public Respone Login(LoginRequest request)
{
var res = DBServer.Instance.GetPassword(request.Account);
if (res.IsSuccess)
{
var oldPass = res.Data.Rows[0]["password"].ToString();
var salt = Convert.FromBase64String(res.Data.Rows[0]["salt"].ToString());
var saltpass = Encoding.UTF8.GetBytes(request.Password).Concat(salt).ToArray();
MD5Cng md5 = new MD5Cng();
var crpPass = Convert.ToBase64String(md5.ComputeHash(saltpass));
if (oldPass == crpPass)
{
Context.Login(request.Account);
return(StandResult(StandRespone.SuccessResult("登录成功")));
}
else
{
return(StandResult(StandRespone.FailResult("登录失败,密码错误")));
}
}
else
{
return(StandResult(res));
}
}
/// <summary>
/// 查询密码
/// </summary>
/// <param name="userAccount"></param>
/// <param name="password"></param>
public StandRespone GetPassword(string userAccount)
{
if (!userAccount.IsDBSafe())
{
return(StandRespone.UnSafeResult());
}
var executer = DBExecuterFactory.CreateDBExecuter();
try
{
var cmd = $"select a.salt,a.password from user_password a " +
$"inner join userinfo b on a.user_id=b.user_id " +
$"where b.account='{userAccount}'";
var data = executer.ExecuteToTable(cmd);
if (data.Rows.Count > 0)
{
return new StandRespone(true, "查询成功")
{
Data = data
}
}
;
else
{
return(new StandRespone(false, "该账号不存在"));
}
}
catch (Exception e)
{
executer.Close();
return(StandRespone.FailResult("发生异常:" + e.Message));
}
finally
{
executer.Close();
}
}
/// <summary>
/// 用户注册
/// </summary>
/// <param name="userAccount">用户账号</param>
/// <param name="password">密码</param>
/// <param name="salt">盐</param>
/// <example>
/// <code lang="C#">
/// //加密密码
/// byte[] salt = new byte[20];
/// new Random().NextBytes(salt);
/// MD5Cng md5 = new MD5Cng();
/// var saltpass = Encoding.UTF8.GetBytes(password).Concat(salt).ToArray();
/// var crpPass = md5.ComputeHash(saltpass);
/// </code>
/// </example>
public StandRespone Regeister(string userAccount, string password, string salt)
{
if (!userAccount.IsDBSafe() || !password.IsDBSafe())
{
return(StandRespone.UnSafeResult());
}
var executer = DBExecuterFactory.CreateDBExecuter();
try
{
var queryExitUser = $"select* from userinfo where account = '{userAccount}'";
if (executer.ExecuteNonQuery(queryExitUser) > 0)
{
return(new StandRespone(false, "用户已存在!"));
}
var trans = executer.Connection.BeginTransaction();
var insertUser = $"insert into userinfo (account,create_date,status) " +
$"values('{userAccount}',now(),'{UserStatus.Normal}');" +
$"insert into user_password(user_id,password,salt) " +
$"values(@@identity,'{password}','{salt}')";
executer.ExecuteNonQuery(insertUser);
trans.Commit();
return(StandRespone.SuccessResult("注册成功"));
}
catch (Exception e)
{
executer.Close();
return(StandRespone.FailResult("发生异常:" + e.Message));
}
finally
{
executer.Close();
}
}
public override object GetUnauthorizedResult(ExecuteContext executeContext)
{
return(new StandResponeResult(StandRespone.FailResult("请求未授权")).GetRespone());
}
public StandResponeResult(StandRespone respone) => standRespone = respone;
