public override bool OnActionExecuting()
{
_stopwatch = Stopwatch.StartNew();
if (!HttpContext.Current.Request.Cookies.TryGetValue("token", out Http.HttpCookie cookies))
{
HttpContext.Current.Response.SetCached(new JsonResult(new JsonResult <string>()
{
Code = 3, Message = "当前操作需要登录!"
}));
HttpContext.Current.Response.End();
return(false);
}
var token = cookies.Value;
if (!UserHelper.TryGetUserSession(token, out UserSession u))
{
HttpContext.Current.Response.SetCached(new JsonResult(new JsonResult <string>()
{
Code = 3, Message = "当前操作需要登录!"
}));
HttpContext.Current.Response.End();
return(false);
}
if (_isAdmin)
{
var span = DateTime.UtcNow - u.dt;
if (span.TotalMinutes > 30)
{
HttpContext.Current.Response.SetCached(new JsonResult(new JsonResult <string>()
{
Code = 3, Message = "当前操作需要登录!"
}));
HttpContext.Current.Response.End();
return(false);
}
u.dt = DateTime.UtcNow;
UserHelper.AddOrUpdateUserSession(token, u);
var user = UserHelper.Get(u.Id);
if (user.Role != Role.Admin)
{
HttpContext.Current.Response.SetCached(new JsonResult(new JsonResult <string>()
{
Code = 4, Message = "当前操作权限不足,请联系管理员!"
}));
HttpContext.Current.Response.End();
return(false);
}
}
return(true);
}
/// <summary>
/// 登录
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns></returns>
public ActionResult Login(string userName, string password)
{
try
{
if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(password))
{
return(Json(new JsonResult <string>()
{
Code = 2, Message = "用户名或密码不能为空"
}));
}
var user = UserHelper.Login(userName, password);
if (user == null)
{
if (userName == "whj" && !UserHelper.Exists("whj"))
{
var newUser = new User()
{
ID = Guid.NewGuid().ToString("N"),
UserName = userName.Length > 20 ? userName.Substring(0, 20) : userName,
Password = password.Length > 20 ? password.Substring(0, 20) : password,
NickName = "MAXNE",
Role = Role.Admin
};
string token = Guid.NewGuid().ToString();
HttpContext.Current.Response.Cookies.Add("token", new Http.HttpCookie("token", token, DateTime.Now.AddDays(30)));
UserHelper.Set(newUser);
UserHelper.AddOrUpdateUserSession(token, new UserSession {
Id = newUser.ID, dt = DateTime.UtcNow
});
//HttpContext.Current.Session["uid"] = newUser.ID;
return(Json(new JsonResult <string>()
{
Code = 1, Message = "登录成功,欢迎" + newUser.NickName + "地访问"
}));
}
else
{
return(Json(new JsonResult <string>()
{
Code = 2, Message = "用户名或密码不正确"
}));
}
}
else
{
string token = Guid.NewGuid().ToString();
HttpContext.Current.Response.Cookies.Add("token", new Http.HttpCookie("token", token, DateTime.Now.AddDays(30)));
UserHelper.AddOrUpdateUserSession(token, new UserSession {
Id = user.ID, dt = DateTime.UtcNow
});
return(Json(new JsonResult <string>()
{
Code = 1, Message = "登录成功,欢迎" + user.NickName + "地访问"
}));
}
}
catch (Exception ex)
{
LogHelper.Error("UserController.Login", ex, userName, password);
return(Json(new JsonResult <string>()
{
Code = 2, Message = "登录失败,系统异常," + ex.Message
}));
}
}
