public void OnActionExecuting(ActionExecutingContext context) { string user = context.HttpContext.Session.GetString("User"); if (user == null || user.Equals(string.Empty)) { if (context.HttpContext.Request.Cookies["UserName"] != null && context.HttpContext.Request.Cookies["UserName"] != string.Empty && context.HttpContext.Request.Cookies["Password"] != null && context.HttpContext.Request.Cookies["Password"] != string.Empty) { dataProtectorUtil.PrivateKeyJson = cookieSettings.CookiePrivateKeyJson; User userObj = userService.GetUserByUserName(dataProtectorUtil.DecryptString(context.HttpContext.Request.Cookies["UserName"])); if (userObj.Password.Equals(dataProtectorUtil.DecryptString(context.HttpContext.Request.Cookies["Password"]))) { context.HttpContext.Session.SetString("User", Newtonsoft.Json.JsonConvert.SerializeObject(userObj)); userService.AddLoginTimes(userObj.Id); } else { context.Result = new RedirectResult("/User/Login"); } } else { context.Result = new RedirectResult("/User/Login"); } } }
public bool ActivateUser(string code, string emailAddress, out string message) { // 解决get不能传“+”的问题 code = code.Replace("_", "+"); var user = userRepository.SelectByEmail(emailAddress); if (user == null) { message = "用户不存在!"; return(false); } var email = emailRepository.SelectLastByUserId(user.Id, 0); // 使用RSA解密算法,解密code dataProtectorUtil.PrivateKeyJson = email.PrivateKeyJson; string deCode = ""; try { deCode = dataProtectorUtil.DecryptString(code); } catch (FormatException) { message = "参数错误!"; return(false); } if (user.IsActivate) { message = "已经激活过了!"; return(false); } if (deCode.Equals(user.UserName + user.Password)) { userRepository.UpdateStatus(user.Id, 1); // 1状态表示已经激活,且可以正常使用的状态 } else { message = "激活码错误!"; return(false); } message = "激活成功!"; return(true); }
public IActionResult Login(string password) { if (password == null || password.Equals(string.Empty)) { return(new JsonResult(new { IsSuccess = false, Message = "请填写密码!" })); } // 解密password dataProtectorUtil.PrivateKeyJson = HttpContext.Session.GetString("PrivateKeyJson"); dataProtectorUtil.PublicKeyJson = HttpContext.Session.GetString("PublicKeyJson"); password = dataProtectorUtil.DecryptString(password); var configration = new ConfigurationBuilder().AddJsonFile("appGlobal.json").Build(); var truePassword = configration["ManagerPassword"]; if (password.Equals(truePassword)) { HttpContext.Session.SetString("IsManagerLogin", true.ToString()); return(new JsonResult(new { IsSuccess = true })); } else { return(new JsonResult(new { IsSuccess = false, Message = "密码错误!" })); } }
public IActionResult Login(LoginViewModel model) { var result = new LoginResult(); result.IsValidUserName = true; result.IsValidPassword = true; if (model.UserName == null || model.UserName.Equals(string.Empty)) { result.UserNameErrorMessage = "登陆用户名不可为空!"; result.IsValidUserName = false; } if (model.Password == null || model.Password.Equals(string.Empty)) { result.PasswordErrorMessage = "密码不可为空!"; result.IsValidPassword = false; } if (result.IsValidUserName && result.IsValidPassword) { // 使用非对称解密算法,获取用户登录名和密码 dataProtectorUtil.PrivateKeyJson = HttpContext.Session.GetString("PrivateKeyJson"); dataProtectorUtil.PublicKeyJson = HttpContext.Session.GetString("PublicKeyJson"); model.UserName = dataProtectorUtil.DecryptString(model.UserName); model.Password = dataProtectorUtil.DecryptString(model.Password); User user = userService.GetUserByUserName(model.UserName); if (user == null) { result.IsValidUserName = false; result.UserNameErrorMessage = "该登陆用户名不存在!"; } else { result.IsValidUserName = true; if (model.Password.Equals(user.Password)) { if (!user.IsActivate) { result.IsSuccess = false; result.message = "该用户没有被激活!"; return(new JsonResult(result)); } // 登陆信息正确,将用户信息写入Session HttpContext.Session.SetString("User", Newtonsoft.Json.JsonConvert.SerializeObject(user)); result.IsValidPassword = true; result.IsSuccess = true; userService.AddLoginTimes(user.Id); // 如果用户选择下次自动登陆,则将用户密码和用户登录名使用公钥加密后写入Cookie中 // Cookie加密使用本机上设置的密钥,不用现在生成 if (model.IsRemember) { dataProtectorUtil.PublicKeyJson = cookieSettings.CookiePublicKeyJson; dataProtectorUtil.PrivateKeyJson = cookieSettings.CookiePrivateKeyJson; HttpContext.Response.Cookies.Append("UserName", dataProtectorUtil.EncryptString(user.DisplayName), new CookieOptions() { Expires = DateTime.Now.AddDays(cookieSettings.ExpiresValue) }); HttpContext.Response.Cookies.Append("Password", dataProtectorUtil.EncryptString(user.Password), new CookieOptions() { Expires = DateTime.Now.AddDays(cookieSettings.ExpiresValue) }); } return(new JsonResult(result)); } else { result.IsValidPassword = false; result.PasswordErrorMessage = "密码不正确!"; } } } result.IsSuccess = false; return(new JsonResult(result)); }