public JsonResult GetUserByObjectID(string userCode, string mobileToken, string targetUserId) { UserValidator sourceUser = this.UserValidator; if (sourceUser == null) { return(Json(new { }, JsonRequestBehavior.AllowGet)); } OThinker.Organization.User user = this.Engine.Organization.GetUnit(targetUserId) as OThinker.Organization.User; if (user == null) { return(Json(new { }, JsonRequestBehavior.AllowGet)); } UserValidator userValidator = UserValidatorFactory.GetUserValidator(this.Engine, user.Code); MobileAccess mobile = new MobileAccess(); MobileAccess.MobileUser mobileUser = mobile.GetMobileUser(sourceUser, user, user.ImageUrl, userValidator.DepartmentName, string.Empty); var result = new { MobileUser = mobileUser }; return(Json(result, JsonRequestBehavior.AllowGet)); }
/// <summary> /// 验证获取信息的用户身份 /// </summary> /// <param name="userCode"></param> /// <param name="mobileToken"></param> /// <returns></returns> private UserValidator ValidateUserMobileToken(string userCode, string mobileToken) { UserValidator userValidator = UserValidatorFactory.GetUserValidator(this.Engine, userCode); if (userValidator == null) { return(null); } if (userValidator.User.MobileToken == OThinker.Security.MD5Encryptor.GetMD5(mobileToken)) { return(userValidator); } return(null); }
/// <summary> /// 获取当前用户信息 /// </summary> /// <param name="Page"></param> /// <returns></returns> public UserValidator GetUserValidator(Page Page) { string message = null; UserValidator user = UserValidatorFactory.GetUserValidator(Page, this.GetPortalRoot(Page), out message); if (user == null) { //string url = GetNotifyUrl(Page, message); Page.Response.Redirect("../index.html"); return(null); } else { return(user); } }
/// <summary> /// 修改密码 /// </summary> /// <param name="old_pwd"></param> /// <param name="NewPassword"></param> /// <returns></returns> public JsonResult SetPassword(string user_code, string old_pwd, string new_pwd) { var result = false; //验证 old_pwd = old_pwd.Trim(); bool success = UserValidatorFactory.Login(OThinker.Clusterware.AuthenticationType.Forms, null, user_code, old_pwd, OThinker.H3.Site.PortalType.Portal); if (success) { //this.UserValidator.User.Password = new_pwd; var u = Engine.Organization.GetUserByCode(user_code); u.Password = new_pwd; //var user_updated = Engine.Organization.GetUnit(u.ObjectID); Engine.Organization.UpdateUnit(user_code, u); result = true; } return(Json(result, JsonRequestBehavior.AllowGet)); }
public JsonResult SecureLogin(string userCode, string password) { bool loginResult = false; object result; string enableCheckCode = System.Configuration.ConfigurationManager.AppSettings["EnableCheckCode"] + string.Empty; try { if (enableCheckCode != "0") { string[] wait = System.Configuration.ConfigurationManager.AppSettings["WaitTime"].Split(','); var sql = "SELECT COUNT(1) FROM OT_CHECKCODE WHERE STATE = 0 AND USERCODE = N'" + userCode.Replace("'", "''") + "'"; int c = Convert.ToInt32(Engine.EngineConfig.CommandFactory.CreateCommand().ExecuteScalar(sql) + string.Empty); int waits = 0; int.TryParse(wait[c >= wait.Length ? wait.Length - 1 : c], out waits); string ret = Engine.EngineConfig.CommandFactory.CreateCommand().ExecuteScalar("SELECT Max(CREATETIME) FROM OT_CHECKCODE WHERE STATE = 0 AND USERCODE = N'" + userCode.Replace("'", "''") + "'") + string.Empty; DateTime dt = Convert.ToDateTime(string.IsNullOrWhiteSpace(ret) ? "2019-01-01 00:00:00" : ret); if (waits > 0 && (DateTime.Now - dt).TotalSeconds < waits) { return(Json(new { Success = false, Message = "NeedCheckCode" }, JsonRequestBehavior.AllowGet)); } } loginResult = UserValidatorFactory.Login( OThinker.Clusterware.AuthenticationType.Forms, string.Empty, userCode, password, OThinker.H3.Site.PortalType.Portal); } catch (Exception ex) { //ConnectionFailed if (ex.Message.Contains("ConnectionFailed")) { return(Json(new { Success = false, Message = "ConnectionFailed" }, JsonRequestBehavior.AllowGet)); } else if (ex.Message.Contains("PasswordInvalid")) { return(Json(new { Success = false, Message = "EnginePasswordInvalid" }, JsonRequestBehavior.AllowGet)); } } if (loginResult) { if (enableCheckCode != "0") { string sql = "UPDATE OT_CHECKCODE SET STATE = 1 WHERE USERCODE = N'" + userCode.Replace("'", "''") + "'"; Engine.EngineConfig.CommandFactory.CreateCommand().ExecuteNonQuery(sql); } #region 校验密码复杂度 //Regex reg = new Regex(@"^(((?=.*[0-9])(?=.*[a-zA-Z]))|((?=.*[0-9])(?=.*[!@#$%\^&*\(\)]))|((?=.*[a-zA-Z])(?=.*[!@#$%\^&*\(\)]))).{6,16}$", RegexOptions.None); if (!RegValidate(password)) { UserValidatorFactory.Exit(this); Session.Clear(); Session.Abandon(); result = new { Success = false, ErrorCode = 1, Message = "密码复杂度不符合要求" }; } else { result = getCurrentUser(); FormsAuthentication.SetAuthCookie(this.UserValidator.User.Code, false); } #endregion } else { result = new { Success = false, ErrorCode = 2, Message = "用户名或密码错误" }; if (enableCheckCode != "0") { string model = "INSERT INTO OT_CHECKCODE(OBJECTID,USERCODE,IP,SYSTEMINFO,BROWSER,CODE,STATE,LOGINTIME, CREATETIME)VALUES('[OBJECTID]','" + userCode.Replace("'", "''") + "','" + Request.UserHostAddress.Replace("'", "''") + "','" + Request.UserAgent.Replace("'", "''") + "','" + Request.Browser.Browser.Replace("'", "''") + "/" + Request.Browser.Version.Replace("'", "''") + "','',[STATE],to_date('" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "','yyyy-MM-dd HH24:mi:ss'),to_date('" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "','yyyy-MM-dd HH24:mi:ss'))"; string sql = model.Replace("[OBJECTID]", Guid.NewGuid().ToString()).Replace("[STATE]", "0"); Engine.EngineConfig.CommandFactory.CreateCommand().ExecuteNonQuery(sql); } UserValidatorFactory.Exit(this); Session.Clear(); Session.Abandon(); } return(Json(result, JsonRequestBehavior.AllowGet)); }
public void LoginOut() { UserValidatorFactory.Exit(this); Session.Clear(); Session.Abandon(); }
/// <summary> /// 启动H3流程实例 /// </summary> /// <param name="workflowCode">流程模板编码</param> /// <param name="userCode">启动流程的用户编码</param> /// <param name="finishStart">是否结束第一个活动</param> /// <param name="paramValues">流程实例启动初始化数据项集合</param> /// <returns></returns> public BPMServiceResult StartWorkflow(string workflowCode, string userCode, bool finishStart, List <DataItemParam> paramValues) { //ValidateSoapHeader(); BPMServiceResult result = new BPMServiceResult(); try { // 获取模板 OThinker.H3.WorkflowTemplate.PublishedWorkflowTemplateHeader workflowTemplate = GetWorkflowTemplate(workflowCode); if (workflowTemplate == null) { return(new BPMServiceResult(false, "流程启动失败,流程模板不存在,模板编码:" + workflowCode + "。")); } // 查找流程发起人 //OThinker.Organization.User user = Engine.Organization.GetUnitByCode(userCode) as Organization.User; //string user = GetUserIDByCode(userCode); string user = UserValidatorFactory.GetUserValidator(Engine, userCode)?.UserID; if (user == null) { return(new BPMServiceResult(false, "流程启动失败,用户{" + userCode + "}不存在。")); } OThinker.H3.DataModel.BizObjectSchema schema = Engine.BizObjectManager.GetPublishedSchema(workflowTemplate.BizObjectSchemaCode); OThinker.H3.DataModel.BizObject bo = new OThinker.H3.DataModel.BizObject(Engine.Organization, Engine.MetadataRepository, Engine.BizObjectManager, null, schema, user); if (paramValues != null) { // 这里可以在创建流程的时候赋值 foreach (DataItemParam param in paramValues) { if (bo.Schema.GetProperty(param.ItemName).LogicType == OThinker.H3.Data.DataLogicType.BizObjectArray) { var t = new List <OThinker.H3.DataModel.BizObject>(); foreach (List <DataItemParam> list in (System.Collections.IEnumerable)param.ItemValue) { var m = new OThinker.H3.DataModel.BizObject(Engine.Organization, Engine.MetadataRepository, Engine.BizObjectManager, null, schema.Fields.FirstOrDefault(x => x.ChildSchemaCode == param.ItemName).Schema, user); foreach (DataItemParam item in list) { if (m.Schema.ContainsField(item.ItemName)) { m.SetValue(item.ItemName, item.ItemValue); } } t.Add(m); } bo[param.ItemName] = t.ToArray(); } else if (bo.Schema.ContainsField(param.ItemName)) { bo[param.ItemName] = param.ItemValue; } } } bo.Create(); // 创建流程实例 //string InstanceId = this.Engine.InstanceManager.CreateInstance(bo.ObjectID,workflowTemplate.WorkflowCode,workflowTemplate.WorkflowVersion, // null,null,user,null, null, false, OThinker.H3.Instance.InstanceContext.UnspecifiedID,null,OThinker.H3.Instance.Token.UnspecifiedID); string InstanceId = this.Engine.InstanceManager.CreateInstanceByDefault(bo.ObjectID, workflowTemplate.WorkflowCode, null, user); // 设置紧急程度为普通 OThinker.H3.Messages.MessageEmergencyType emergency = OThinker.H3.Messages.MessageEmergencyType.Normal; // 这里也可以在启动流程的时候赋值 Dictionary <string, object> paramTables = new Dictionary <string, object>(); // 启动流程的消息 OThinker.H3.Messages.StartInstanceMessage startInstanceMessage = new OThinker.H3.Messages.StartInstanceMessage(emergency, InstanceId, null, paramTables, OThinker.H3.Instance.PriorityType.Normal, true, null, false, OThinker.H3.Instance.Token.UnspecifiedID, null); Engine.InstanceManager.SendMessage(startInstanceMessage); result = new BPMServiceResult(true, InstanceId, null, "流程实例启动成功!", ""); } catch (Exception ex) { result = new BPMServiceResult(false, "流程实例启动失败!错误:" + ex.Message); } return(result); }
/// <summary> /// 提交工作项 /// </summary> /// <param name="workItemId">工作项ID</param> /// <param name="approval">审批结果</param> /// <param name="commentText">审批意见</param> /// <param name="userId">处理人</param> private BPMServiceResult SubmitItem(string workflowCode, string instanceId, string workItemId, OThinker.Data.BoolMatchValue approval, string commentText, string userId, List <DataItemParam> values) { BPMServiceResult result = new BPMServiceResult(); try { string user = UserValidatorFactory.GetUserValidator(Engine, userId)?.UserID; if (user == null) { return(new BPMServiceResult(false, "流程启动失败,用户{" + userId + "}不存在。")); } OThinker.H3.WorkflowTemplate.PublishedWorkflowTemplate workflowTemplate = Engine.WorkflowManager.GetDefaultWorkflow(workflowCode); InstanceContext ic = Engine.InstanceManager.GetInstanceContext(instanceId); if (ic == null) { return(new BPMServiceResult(false, "InstanceID错误,此ID在H3系统中不存在,请检查")); } OThinker.H3.DataModel.BizObjectSchema schema = Engine.BizObjectManager.GetPublishedSchema(workflowTemplate.BizObjectSchemaCode); OThinker.H3.DataModel.BizObject bo = new OThinker.H3.DataModel.BizObject(Engine.Organization, Engine.MetadataRepository, Engine.BizObjectManager, null, schema, user); bo.ObjectID = ic.BizObjectId; bo.Load(); foreach (DataItemParam value in values) { OThinker.H3.DataModel.PropertySchema property = schema.GetProperty(value.ItemName); if (property.LogicType == OThinker.H3.Data.DataLogicType.BizObjectArray) { var t = new List <OThinker.H3.DataModel.BizObject>(); foreach (List <DataItemParam> list in (IEnumerable)value.ItemValue) { var m = new OThinker.H3.DataModel.BizObject(Engine.Organization, Engine.MetadataRepository, Engine.BizObjectManager, null, property.ChildSchema, bo.OwnerId); foreach (DataItemParam dataItem in list) { if (m.Schema.ContainsField(dataItem.ItemName)) { m.SetValue(dataItem.ItemName, dataItem.ItemValue); } } t.Add(m); } bo[value.ItemName] = t.ToArray(); } else if (bo.Schema.ContainsField(value.ItemName)) { bo[value.ItemName] = value.ItemValue; } } bo.Update(); // 获取工作项 OThinker.H3.WorkItem.WorkItem item = Engine.WorkItemManager.GetWorkItem(workItemId); OThinker.H3.Instance.InstanceContext instance = Engine.InstanceManager.GetInstanceContext(item.InstanceId); // 结束工作项 Engine.WorkItemManager.FinishWorkItem(item.ObjectID, userId, OThinker.H3.WorkItem.AccessPoint.ExternalSystem, null, approval, commentText, null, OThinker.H3.WorkItem.ActionEventType.Forward, (int)OThinker.H3.Controllers.SheetButtonType.Submit); // 需要通知实例事件管理器结束事件 OThinker.H3.Messages.AsyncEndMessage endMessage = new OThinker.H3.Messages.AsyncEndMessage(OThinker.H3.Messages.MessageEmergencyType.Normal, item.InstanceId, item.ActivityCode, item.TokenId, approval, false, approval, true, null); Engine.InstanceManager.SendMessage(endMessage); result = new BPMServiceResult(true, "", null, "流程实例启动成功!", ""); } catch (Exception ex) { result = new BPMServiceResult(false, "流程实例启动失败!错误:" + ex.Message); } return(result); }
/// <summary> /// 登录事件 /// </summary> /// <param name="usercode"></param> /// <param name="password"></param> /// <param name="systemcode"></param> /// <returns></returns> public string DoLogin(string usercode, string password, string systemcode) { var context = HttpContext.Current; //使用H3的认证方式,支持Form认证和AD认证 var loginResult = UserValidatorFactory.Login( OThinker.Clusterware.AuthenticationType.Forms, string.Empty, usercode, password, OThinker.H3.Site.PortalType.Portal); if (loginResult) { var user = OThinker.H3.Controllers.AppUtility.Engine.Organization.GetUserByCode(usercode); //此处客户要求每个系统单独生成Token,做的处理,只要任一系统登录成功,都为接入单点登录的所有网站生成Token //查找注册在H3单点登录列表中的所有站点 var systemlist = OThinker.H3.Controllers.AppUtility.Engine.SSOManager.GetSSOSystemList(); foreach (var item in systemlist) { //5 登录成功,创建用户账号对应的token xxx //Token的加密组合:系统编码+登录名+时间戳 var p_param = string.Format("{0}|{1}|{2}", item.SystemCode, usercode, System.DateTime.Now.Ticks); var key = GetSecretBySystemcode(item.SystemCode); var token = EncryptHelper.Encrypt(p_param, key); //更改系统状态,允许调用接口进行Token验证 item.AllowGetToken = true; OThinker.H3.Controllers.AppUtility.Engine.SSOManager.UpdateSSOSystem(item); //6 把token写到本站cookie; context.Response.SetCookie(new HttpCookie(item.SystemCode, token)); } //这个cookie和sso流程无关,是方便SSO的login.html前端页面显示用户名用的。 context.Response.SetCookie(new HttpCookie("username", user.Name)); var mesg = new Message { UserCode = user.Code }; if (!string.IsNullOrEmpty(systemcode)) { //7 跳转到returnurl并带上token。此处只输出token,在前端页面回调中执行跳转。 mesg.Url = GetSystemUrl(systemcode); mesg.Token = context.Request.Cookies[systemcode] != null ? context.Request.Cookies[systemcode].Value : ""; } return(Newtonsoft.Json.JsonConvert.SerializeObject(mesg)); } else { var mesg = new Message { UserCode = "", ErrCode = "1000", ErrMsg = "用户名或密码错误" }; return(Newtonsoft.Json.JsonConvert.SerializeObject(mesg)); } }
public JsonResult LoginIn(string userCode, string password) { ActionResultEntity result = new ActionResultEntity(); try { if (userCode == "testUser") { //开发测试用 UserValidator uservalidator = new UserValidator(); uservalidator.IsAdmin = true; uservalidator.UserCode = "testUser"; uservalidator.UserName = "******"; this.Session[Sessions.GetUserValidator()] = uservalidator; result.Result = true; result.Message = "验证成功"; return(Json(result, JsonRequestBehavior.AllowGet)); } // 用户名和密码不为空,则使用用户名和密码登录 if (string.IsNullOrEmpty(userCode) || string.IsNullOrEmpty(password)) { result.Result = false; if (string.IsNullOrEmpty(userCode)) { result.Message += "用户账号为空"; } if (string.IsNullOrEmpty(password)) { result.Message += "用户密码为空"; } return(Json(result, JsonRequestBehavior.AllowGet)); } User loginuser = UserHelper.GetUserbyCode(userCode); if (loginuser == null) { result.Result = false; result.Message = "当前用户不存在"; return(Json(result, JsonRequestBehavior.AllowGet)); } if (loginuser.Password == password)//如果用户密码一致 登录成功 { UserValidator uservalidator = UserValidatorFactory.GetUserValidatorByUser(loginuser); //设置session的值 this.Session[Sessions.GetUserValidator()] = uservalidator; result.Result = true; result.Message = "验证成功"; } else { result.Result = false; result.Message = "用户密码不正确"; } return(Json(result, JsonRequestBehavior.AllowGet)); } catch (Exception ex) { result.Result = false; result.Message = ex.ToString(); return(Json(result, JsonRequestBehavior.AllowGet)); } }
public JsonResult WorkItemSheets(string paramString) { ActionResult result = new ActionResult(false, ""); Dictionary <string, string> dicParams = JsonConvert.DeserializeObject <Dictionary <string, string> >(paramString); bool isMobile = false; string LoginName = string.Empty; string LoginPassword = string.Empty; string MobileToken = string.Empty; string WechatCode = string.Empty; string EngineCode = string.Empty; foreach (string key in dicParams.Keys) { if (key == Param_WorkItemID) { WorkItemID = dicParams[key]; continue; } if (key == Param_Mode) { SheetMode = (SheetMode)Enum.Parse(typeof(SheetMode), dicParams[key]); continue; } if (key == Param_IsMobile) { bool.TryParse(dicParams[key], out isMobile); IsMobile = isMobile; continue; } if (key.ToLower() == "loginname") { LoginName = dicParams[key]; } if (key.ToLower() == "loginpassword") { LoginPassword = dicParams[key]; } if (key.ToLower() == "mobiletoken") { MobileToken = dicParams[key]; } if (key.ToLower() == "code") { WechatCode = dicParams[key]; } if (key.ToLower() == "state") { EngineCode = dicParams[key]; } } //TODO:微信不需要做单点登录 ////实现微信单点登录 //if (!string.IsNullOrEmpty(WechatCode) && !string.IsNullOrEmpty(EngineCode) // && System.Web.HttpContext.Current.Session[Sessions.GetUserValidator()] != null) //{ // IsMobile = true; // UserValidatorFactory.LoginAsWeChat(EngineCode, WechatCode); //} //APP打开表单验证 if (!string.IsNullOrEmpty(LoginName) && !string.IsNullOrEmpty(MobileToken) && this.UserValidator == null) { if (!SSOopenSheet(LoginName, MobileToken)) { result = new ActionResult(false, "登录超时!", null, ExceptionCode.NoAuthorize); return(Json(result, JsonRequestBehavior.AllowGet)); } } if (this.UserValidator == null && !string.IsNullOrEmpty(LoginName) && !string.IsNullOrEmpty(LoginPassword)) { // 实现登录验证 OThinker.Organization.User user = this.Engine.Organization.GetUserByCode(LoginName); if (user.ValidatePassword(LoginPassword)) { Session[Sessions.GetUserValidator()] = UserValidatorFactory.GetUserValidator(this.Engine, user.Code); } } if (this.UserValidator == null) { result = new ActionResult(false, "登录超时!", null, ExceptionCode.NoAuthorize); return(Json(result, JsonRequestBehavior.AllowGet)); } // 解析Url地址 if (SheetMode == SheetMode.Work) { if (CurrentWorkItem != null) { url = this.GetWorkSheetUrl( CurrentWorkItem, WorkItemSheet, IsMobile); } else { url = this.GetViewCirculateItemSheetUrl( CurrentCirculateItem, WorkItemSheet, SheetMode, IsMobile); } } else { if (CurrentWorkItem != null) { url = this.GetViewSheetUrl( CurrentWorkItem, WorkItemSheet, SheetMode, IsMobile); } else { url = this.GetViewCirculateItemSheetUrl( CurrentCirculateItem, WorkItemSheet, SheetMode, IsMobile); } } // 将其中的数据参数做转换 if (url.Contains(OThinker.H3.Math.Variant.VariablePrefix.ToString())) { url = InstanceData.ParseText(url); } // 处理缓存 DateTime t = DateTime.Now; url += "&T=" + t.ToString("HHmmss") + WorkItemID.Substring(0, 8); if (SheetMode == SheetMode.Print) { url += "Print"; } result.Success = true; result.Message = url; return(Json(result, JsonRequestBehavior.AllowGet)); }