public void Register(RegisterViewModel registerViewModel, string publicKeyJson, string privateKeyJson, string host) { User user = new User(); user.Email = registerViewModel.Email; user.UserName = registerViewModel.UserName; user.DisplayName = registerViewModel.DisplayName; user.Password = registerViewModel.Password; user.CreateTime = DateTime.Now; user.LastModifiedTime = DateTime.Now; user.LastLoginTime = DateTime.Now; user.LoginTimes = 0; user.IsActivate = false; userRepository.Insert(user); User gotUser = userRepository.SelectByUserName(registerViewModel.UserName); // 生成验证码 dataProtectorUtil.PublicKeyJson = publicKeyJson; // 生成激活码,激活码由UserName字段和Password字段合并加密而成 var code = dataProtectorUtil.EncryptString(gotUser.UserName + gotUser.Password); // 解决get不能传“+”的问题 code = code.Replace("+", "_"); // 发送验证邮件并记录 var subject = $"博客园帐户激活邮件-{gotUser.DisplayName}"; var message = new StringBuilder(); message.Append("<div>您好!<br/><br/>"); message.Append("感谢您在博客园注册账号!<br/><br/>"); message.Append("账户需要激活才能使用,赶紧激活成为博客园正式的一员吧:"); message.Append("点击下面的链接立即激活账户(或将网址复制到浏览器中打开):<br/><br/>"); message.Append($"<a href='http://{host}/User/ActivateUser?code={code}&email={gotUser.Email}'>"); message.Append($"http://{host}/User/ActivateUser?code={code}&email={gotUser.Email}"); message.Append("</a></div>"); emailUtil.Send(gotUser.Email, subject, message.ToString()); emailRepository.Insert(new Email() { UserId = gotUser.Id, CreateTime = DateTime.Now, PublicKeyJson = publicKeyJson, PrivateKeyJson = privateKeyJson, ActionType = 0 // 0,表示邮件用于注册 }); }
public IActionResult Login(LoginViewModel model) { var result = new LoginResult(); result.IsValidUserName = true; result.IsValidPassword = true; if (model.UserName == null || model.UserName.Equals(string.Empty)) { result.UserNameErrorMessage = "登陆用户名不可为空!"; result.IsValidUserName = false; } if (model.Password == null || model.Password.Equals(string.Empty)) { result.PasswordErrorMessage = "密码不可为空!"; result.IsValidPassword = false; } if (result.IsValidUserName && result.IsValidPassword) { // 使用非对称解密算法,获取用户登录名和密码 dataProtectorUtil.PrivateKeyJson = HttpContext.Session.GetString("PrivateKeyJson"); dataProtectorUtil.PublicKeyJson = HttpContext.Session.GetString("PublicKeyJson"); model.UserName = dataProtectorUtil.DecryptString(model.UserName); model.Password = dataProtectorUtil.DecryptString(model.Password); User user = userService.GetUserByUserName(model.UserName); if (user == null) { result.IsValidUserName = false; result.UserNameErrorMessage = "该登陆用户名不存在!"; } else { result.IsValidUserName = true; if (model.Password.Equals(user.Password)) { if (!user.IsActivate) { result.IsSuccess = false; result.message = "该用户没有被激活!"; return(new JsonResult(result)); } // 登陆信息正确,将用户信息写入Session HttpContext.Session.SetString("User", Newtonsoft.Json.JsonConvert.SerializeObject(user)); result.IsValidPassword = true; result.IsSuccess = true; userService.AddLoginTimes(user.Id); // 如果用户选择下次自动登陆,则将用户密码和用户登录名使用公钥加密后写入Cookie中 // Cookie加密使用本机上设置的密钥,不用现在生成 if (model.IsRemember) { dataProtectorUtil.PublicKeyJson = cookieSettings.CookiePublicKeyJson; dataProtectorUtil.PrivateKeyJson = cookieSettings.CookiePrivateKeyJson; HttpContext.Response.Cookies.Append("UserName", dataProtectorUtil.EncryptString(user.DisplayName), new CookieOptions() { Expires = DateTime.Now.AddDays(cookieSettings.ExpiresValue) }); HttpContext.Response.Cookies.Append("Password", dataProtectorUtil.EncryptString(user.Password), new CookieOptions() { Expires = DateTime.Now.AddDays(cookieSettings.ExpiresValue) }); } return(new JsonResult(result)); } else { result.IsValidPassword = false; result.PasswordErrorMessage = "密码不正确!"; } } } result.IsSuccess = false; return(new JsonResult(result)); }