Exemplo n.º 1
0
        private void ChangePassword(string userName, EPasswordFormat passwordFormat, string passwordSalt, string password)
        {
            var userInfo = UserManager.GetUserInfoByUserName(userName);

            if (userInfo == null)
            {
                return;
            }

            userInfo.PasswordFormat        = EPasswordFormatUtils.GetValue(passwordFormat);
            userInfo.Password              = password;
            userInfo.PasswordSalt          = passwordSalt;
            userInfo.LastResetPasswordDate = DateTime.Now;

            var sqlString = $"UPDATE {TableName} SET Password = @Password, PasswordFormat = @PasswordFormat, PasswordSalt = @PasswordSalt, LastResetPasswordDate = @LastResetPasswordDate WHERE UserName = @UserName";

            var updateParms = new IDataParameter[]
            {
                GetParameter(ParmPassword, DataType.VarChar, 255, userInfo.Password),
                GetParameter(ParmPasswordFormat, DataType.VarChar, 50, userInfo.PasswordFormat),
                GetParameter(ParmPasswordSalt, DataType.VarChar, 128, userInfo.PasswordSalt),
                GetParameter(ParmLastResetPasswordDate, DataType.DateTime, userInfo.LastResetPasswordDate),
                GetParameter(ParmUserName, DataType.VarChar, 255, userName)
            };

            ExecuteNonQuery(sqlString, updateParms);
            LogUtils.AddUserLog(userName, "修改密码", string.Empty);

            UserManager.UpdateCache(userInfo);
        }
Exemplo n.º 2
0
        public IHttpActionResult Main()
        {
            try
            {
                var body     = new RequestBody();
                var account  = body.GetPostString("account");
                var password = body.GetPostString("password");

                string userName;
                string errorMessage;
                if (!BaiRongDataProvider.UserDao.ValidateAccount(account, password, out userName, out errorMessage))
                {
                    LogUtils.AddUserLog(userName, EUserActionType.LoginFailed, "用户登录失败");
                    BaiRongDataProvider.UserDao.UpdateLastActivityDateAndCountOfFailedLogin(userName);
                    return(BadRequest(errorMessage));
                }

                BaiRongDataProvider.UserDao.UpdateLastActivityDateAndCountOfLogin(userName);
                var userInfo  = BaiRongDataProvider.UserDao.GetUserInfoByUserName(userName);
                var user      = new User(userInfo);
                var groupInfo = UserGroupManager.GetGroupInfo(user.GroupId);

                body.UserLogin(userName);

                return(Ok(new
                {
                    User = user,
                    Group = groupInfo.Additional
                }));
            }
            catch (Exception ex)
            {
                return(InternalServerError(ex));
            }
        }
Exemplo n.º 3
0
        public IHttpActionResult Main()
        {
            try
            {
                var body = new RequestBody();
                if (!body.IsUserLoggin)
                {
                    return(Unauthorized());
                }

                var publishmentSystemId = body.GetPostInt("publishmentSystemId");
                var nodeId = body.GetPostInt("nodeId");
                var id     = body.GetPostInt("id");

                var publishmentSystemInfo = PublishmentSystemManager.GetPublishmentSystemInfo(publishmentSystemId);
                var tableName             = NodeManager.GetTableName(publishmentSystemInfo, nodeId);

                var title = BaiRongDataProvider.ContentDao.GetValue(tableName, id, ContentAttribute.Title);

                var contentIdArrayList = new List <int> {
                    id
                };
                DataProvider.ContentDao.TrashContents(publishmentSystemId, tableName, contentIdArrayList);

                LogUtils.AddUserLog(body.UserName, EUserActionType.WritingDelete, title);

                return(Ok(new { }));
            }
            catch (Exception ex)
            {
                //return InternalServerError(ex);
                return(InternalServerError(new Exception("程序错误")));
            }
        }
        public IHttpActionResult Main()
        {
            try
            {
                var body = new RequestBody();
                if (!body.IsUserLoggin)
                {
                    return(Unauthorized());
                }

                var publishmentSystemId = body.GetPostInt("publishmentSystemId");
                var nodeId = body.GetPostInt("nodeId");

                var user          = new User(body.UserInfo);
                var groupInfo     = UserGroupManager.GetGroupInfo(user.GroupId);
                var adminUserName = groupInfo.Additional.WritingAdminUserName;

                var publishmentSystemInfo = PublishmentSystemManager.GetPublishmentSystemInfo(publishmentSystemId);
                var nodeInfo          = NodeManager.GetNodeInfo(publishmentSystemId, nodeId);
                var tableName         = NodeManager.GetTableName(publishmentSystemInfo, nodeInfo);
                var tableStyle        = NodeManager.GetTableStyle(publishmentSystemInfo, nodeInfo);
                var relatedIdentities = RelatedIdentities.GetChannelRelatedIdentities(publishmentSystemId, nodeId);

                var contentInfo = ContentUtility.GetContentInfo(tableStyle);

                var postCollection = body.GetPostCollection();

                InputTypeParser.AddValuesToAttributes(tableStyle, tableName, publishmentSystemInfo, relatedIdentities, postCollection, contentInfo.Attributes, ContentAttribute.HiddenAttributes);

                contentInfo.IsChecked           = false;
                contentInfo.PublishmentSystemId = publishmentSystemId;
                contentInfo.NodeId           = nodeId;
                contentInfo.AddUserName      = adminUserName;
                contentInfo.WritingUserName  = user.UserName;
                contentInfo.LastEditUserName = adminUserName;
                contentInfo.AddDate          = DateTime.Now;
                contentInfo.LastEditDate     = DateTime.Now;

                var contentId = DataProvider.ContentDao.Insert(tableName, publishmentSystemInfo, contentInfo);

                LogUtils.AddUserLog(body.UserName, EUserActionType.WritingAdd, contentInfo.Title);

                return(Ok(new
                {
                    ID = contentId
                }));
            }
            catch (Exception ex)
            {
                //return InternalServerError(ex);
                return(InternalServerError(new Exception("程序错误")));
            }
        }
Exemplo n.º 5
0
        public IHttpActionResult Main()
        {
            var body = new RequestBody();

            if (!body.IsUserLoggin)
            {
                return(Unauthorized());
            }

            var password        = body.GetPostString("password");
            var newPassword     = body.GetPostString("newPassword");
            var confirmPassword = body.GetPostString("confirmPassword");

            string userName;
            string errorMessage;

            if (string.IsNullOrEmpty(password) || !BaiRongDataProvider.UserDao.ValidateAccount(body.UserName, password, out userName, out errorMessage))
            {
                return(BadRequest("原密码输入错误,请重新输入"));
            }
            if (password == newPassword)
            {
                return(BadRequest("新密码不能与原密码一致,请重新输入"));
            }

            if (BaiRongDataProvider.UserDao.ChangePassword(body.UserName, newPassword, out errorMessage))
            {
                LogUtils.AddUserLog(body.UserName, EUserActionType.UpdatePassword, string.Empty);

                return(Ok(new
                {
                    LastResetPasswordDate = DateTime.Now
                }));
            }

            return(BadRequest(errorMessage));
        }
Exemplo n.º 6
0
 public void AddLog(string userName, string action, string summary)
 {
     LogUtils.AddUserLog(userName, action, summary);
 }
        public IHttpActionResult Main(int siteId, int channelId, int contentId)
        {
            try
            {
                var body = new RequestBody();

                var publishmentSystemInfo = PublishmentSystemManager.GetPublishmentSystemInfo(siteId);
                if (!publishmentSystemInfo.Additional.IsCommentable)
                {
                    return(Unauthorized());
                }

                var account  = body.GetPostString("account");
                var password = body.GetPostString("password");
                var replyId  = body.GetPostInt("replyId");
                var content  = body.GetPostString("content");

                if (replyId > 0)
                {
                    string replyUserName;
                    string replyContent;
                    DataProvider.CommentDao.GetUserNameAndContent(replyId, out replyUserName, out replyContent);
                    if (!string.IsNullOrEmpty(replyContent))
                    {
                        var displayName = BaiRongDataProvider.UserDao.GetDisplayName(replyUserName);
                        if (!string.IsNullOrEmpty(displayName))
                        {
                            displayName = $"@{displayName}:";
                        }

                        content += $" //{displayName}{replyContent}";
                    }
                }

                UserInfo userInfo;
                if (!string.IsNullOrEmpty(account) && !string.IsNullOrEmpty(password))
                {
                    string userName;
                    string errorMessage;
                    if (!BaiRongDataProvider.UserDao.ValidateAccount(account, password, out userName, out errorMessage))
                    {
                        LogUtils.AddUserLog(userName, EUserActionType.LoginFailed, "用户登录失败");
                        BaiRongDataProvider.UserDao.UpdateLastActivityDateAndCountOfFailedLogin(userName);
                        return(BadRequest(errorMessage));
                    }

                    BaiRongDataProvider.UserDao.UpdateLastActivityDateAndCountOfLogin(userName);
                    userInfo = BaiRongDataProvider.UserDao.GetUserInfoByUserName(userName);

                    body.UserLogin(userName);
                }
                else
                {
                    userInfo = body.UserInfo;
                }

                if (!publishmentSystemInfo.Additional.IsAnonymousComments && !body.IsUserLoggin)
                {
                    return(Unauthorized());
                }

                var commentInfo = new CommentInfo
                {
                    Id = 0,
                    PublishmentSystemId = siteId,
                    NodeId    = channelId,
                    ContentId = contentId,
                    GoodCount = 0,
                    UserName  = userInfo.UserName,
                    IsChecked = !publishmentSystemInfo.Additional.IsCheckComments,
                    AddDate   = DateTime.Now,
                    Content   = content
                };
                commentInfo.Id = DataProvider.CommentDao.Insert(commentInfo);

                return(Ok(new
                {
                    User = new User(userInfo),
                    Comment = new Comment(commentInfo, userInfo)
                }));
            }
            catch (Exception ex)
            {
                return(InternalServerError(ex));
            }
        }
Exemplo n.º 8
0
        public UserInfo Validate(string account, string password, bool isPasswordMd5, out string userName, out string errorMessage)
        {
            userName     = string.Empty;
            errorMessage = string.Empty;

            if (string.IsNullOrEmpty(account))
            {
                errorMessage = "账号不能为空";
                return(null);
            }
            if (string.IsNullOrEmpty(password))
            {
                errorMessage = "密码不能为空";
                return(null);
            }

            var userInfo = GetByAccount(account);

            if (string.IsNullOrEmpty(userInfo?.UserName))
            {
                errorMessage = "帐号或密码错误";
                return(null);
            }

            userName = userInfo.UserName;

            if (!userInfo.IsChecked)
            {
                errorMessage = "此账号未审核,无法登录";
                return(null);
            }

            if (userInfo.IsLockedOut)
            {
                errorMessage = "此账号被锁定,无法登录";
                return(null);
            }

            if (ConfigManager.SystemConfigInfo.IsUserLockLogin)
            {
                if (userInfo.CountOfFailedLogin > 0 && userInfo.CountOfFailedLogin >= ConfigManager.SystemConfigInfo.UserLockLoginCount)
                {
                    var lockType = EUserLockTypeUtils.GetEnumType(ConfigManager.SystemConfigInfo.UserLockLoginType);
                    if (lockType == EUserLockType.Forever)
                    {
                        errorMessage = "此账号错误登录次数过多,已被永久锁定";
                        return(null);
                    }
                    if (lockType == EUserLockType.Hours)
                    {
                        var ts    = new TimeSpan(DateTime.Now.Ticks - userInfo.LastActivityDate.Ticks);
                        var hours = Convert.ToInt32(ConfigManager.SystemConfigInfo.UserLockLoginHours - ts.TotalHours);
                        if (hours > 0)
                        {
                            errorMessage =
                                $"此账号错误登录次数过多,已被锁定,请等待{hours}小时后重试";
                            return(null);
                        }
                    }
                }
            }

            if (!CheckPassword(password, isPasswordMd5, userInfo.Password, EPasswordFormatUtils.GetEnumType(userInfo.PasswordFormat), userInfo.PasswordSalt))
            {
                DataProvider.UserDao.UpdateLastActivityDateAndCountOfFailedLogin(userInfo);
                LogUtils.AddUserLog(userInfo.UserName, "用户登录失败", "帐号或密码错误");
                errorMessage = "帐号或密码错误";
                return(null);
            }

            return(userInfo);
        }
        public IHttpActionResult Main()
        {
            try
            {
                var body = new RequestBody();
                if (!body.IsUserLoggin)
                {
                    return(Unauthorized());
                }

                var publishmentSystemId = body.GetPostInt("publishmentSystemId");
                var nodeId = body.GetPostInt("nodeId");
                var id     = body.GetPostInt("id");

                var publishmentSystemInfo = PublishmentSystemManager.GetPublishmentSystemInfo(publishmentSystemId);
                var nodeInfo          = NodeManager.GetNodeInfo(publishmentSystemId, nodeId);
                var tableName         = NodeManager.GetTableName(publishmentSystemInfo, nodeInfo);
                var tableStyle        = NodeManager.GetTableStyle(publishmentSystemInfo, nodeInfo);
                var relatedIdentities = RelatedIdentities.GetChannelRelatedIdentities(publishmentSystemId, nodeId);

                var contentInfo = DataProvider.ContentDao.GetContentInfo(tableStyle, tableName, id);

                var postCollection = body.GetPostCollection();
                var extendImageUrl = ContentAttribute.GetExtendAttributeName(BackgroundContentAttribute.ImageUrl);
                if (postCollection.AllKeys.Contains(StringUtils.LowerFirst(extendImageUrl)))
                {
                    postCollection[extendImageUrl] = postCollection[StringUtils.LowerFirst(extendImageUrl)];
                }
                //var postCollection2 = body.GetPostCollection(true);
                //var postCollection = new NameValueCollection();
                //foreach (string key in postCollection1)
                //{
                //    if (!postCollection.AllKeys.Contains(key))
                //    {
                //        postCollection.Add(key, postCollection1[key]);
                //    }
                //}
                //foreach (string key in postCollection2)
                //{
                //    if (!postCollection.AllKeys.Contains(key))
                //    {
                //        postCollection.Add(key, postCollection2[key]);
                //    }
                //}

                InputTypeParser.AddValuesToAttributes(tableStyle, tableName, publishmentSystemInfo, relatedIdentities, postCollection, contentInfo.Attributes, ContentAttribute.HiddenAttributes);

                contentInfo.LastEditDate = DateTime.Now;
                contentInfo.IsChecked    = false;

                DataProvider.ContentDao.Update(tableName, publishmentSystemInfo, contentInfo);

                LogUtils.AddUserLog(body.UserName, EUserActionType.WritingEdit, contentInfo.Title);

                return(Ok(new { }));
            }
            catch (Exception ex)
            {
                return(InternalServerError(ex));
            }
        }
Exemplo n.º 10
0
        public IHttpActionResult Main()
        {
            var body = new RequestBody();

            if (!body.IsUserLoggin)
            {
                return(Unauthorized());
            }

            try
            {
                var userInfo = body.UserInfo;
                if (userInfo == null)
                {
                    return(NotFound());
                }

                if (body.GetPostString("avatarUrl") != null)
                {
                    userInfo.AvatarUrl = body.GetPostString("avatarUrl");
                }
                if (body.GetPostString("displayName") != null)
                {
                    userInfo.DisplayName = body.GetPostString("displayName");
                }
                if (body.GetPostString("gender") != null)
                {
                    userInfo.Gender = body.GetPostString("gender");
                }
                if (body.GetPostString("birthday") != null)
                {
                    userInfo.Birthday = body.GetPostString("birthday");
                }
                if (body.GetPostString("signature") != null)
                {
                    userInfo.Signature = body.GetPostString("signature");
                }
                if (body.GetPostString("organization") != null)
                {
                    userInfo.Organization = body.GetPostString("organization");
                }
                if (body.GetPostString("department") != null)
                {
                    userInfo.Department = body.GetPostString("department");
                }
                if (body.GetPostString("position") != null)
                {
                    userInfo.Position = body.GetPostString("position");
                }
                if (body.GetPostString("education") != null)
                {
                    userInfo.Education = body.GetPostString("education");
                }
                if (body.GetPostString("graduation") != null)
                {
                    userInfo.Graduation = body.GetPostString("graduation");
                }
                if (body.GetPostString("address") != null)
                {
                    userInfo.Address = body.GetPostString("address");
                }
                if (body.GetPostString("interests") != null)
                {
                    userInfo.Interests = body.GetPostString("interests");
                }
                if (body.GetPostString("mobile") != null)
                {
                    var mobile = body.GetPostString("mobile");
                    if (mobile != userInfo.Mobile)
                    {
                        var exists = BaiRongDataProvider.UserDao.IsMobileExists(mobile);
                        if (!exists)
                        {
                            LogUtils.AddUserLog(body.UserName, EUserActionType.UpdateMobile, mobile);
                            userInfo.Mobile = mobile;
                        }
                        else
                        {
                            return(BadRequest("此手机号码已注册,请更换手机号码"));
                        }
                    }
                }
                if (body.GetPostString("email") != null)
                {
                    var email = body.GetPostString("email");
                    if (email != userInfo.Email)
                    {
                        var exists = BaiRongDataProvider.UserDao.IsEmailExists(email);
                        if (!exists)
                        {
                            LogUtils.AddUserLog(body.UserName, EUserActionType.UpdateEmail, email);
                            userInfo.Email = email;
                        }
                        else
                        {
                            return(BadRequest("此邮箱已注册,请更换邮箱"));
                        }
                    }
                }

                BaiRongDataProvider.UserDao.Update(userInfo);
                return(Ok(new User(userInfo)));
            }
            catch (Exception ex)
            {
                return(InternalServerError(ex));
            }
        }