//校验用户名密码(正式环境中应该是数据库校验)
private bool ValidateTicket(string encryptTicket)
{
t_bas_user userInfo = (t_bas_user)UserSession.Get("UserInfo");
//解密Ticket
var strTicket = FormsAuthentication.Decrypt(encryptTicket).UserData;
//从Ticket里面获取用户名和密码
var index = strTicket.IndexOf("&");
string strUser = strTicket.Substring(0, index);
string strPwd = strTicket.Substring(index + 1);
if (userInfo == null)
{
return(false);
}
//string _sessionUser = HttpContext.Current.Session[strUser].ToString();
//Areas.Login.LoginController.UserInfo sessionUser = (Areas.Login.LoginController.UserInfo)(HttpContext.Current.Session[strUser]);
if (strUser == userInfo.Code && strPwd == userInfo.Password)
{
return(true);
}
else
{
return(false);
}
}
private bool ValidateController(System.Web.Http.Controllers.HttpActionContext actionContext)
{
t_bas_user userInfo = (t_bas_user)UserSession.Get("UserInfo");
var actionName = actionContext.ActionDescriptor.ActionName;
var controllerName = actionContext.ActionDescriptor.ControllerDescriptor.ControllerName;
webDmsEntities db = new webDmsEntities();
var count = db.view_menu.Where(w => w.ControllerName.ToString().ToLower() == controllerName.ToLower() && w.UserID == userInfo.UserID).Count();
return(count > 0 ? true : false);
}
/// <summary>
///
/// </summary>
/// <param name="loginData"></param>
/// <returns></returns>
public object Login(getLogin loginData)
{
t_bas_user tBasUser = null;
if (!ValidateUser(loginData.strUser, loginData.strPwd, out tBasUser))
{
return(new { bRes = false, message = "账号或密码不正确!" });
}
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(0, tBasUser.Code, DateTime.Now,
DateTime.Now.AddHours(1), true, string.Format("{0}&{1}", tBasUser.Code, tBasUser.Password),
FormsAuthentication.FormsCookiePath);
webDmsEntities db = new webDmsEntities();
//var homeOjb = new object[] { new { path = "/", iconCls = "fa fa-home", leaf = true, children = new object[] { new { path = "/index", MenuPath = "index", meta = new { name = "主页", button = new string[] { }.ToList() } } } } };
var list = db.view_menu.Where <view_menu>(p => p.UserID.ToString() == tBasUser.UserID.ToString() && p.ParentCode == "&").Select(s => new
{
path = "/",
name = s.Name,
url = "",
meta = new { name = s.Name, button = new string[0] {
}.ToList() },
Xh = s.Sequence,
MenuID = s.Code,
iconCls = s.ICON,
children = db.view_menu.Where <view_menu>(p1 => p1.UserID.ToString() == tBasUser.UserID.ToString() && p1.ParentCode == s.Code).Select(s1 => new
{
path = "/" + s1.URL,
url = s1.URL,
name = s1.Name,
meta = new { name = s1.Name, button = new string[] { "save", "cancle", "new", "audit" }.ToList(), isButton = false },
MenuPath = s1.URL.Replace("_", "/"),
Xh = s1.Sequence,
MenuID = s1.Code
}).OrderBy(o => o.Xh).ThenBy(o => o.MenuID).ToList()
}).OrderBy(o => o.Xh).ThenBy(o => o.MenuID).ToList();
var tempList = list.ToList();
//返回登录结果、用户信息、用户验证票据信息
var tSysCompany = db.t_sys_company.Where(w => w.CorpID == tBasUser.CorpID);
string trademark = tSysCompany.Join(db.t_bas_company, a => a.CorpID, b => b.CorpID, (a, b) => b.TradeMark).FirstOrDefault();
string TradeMark = "/" + VirtualPath + "/" + UploadImgPath + "/" + trademark; //获取当前项目所在目录
string avatar = "/" + VirtualPath + "/" + UploadImgPath + "/" + tBasUser.Photo; //获取当前项目所在目录
var oUser = new UserInfo {
bRes = true, user = new { name = tBasUser.Name, avatar = avatar, TradeMark = TradeMark }, Ticket = FormsAuthentication.Encrypt(ticket), menu = tempList
};
//将经销商权限保存在session中
UserSession.Add("CompanyRightsID", tSysCompany.FirstOrDefault().RightsID);
//HttpContext.Current.Session["CompanyRightsID"] = tSysCompany.FirstOrDefault().RightsID;
return(oUser);
}
//校验用户名密码(正式环境中应该是数据库校验)
private bool ValidateUser(string strUser, string strPwd, out t_bas_user userinfo)
{
webDmsEntities db = new webDmsEntities();
string password = Sha1Encrypt(strPwd);
var list = db.t_bas_user.FirstOrDefault(p => p.Code == strUser && p.Password == password);
userinfo = list;
if (list != null)
{
//HttpContext.Current.Session["UserInfo"] = list;
UserSession.Add("UserInfo", list);
return(true);
}
else
{
return(false);
}
}
public HttpResponseMessage FindBasUserForm(t_bas_user obj)
{
long DeptID = obj.DeptID;
long UserID = obj.UserID;
var DeptIDList = db.t_bas_department.Where(w => w.IsValid != 0 && w.CorpID == userInfo.CorpID).OrderBy(o => o.DeptID).Select(s => new
{
label = s.Name,
value = s.DeptID
});
var UserCategoryIDList = db.t_datadict_class.Where(w => w.Code == "EmpCategory" && w.IsValid != 0 && w.IsVisible != 0)
.Join(db.t_datadict_class_detail.Where(w => w.IsValid != 0 && w.IsVisible != 0), a => a.ClassID, b => b.ClassID, (a, b) => new
{
label = b.Name,
value = b.DClassID
});
var PositionIDList = db.t_bas_position.Where(w => w.IsValid != 0).Select(s => new
{
label = s.Name,
value = s.PositionID
});
var RightsIDList = db.t_sys_rights.Where(w => w.CorpID == userInfo.CorpID && w.IsValid != 0).Select(s => new
{
label = s.Name,
value = s.RightsID
});
var ParentEmpIDList = db.t_bas_user.Where(w => w.IsValid != 0).Select(s => new
{
label = s.Name,
value = s.UserID
});
var CertificateIDList = db.t_datadict_class.Where(w => w.IsValid != 0 && w.IsVisible != 0 && w.Code == "Certificate").Join(db.t_datadict_class_detail.Where(w => w.IsVisible != 0 && w.IsValid != 0), a => a.ClassID, b => b.ClassID, (a, b) => new
{
label = b.Name,
value = b.DClassID
});
string NullValue = null;
if (UserID == 0)
{
var list = new
{
UserID = 0,
CorpID = userInfo.CorpID,
Code = NullValue,
Name = NullValue,
UserCategoryID = NullValue,
UserCategoryIDList = UserCategoryIDList,
PositionID = NullValue,
PositionIDList = PositionIDList,
RightsID = NullValue,
RightsIDList = RightsIDList,
DeptID = DeptID,
DeptIDList = DeptIDList,
ParentEmpID = NullValue,
ParentEmpIDList = ParentEmpIDList,
CertificateID = NullValue,
CertificateIDList = CertificateIDList,
CertificateNumber = NullValue,
Password = NullValue,
FailedPasswordCount = NullValue,
PasswordQuestion = NullValue,
PasswordAnswer = NullValue,
Tel = NullValue,
Phone = NullValue,
QQ = NullValue,
WeiXin = NullValue,
Email = NullValue,
Photo = NullValue,
IsUseSystem = 1,
IsAppUser = NullValue,
IsValid = 1,
IsLockedout = 0,
LockedoutTime = NullValue,
LockedoutUserID = NullValue,
LastActiveTIme = NullValue,
LastLoginDate = NullValue,
LastChangePwdDate = NullValue,
SessionID = NullValue,
Remark = NullValue,
CreateTime = NullValue,
CreateUserID = NullValue,
UpdateTime = NullValue,
UpdateUserID = NullValue,
IMEICode = NullValue
};
return(Json(true, "", list));
}
else
{
var list = db.t_bas_user.Where(w => w.DeptID == DeptID && w.UserID == obj.UserID).Select(s => new
{
UserID = s.UserID,
CorpID = userInfo.CorpID,
Code = s.Code,
Name = s.Name,
UserCategoryID = s.UserCategoryID,
UserCategoryIDList = UserCategoryIDList,
PositionID = s.PositionID,
PositionIDList = PositionIDList,
RightsID = s.RightsID,
RightsIDList = RightsIDList,
DeptID = s.DeptID,
DeptIDList = DeptIDList,
ParentEmpID = s.ParentEmpID,
ParentEmpIDList = ParentEmpIDList,
CertificateID = s.CertificateID,
CertificateIDList = CertificateIDList,
CertificateNumber = s.CertificateNumber,
Password = s.Password,
FailedPasswordCount = s.FailedPasswordCount,
PasswordQuestion = s.PasswordQuestion,
PasswordAnswer = s.PasswordAnswer,
Tel = s.Tel,
Phone = s.Phone,
QQ = s.QQ,
WeiXin = s.WeiXin,
Email = s.Email,
Photo = s.Photo,
IsUseSystem = s.IsUseSystem,
IsAppUser = s.IsAppUser,
IsValid = s.IsValid,
IsLockedout = s.IsLockedout,
LockedoutTime = s.LockedoutTime,
LockedoutUserID = s.LockedoutUserID,
LastActiveTIme = s.LastActiveTIme,
LastLoginDate = s.LastLoginDate,
LastChangePwdDate = s.LastChangePwdDate,
SessionID = s.SessionID,
Remark = s.Remark,
CreateTime = s.CreateTime,
CreateUserID = s.CreateUserID,
UpdateTime = s.UpdateTime,
UpdateUserID = s.UpdateUserID,
IMEICode = s.IMEICode
}).FirstOrDefault();
return(Json(true, "", list));
}
}
public HttpResponseMessage DeleteBasUserRow(t_bas_user obj)
{
var result = new DBHelper <t_bas_user>().Remove(obj);
return(Json(true, result == 1 ? "删除成功!" : "删除失败"));
}
public HttpResponseMessage SaveBasUserForm(t_bas_user obj)
{
using (TransactionScope transaction = new TransactionScope())
{
DBHelper <t_bas_user> dbhelp = new DBHelper <t_bas_user>();
DateTime dt = DateTime.Now;
//事务
var result = 0;
try
{
string base64Data = obj.Photo;
if (obj.UserID == 0)
{
obj.Photo = "";
obj.CreateTime = dt;
obj.CreateUserID = (int)userInfo.UserID;
obj.CorpID = userInfo.CorpID;
if (db.t_bas_user.Where(w => w.Code == obj.Code).ToList().Count() > 0)
{
throw new Exception("账号重复!");
}
result = result + dbhelp.Add(obj);
}
else
{
obj.Photo = "";
obj.UpdateTime = dt;
obj.UpdateUserID = (int)userInfo.UserID;
if (db.t_bas_user.Where(w => w.Code == obj.Code).ToList().Count() > 1)
{
throw new Exception("账号重复!");
}
result = result + dbhelp.Update(obj);
}
//保存图片并修改数据库图片名称
try
{
//获取文件储存路径
string suffix = base64Data.Split(new char[] { ';' })[0].Substring(base64Data.IndexOf('/') + 1); //获取后缀名
string newFileName = "USER_" + obj.UserID.ToString("000000000") + "." + suffix;
string strPath = HttpContext.Current.Server.MapPath("~/" + UploadImgPath + "/" + newFileName); //获取当前项目所在目录
//获取图片并保存
BaseToImg.Base64ToImg(base64Data.Split(',')[1]).Save(strPath);
obj.Photo = newFileName;
}
catch
{
obj.Photo = base64Data;
}
List <string> fileds = new List <string>();
fileds.Add("Photo");
result = result + dbhelp.UpdateEntityFields(obj, fileds);
//提交事务
transaction.Complete();
return(Json(true, "保存成功!"));
}
catch (Exception ex)
{
return(Json(false, "保存失败!" + ex.Message));
}
}
}