public int InsertLoginAudit(LoginAudit model)
{
string sql = "insert into \"LoginAudit\"(\"UserId\",\"OrganizationId\",\"LoginDate\",\"Result\") values(@userId, @organizationId, @loginDate, B'@Status') RETURNING \"LoginAuditId\"";
object data = new { userId = model.UserId, organizationId = model.OrganizationId, loginDate = DateTime.Now, Status = model.Result };
return(_connection.ExecuteScalar <int>(sql, data));
}
internal static LoginAudit Add(LoginAudit info)
{
string sql = "insert into LoginAudit(SessionId,FailTotal) value(@SessionId,@FailTotal);select @@IDENTITY;";
info.LoginAuditId = InsertWithReturnID <LoginAudit, int>(con, sql, info);
return(info);
}
public LoginAuditVo(LoginAudit audit)
{
Id = audit.Id;
FechaInicio = audit.FechaInicio.ToDisplayDateTime();
FechaFin = audit.FechaFin.HasValue ? (DateTime?)audit.FechaFin.Value.ToDisplayDateTime() : null;
Ip = audit.IP;
Usuario = audit.Usuario.NombreUsuario;
}
public static int SaveLoginAudit(LoginAudit loginAudit)
{
using (LinkManagementEntities entities = new LinkManagementEntities())
{
entities.LoginAudits.Add(loginAudit);
entities.SaveChanges();
}
return(1);
}
public FunctionOpenResult <string> CompanyUserLogin(string loginKey, string pwd, string sessionKey)
{
FunctionOpenResult <string> result = new FunctionOpenResult <string>()
{
ActionResult = true
};
//获取会话数据
UserSession userSession = UserSessionDal.Get(sessionKey);
int sessionId = (userSession == null)?0:userSession.SessionId;
//先检查失败次数
LoginAudit loginAudit = (sessionId > 0)? LoginAuditDal.Get(sessionId): LoginAuditDal.Add(new LoginAudit());
if ((loginAudit != null) && (loginAudit.FailTotal >= 3))
{
result.ActionResult = false;
result.ErrorMsg = "密码错误太多";
result.ErrorCode = ErrorCode.PwdAttack;
return(result);
}
//验证口令
UserSession loginSession = CompanyLoginDal.Get(loginKey, pwd);
if (loginSession == null)
{
loginSession = new UserSession();
}
loginSession.SessionKey = sessionKey;
if (loginSession.UserId > 0)
{
loginSession.Status = 1;
loginSession.SessionId = UserSessionDal.Add(loginSession);
userSession = loginSession;
//添加会话缓存
RedisComponent.SaveCache <UserSession>(String.Format(UserAuthorityCacheKey.AuthorityCacheKey, sessionKey), loginSession);
result.Data = loginSession.SessionKey;
}
else
{
loginAudit.FailTotal++;
result.ActionResult = false;
result.ErrorMsg = "验证未通过";
result.ErrorCode = ErrorCode.LoginFail;
}
if (userSession == null)
{
loginSession.Status = 1;
UserSessionDal.Add(loginSession);
}
return(result);
}
public void TrackLogin(LoginAudit audit)
{
try
{
SqlParameter[] para = new SqlParameter[] {
new SqlParameter("@UserName", audit.UserName),
new SqlParameter("@IPAddress", audit.IPAddress),
new SqlParameter("@LoginDate", audit.LoginDate),
new SqlParameter("@LoginStatus", audit.LoginStatus)
};
DataSet result = BKICSQL.eds(UsersSP.LoginAudit, para);
}
catch (Exception exc)
{
throw;
}
}
private void RecordLoginAudit(ApplicationUser user, string activity)
{
LoginAudit loginAudit = new LoginAudit {
UserName = user.UserName, TimeRecorded = DateTime.Now, Activity = activity
};
if (ModelState.IsValid)
{
db.LoginAudits.Add(loginAudit);
db.SaveChanges();
}
else
{
string error = "";
foreach (ModelState modelState in ViewData.ModelState.Values)
{
foreach (ModelError err in modelState.Errors)
{
error = error + " \n" + err.ErrorMessage;
}
}
}
}
public async Task Login(string token, string operatingSystem, string ipAddress, string nameVersionClient)
{
var jwtAuthProviderReader = (JwtAuthProviderReader)AuthenticateService.GetAuthProvider("jwt");
try
{
var jwtPayload = jwtAuthProviderReader.GetVerifiedJwtPayload(new BasicHttpRequest(), token.Split('.'));
await Groups.AddToGroupAsync(this.Context.ConnectionId, _loginedGroup);
Context.Items["login"] = jwtPayload["name"];
Context.Items["uid"] = jwtPayload["sub"];
Context.Items["session"] = jwtPayload["session"];
var user = await _ravenSession.LoadAsync <User>(jwtPayload["sub"]);
if (user != null)
{
Context.Items["nickname"] = user.DisplayName;
}
var logOn = new LogOn
{
Id = jwtPayload["sub"],
UserLogin = jwtPayload["name"],
};
if (long.TryParse(jwtPayload["exp"], out long expire))
{
logOn.ExpireTime = DateTimeOffset.FromUnixTimeSeconds(expire);
if (logOn.ExpireTime < DateTimeOffset.UtcNow)
{
throw new TokenException("Token is expired");
}
}
await Clients.Caller.SendAsync(logOn);
var userLoginAudit = await _ravenSession.LoadAsync <LoginAudit>(jwtPayload["sub"] + "/LoginAudit");
if (userLoginAudit != null)
{
if (jwtPayload["session"] != userLoginAudit.SessionId)
{
userLoginAudit.NameVersionClient = nameVersionClient;
userLoginAudit.OperatingSystem = operatingSystem;
userLoginAudit.IpAddress = ipAddress;
userLoginAudit.DateOfEntry = DateTime.Now;
userLoginAudit.SessionId = jwtPayload["session"];
await _ravenSession.StoreAsync(userLoginAudit);
await _ravenSession.SaveChangesAsync();
}
}
else
{
userLoginAudit = new LoginAudit
{
Id = jwtPayload["sub"] + "/LoginAudit",
OperatingSystem = operatingSystem,
DateOfEntry = DateTime.Now,
IpAddress = ipAddress,
NameVersionClient = nameVersionClient,
SessionId = jwtPayload["session"]
};
await _ravenSession.StoreAsync(userLoginAudit);
await _ravenSession.SaveChangesAsync();
}
Log.Information($"Connected {Context.Items["login"]}({Context.Items["uid"]}) with session {Context.Items["session"]}");
}
catch (Exception e)
{
await Clients.Caller.SendAsync(new LogOn
{
Error = true
});
Log.Warning($"Bad token from connection {Context.ConnectionId}");
}
}
