/// <summary>
/// 初始化 js加密参数
/// </summary>
private void InitRsa()
{
//TODO: 加锁防止重复写入缓存、判断客户端Cookies是否已经存在有效(现在不会导致程序出错,只是会重复写入到缓存内)
string exponent = CacheManager.RunTimeCache.Get("exponent");
string modulus = CacheManager.RunTimeCache.Get("modulus");
if (exponent.IsNullOrEmpty() || modulus.IsNullOrEmpty())
{
RsaCryption.JsPublicKey(PublicConst.XmlPrivateKey, out exponent, out modulus);
CacheManager.RunTimeCache.Set("exponent", exponent, PublicConst.Time.Day1);
CacheManager.RunTimeCache.Set("modulus", modulus, PublicConst.Time.Day1);
}
//var clientexponent = CookieHelper.Get("exponent");
//var clientmodulus = CookieHelper.Get("modulus");
CookieHelper.Set("exponent", exponent);
CookieHelper.Set("modulus", modulus);
#region 判断是否需要写入到客户端
//if (!(clientexponent.IsNotNullOrEmpty() && clientexponent == exponent))
//{
//}
//if (!(clientmodulus.IsNotNullOrEmpty() && clientmodulus == modulus))
//{
//}
#endregion
}
//获取秘钥
public ActionResult GetSecretKey(string id)
{
try
{
var secretKey = "";
var privateKey = "";
var publicKey = "";
var response = _appIdAuthService.GetAppIdAuth(new GetAppIdAuthRequest
{
Id = int.Parse(id)
});
if (!response.IsSuccess)
{
return(ToJsonResult(new { status = 1, msg = "应用不存在" }));
}
#region 根据加密类型获取加密字符串
switch (response.Entity.EncryptionType)
{
case 0:
break;
case 1: //对称加密(DES)
secretKey = Guid.NewGuid().ToString("N").Substring(0, 32);
break;
case 2: //对称加密(AES)
secretKey = Guid.NewGuid().ToString("N").Substring(0, 32);
break;
case 3: //非对称加密
RsaCryption.RsaKey(out privateKey, out publicKey);
break;
}
#endregion
return(ToJsonResult(new
{
status = 0,
SecretKey = secretKey,
PrivateKey = privateKey,
PublicKey = publicKey
}));
}
catch (Exception ex)
{
LogManager.DefaultLogger.ErrorFormat("获取秘钥不存在:{0}", new { err = ex.ToString() }.ToJson());
return(ToJsonFatalResult("获取秘钥出错"));
}
}
/// <summary>
/// 初始化 js加密参数
/// </summary>
private void InitRsa()
{
string exponent = CacheManager.RunTimeCache.Get("exponent");
string modulus = CacheManager.RunTimeCache.Get("modulus");
if (exponent.IsNullOrEmpty() || modulus.IsNullOrEmpty())
{
RsaCryption.JsPublicKey(PublicConst.XmlPrivateKey, out exponent, out modulus);
CacheManager.RunTimeCache.Set("exponent", exponent, PublicConst.Time.Hour4);
CacheManager.RunTimeCache.Set("modulus", modulus, PublicConst.Time.Hour4);
}
CookieHelper.Set("exponent", exponent);
CookieHelper.Set("modulus", modulus);
}
public ActionResult ChangePassword(string oldpwd, string newpwd)
{
try
{
if (oldpwd.IsNullOrEmpty() || newpwd.IsNullOrEmpty())
{
return(Json(new { status = 1, msg = "参数不能为空" }, JsonRequestBehavior.AllowGet));
}
oldpwd = RsaCryption.Decrypt(PublicConst.XmlPrivateKey, oldpwd);
newpwd = RsaCryption.Decrypt(PublicConst.XmlPrivateKey, newpwd);
if (oldpwd == newpwd)
{
return(Json(new { status = 2, msg = "修改密码和原密码相同" }, JsonRequestBehavior.AllowGet));
}
var response = _iuserinfoservice.ChangePassword(new ChangePasswordRequest
{
UserId = LoginAccount.UserInfo.Id,
OldPassword = oldpwd,
NewPassword = newpwd
});
if (!response.IsSuccess)
{
return(Json(new { status = 1, msg = response.MessageText }, JsonRequestBehavior.AllowGet));
}
return(Json(new { status = 0 }, JsonRequestBehavior.AllowGet));
}
catch (Exception ex)
{
LogManager.DefaultLogger.ErrorFormat("修改用户密码出错{0}", new { oldpwd, newpwd, err = ex.ToString() }.ToJson());
return(Json(new { status = -1, msg = "系统出错!" }, JsonRequestBehavior.AllowGet));
}
}
/// <summary>
/// 保存秘钥
/// </summary>
/// <param name="request">参数</param>
/// <returns></returns>
public SaveSecretKeyResponse SaveSecretKey(SaveSecretKeyRequest request)
{
var response = new SaveSecretKeyResponse();
try
{
if (request.Entity == null || request.Entity.Id == 0)
{
response.IsSuccess = false;
response.MessageCode = "1";
response.MessageText = "参数不能为空";
return(response);
}
var entitytemp = _appIdAuthTokenRepository.FindSingle <AppIdAuthPo>(request.Entity.Id);
if (entitytemp == null)
{
response.IsSuccess = false;
response.MessageCode = "2";
response.MessageText = "修改不存在";
return(response);
}
entitytemp.SecretKey = request.Entity.SecretKey;
entitytemp.PrivateKey = request.Entity.PrivateKey;
entitytemp.PublicKey = request.Entity.PublicKey;
EntityLogger.UpdateEntity(entitytemp);
if (entitytemp.EncryptionType == 3)
{
#region 检查秘钥是否合法
var testtxt = "mayiboy";
if (RsaCryption.Decrypt(request.Entity.PrivateKey, RsaCryption.Encrypt(request.Entity.PublicKey, testtxt)) != testtxt)
{
response.IsSuccess = false;
response.MessageCode = "4";
response.MessageText = "非对称加密有误";
return(response);
}
#endregion
_appIdAuthTokenRepository.UpdateColumns(entitytemp, e => new
{
e.UpdateUserId,
e.UpdateTime,
e.PrivateKey,
e.PublicKey
});
}
else
{
#region 检查秘钥是否合法
if (entitytemp.EncryptionType == 1 && entitytemp.SecretKey.Length < 8)
{
response.IsSuccess = false;
response.MessageCode = "3";
response.MessageText = "秘钥长度不能小于8";
return(response);
}
else if (entitytemp.EncryptionType == 2 && entitytemp.SecretKey.Length < 32)
{
response.IsSuccess = false;
response.MessageCode = "4";
response.MessageText = "秘钥长度不能小于32";
return(response);
}
#endregion
_appIdAuthTokenRepository.UpdateColumns(entitytemp, e => new
{
e.UpdateUserId,
e.UpdateTime,
e.SecretKey,
});
}
var key = entitytemp.AppId.AddCachePrefix("AppIdAuth");
CacheManager.RedisDefault.Del(key);
}
catch (Exception ex)
{
response.IsSuccess = false;
response.MessageCode = "-1";
response.MessageText = ex.Message;
LogManager.LogicLogger.ErrorFormat("保存秘钥出错:{0}", new { request, err = ex.ToString() }.ToJson());
}
return(response);
}
//登陆
public ActionResult Submit(string username, string password)
{
try
{
#region 验证参数
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(Json(new { status = 1, msg = "请正确输入用户名、密码!" }, JsonRequestBehavior.AllowGet));
}
var fromappid = SessionHelper.Get <string>("fromappid");
var fromurl = SessionHelper.Get <string>("fromurl");
if (string.IsNullOrEmpty(fromurl) || string.IsNullOrEmpty(fromappid))
{
return(Json(new { status = 3, msg = "参数有误" }, JsonRequestBehavior.AllowGet));
}
#endregion
username = RsaCryption.Decrypt(PublicConst.XmlPrivateKey, username);
password = RsaCryption.Decrypt(PublicConst.XmlPrivateKey, password);
#region 验证码登陆错误次数
var loginkey = username + RequestHelper.Ip;
var loginnum = int.Parse(CacheManager.RunTimeCache.Get(loginkey) ?? "0");
if (loginnum >= ConfigHelper.GetConfigInt("MaxNumberErrorLogin"))
{
return(Json(new { status = 5, msg = "错误登陆次数超过上限" }, JsonRequestBehavior.AllowGet));
}
#endregion
#region 验证用户名密码
var response = _iuserinfoservice.LoginQuery(new LoginQueryRequest
{
LoginName = username,
Password = password.GetMd5()
});
if (!response.IsSuccess)
{
return(Json(new { status = 2, msg = "登录失败" }, JsonRequestBehavior.AllowGet));
}
if (response.UserInfoEntity == null)
{
CacheManager.RunTimeCache.Set(loginkey, (loginnum + 1).ToString(), PublicConst.Time.Day1);
return(Json(new { status = 3, msg = "密码错误!" }, JsonRequestBehavior.AllowGet));
}
CacheManager.RunTimeCache.Remove(loginkey);
#endregion
#region 验证fromId
var userappidauthresponse = _userApIdAuthService.QueryByUserAppId(new QueryByUserAppIdRequest
{
UserId = response.UserInfoEntity.Id,
UserAppId = fromappid,
});
if (!userappidauthresponse.IsSuccess)
{
return(Json(new { status = 6, msg = "登录失败" }, JsonRequestBehavior.AllowGet));
}
if (userappidauthresponse.Entity == null)
{
return(Json(new { status = 7, msg = "您没有权限!请联系管理员" }, JsonRequestBehavior.AllowGet));
}
#endregion
var ticket = Guid.NewGuid().ToString("N");
CacheManager.RunTimeCache.Set(fromappid, ticket, 60 * 5);
var entity = response.UserInfoEntity.As <AccountModel>();
entity.Fingerprint = RequestHelper.Fingerprint;
CacheManager.RunTimeCache.Set(ticket, entity, 60 * 5);
fromurl = string.Concat(fromurl, (fromurl.Contains("?") ? "&" : "?"), PublicConst.UrlAuth, "=", ticket);
return(Json(new { status = 0, fromurl = fromurl }, JsonRequestBehavior.AllowGet));
}
catch (Exception ex)
{
LogManager.DefaultLogger.Error(new { status = -1, msg = "登录失败" }.ToJson());
return(Json(new { username, password, err = ex.ToString() }, JsonRequestBehavior.AllowGet));
}
}
