Exemplo n.º 1
0
        private static Dictionary <string, string> pcTokenList = new Dictionary <string, string>();//loginID,token

        /// <summary>
        /// 获取授权Token(手机APP登陆调用此方法获取Token为登陆凭证)
        /// </summary>
        public static string GetAuthToken(string userName, string password, out string errMsg)
        {
            string token = string.Empty;

            errMsg = string.Empty;
            using (MAction action = new MAction(TableNames.Sys_User))
            {
                string where = string.Empty;
                if (action.DalType == DalType.Txt || action.DalType == DalType.Xml)
                {
                    where = string.Format("Status=1 and UserName='******'", userName);
                }
                else
                {
                    action.SetPara("UserName", userName, System.Data.DbType.String);
                    where = "Status=1 and (UserName=@UserName or Phone=@UserName or Email=@UserName)";
                }
                if (action.Fill(where))
                {
                    if (action.Get <DateTime>(Sys_User.PwdExpiredTime, DateTime.MaxValue) < DateTime.Now)
                    {
                        errMsg = "账号密码已过期!";
                    }
                    else
                    {
                        string pwd = action.Get <string>(Sys_User.Password);
                        if (pwd == EncrpytHelper.Encrypt(password))
                        {
                            string userID = action.Get <string>(Sys_User.UserID);
                            userName = action.Get <string>(Sys_User.UserName);
                            string fullName = action.Get <string>(Sys_User.FullName, userName);
                            if (action.DalType == DalType.Txt || action.DalType == DalType.Xml)
                            {
                                action.Set(Sys_User.LoginCount, action.Get <int>(Sys_User.LoginCount, 0) + 1);
                            }
                            else
                            {
                                action.SetExpression("LoginCount=[#ISNULL](LoginCount,0)+1");
                            }
                            action.Set(Sys_User.LastLoginTime, DateTime.Now);
                            action.Set(Sys_User.LastLoginIP, HttpContext.Current.Request.UserHostAddress);
                            //action.SetPara("UserName", userName, System.Data.DbType.String);
                            action.Update(where);//更新信息。
                            //获取角色名称
                            string roleIDs = action.Get <string>(Sys_User.RoleIDs);
                            token = EncrpytHelper.Encrypt(DateTime.Now.Day + "," + userID + "," + userName + "," + fullName + "," + roleIDs);
                        }
                        else
                        {
                            errMsg = "用户名或密码错误!";
                        }
                    }
                }
                else
                {
                    errMsg = "账号不存在!";
                }
            }
            return(token);
        }
Exemplo n.º 2
0
 public static bool ChangePassword(string password)
 {
     using (MAction action = new MAction(U_AriesEnum.Sys_User))
     {
         action.Set(Sys_User.Password, EncrpytHelper.Encrypt(password));
         return(action.Update(UserID));
     }
 }
Exemplo n.º 3
0
        public void companyAuth(byte type, bool result, string errMsg)
        {
            string userName = Query <string>("uid");

            using (MAction action = new MAction("data0073", CrossDb.GetConn("data0073")))
            {
                MDataRow row = null;
                string where = string.Format("USER_LOGIN_NAME='{0}' AND ACTIVE_FLAG=0", userName);
                if (action.Fill(where))
                {
                    row = action.Data;
                }
                if (row == null || row.Count == 0)
                {
                    result = false;
                    errMsg = LangConst.NoCompanyAuth;
                }
            }
            if (type == 1)//页面直接调用时重写Token
            {
                using (MAction action = new MAction(TableNames.Sys_User))
                {
                    string where = string.Format("Status=1 and UserName='******'", userName);
                    if (action.Fill(where))
                    {
                        string userID = action.Get <string>(Sys_User.UserID);
                        userName = action.Get <string>(Sys_User.UserName);
                        string fullName = action.Get <string>(Sys_User.FullName, userName);
                        string roleIDs  = action.Get <string>(Sys_User.RoleIDs);
                        string token    = EncrpytHelper.Encrypt(DateTime.Now.Day + "," + userID + "," + userName + "," + fullName + "," + roleIDs);
                        UserAuth.SetToken(token, userName);
                        UserAuth.WriteCookie(token, userName, "");
                    }
                    else
                    {
                        result = false;
                        errMsg = LangConst.UserNotExists;
                    }
                }
            }
            jsonResult = JsonHelper.OutResult(result, errMsg);
        }
Exemplo n.º 4
0
        /// <summary>
        /// 添加用户by CYQ
        /// </summary>
        /// <returns></returns>
        public string AddUser()
        {
            string jsonResult = string.Empty;
            bool   result     = false;
            string userName   = Query <string>("userName");
            string pwd        = Query <string>("password");

            using (MAction action = new MAction(TableNames.Sys_User))
            {
                action.BeginTransation();
                if (!action.Exists("UserName = '******'"))
                {
                    action.Set("Password", EncrpytHelper.Encrypt(pwd));//加密
                    if (action.Insert(true, InsertOp.ID))
                    {
                        string userID = action.Get <string>(Sys_User.UserID);

                        action.ResetTable(TableNames.Sys_UserInfo);
                        action.Set(Sys_UserInfo.UserInfoID, userID);
                        action.AllowInsertID = true;
                        result = action.Insert(true);
                        if (!result)
                        {
                            action.RollBack();
                        }
                        else
                        {
                            jsonResult = JsonHelper.OutResult(result, result ? "添加用户成功!" : "添加用户失败!");
                        }
                    }
                }
                else
                {
                    jsonResult = JsonHelper.OutResult(false, "帐号已存在,请重新输入");
                }
                action.EndTransation();
            }

            return(jsonResult);
        }
Exemplo n.º 5
0
        /// <summary>
        /// 更新用户by CYQ
        /// </summary>
        /// <param name="objName"></param>
        public string UpdateUser()
        {
            bool   result = false;
            string pwd    = Query <string>("Password");
            string userID = Query <string>("UserID");

            using (MAction action = new MAction(TableNames.Sys_User))
            {
                action.BeginTransation();
                if (!string.IsNullOrEmpty(pwd))
                {
                    action.Set(Sys_User.Password, EncrpytHelper.Encrypt(pwd));//加密
                }
                result = action.Update(userID, true);
                if (result)
                {
                    action.ResetTable(TableNames.Sys_UserInfo);
                    if (action.Exists(userID))
                    {
                        if (action.Data.Count > 1)//有自定义列
                        {
                            result = action.Update(userID, true);
                        }
                    }
                    else
                    {
                        action.Set(Sys_UserInfo.UserInfoID, userID);
                        action.AllowInsertID = true;
                        result = action.Insert(true);
                    }
                }
                if (!result)
                {
                    action.RollBack();
                }
                action.EndTransation();
            }
            return(JsonHelper.OutResult(result, result ? "更新成功!" : "更新失败!"));
        }
Exemplo n.º 6
0
        public static User AuthenticateUser(DatabaseSettings databaseSettings, string loginID, string loginPassword)
        {
            User user = new User();

            using (SqlConnection connection = new SqlConnection(databaseSettings.SqlClientConnectionString))
            {
                connection.Open();

                using (SqlCommand command = connection.CreateCommand())
                {
                    command.CommandText = "csAuthenticateUser";
                    command.CommandType = CommandType.StoredProcedure;
                    command.Parameters.Add("@LoginID", SqlDbType.NVarChar, 50).Value       = loginID;
                    command.Parameters.Add("@LoginPassword", SqlDbType.NVarChar, 50).Value = EncrpytHelper.Encrypt(loginPassword, ProjectConstants.FullEncryptionKey);

                    using (SqlDataReader reader = command.ExecuteReader())
                    {
                        while (reader.Read())
                        {
                            if (Convert.IsDBNull(reader["UserID"]) == false)
                            {
                                user.UserID = (Guid)reader["UserID"];
                            }

                            if (Convert.IsDBNull(reader["LoginID"]) == false)
                            {
                                user.LoginID = (string)reader["LoginID"];
                            }

                            if (Convert.IsDBNull(reader["Name"]) == false)
                            {
                                user.Name = (string)reader["Name"];
                            }
                        }

                        reader.Close();
                    }

                    connection.Close();
                }
            }
            return(user);
        }