding.GetEncoding("UTF-8")); responseStr = reader.ReadToEnd().ToString(); reader.Close(); LoginResult result = null; if (!string.IsNullOrEmpty(responseStr)) { result = JsonConvert.DeserializeObject <LoginResult>(responseStr);//将文件信息json字符 } if (result == null || result.errorCode != "0") { return(false); } } } #endregion //获取数据库用户信息 Result <UserView> login = new Result <UserView>(); using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(""))) { login = proxy.Login(user, pwd, IsOpenHbLogin); } if (login.Flag == 0 && login.Data != null) { string tempToken = sys == 1 ? login.Data.AndroidToken : login.Data.IosToken;//模拟用户数据库中的token //先去数据库查询该用户是否有token,没有则生成token if (!string.IsNullOrEmpty(tempToken)) { DateTime expiryTime = sys == 1 ? login.Data.AndroidTokenTime.Value : login.Data.IosTokenTime.Value;//模拟用户数据库中的token过期时间 //如果用户有token,检查是否在有效期 if (DateTime.Now <= expiryTime) { token = tempToken; } } //无token或不在有效期则生成新token if (string.IsNullOrEmpty(token)) { token = CreateToken(sys); } using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(login.Data))) { Result <Base_User> baseUser = proxy.GetUserModel(login.Data.UserId); Base_User u = baseUser.Data; if (sys == 1) { u.AndroidToken = token; u.AndroidTokenTime = DateTime.Now.AddDays(7); } else { u.IosToken = token; u.IosTokenTime = DateTime.Now.AddDays(7); } var xxx = proxy.UpdateUser(u); } //TODO:因目前的token只是一个验证凭据,本身不附带业务信息,所以加密需求不强,但一定要使用https连接;如后期有扩展token需求,需要做加密或签名操作 return(true); } else { return(false); } }
public ActionResult UpdatePwd(string oldPwd, string pwd, string cpwd) { var userInfo = Session[ConstStr_Session.CurrentUserEntity] as UserView; if (userInfo == null) { return(RedirectToAction("Login", "Currency")); } if (string.IsNullOrWhiteSpace(oldPwd) || string.IsNullOrWhiteSpace(pwd)) { return(Json(new ResultView <bool> { Flag = false, Data = false, Message = "请输入登录密码!" })); } if (!pwd.Equals(cpwd)) { return(Json(new ResultView <bool> { Flag = false, Data = false, Message = "两次密码输入不一致!" })); } if (oldPwd.Equals(pwd)) { return(Json(new ResultView <bool> { Flag = false, Data = false, Message = "新密码不能和旧密码相同!" })); } using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(Request))) { var checkResult = proxy.GetUserModel(userInfo.UserId); if (checkResult.Flag == EResultFlag.Success && checkResult.Data != null) { if (!checkResult.Data.PassWord.Equals(DesTool.DesEncrypt(oldPwd))) { return(Json(new ResultView <bool> { Flag = false, Data = false, Message = "旧密码不正确!" })); } var result = proxy.UpdatePassword(userInfo.UserId, DesTool.DesEncrypt(oldPwd), DesTool.DesEncrypt(pwd)); return(Json(result.ToResultView())); } return(Json(new ResultView <bool> { Flag = false, Data = false, Message = "新密码不能和旧密码相同!" })); } }