protected virtual int GetUserIdByToken()
{
//return true;
var headerCustomerId = WebApiValidate.ValidateToken(Request.Headers.Authorization.Parameter);
return(headerCustomerId);
}
/// <summary>
/// 检查token中的用户信息是否与获取数据的用户id为同一个用户
/// </summary>
/// <param name="customerId"></param>
/// <returns></returns>
protected virtual bool CheckTokenUser(int customerId)
{
//return true;
var headerCustomerId = WebApiValidate.ValidateToken(Request.Headers.Authorization.Parameter);
if (headerCustomerId == 0)
{
return(false);
}
else if (headerCustomerId != customerId)
{
return(false);
}
else
{
return(true);
}
}
public HttpResponseMessage PostLogin(CustomerLoginModel value)
{
if (string.IsNullOrWhiteSpace(value.UserName) || string.IsNullOrWhiteSpace(value.Password))
{
return(ReturnResult(string.Empty, 1, "不能传入空的参数值"));
}
try
{
var checkResult = ValidateSignature(value.Signature, value.timestamp, value.Nonce, value.AppCode);
if (!checkResult)
{
return(ReturnResult(string.Empty, 1, "不合法的登录方式,您的IP将会被限制访问"));
}
var loginResult = _customerRegistrationService.ValidateCustomer(value.UserName, value.Password);
var errorMessge = string.Empty;
Customer customer = new Customer();
switch (loginResult)
{
case CustomerLoginResults.Successful:
{
//if (customer == null){
customer = _customerService.GetCustomerByUsername(value.UserName);
//}
//sign in new customer
_authenticationService.SignIn(customer, true);
}
break;
case CustomerLoginResults.CustomerNotExist:
errorMessge = _localizationService.GetResource("Account.Login.WrongCredentials.CustomerNotExist");
break;
case CustomerLoginResults.Deleted:
errorMessge = _localizationService.GetResource("Account.Login.WrongCredentials.Deleted");
break;
case CustomerLoginResults.NotActive:
errorMessge = _localizationService.GetResource("Account.Login.WrongCredentials.NotActive");
break;
case CustomerLoginResults.NotRegistered:
errorMessge = _localizationService.GetResource("Account.Login.WrongCredentials.NotRegistered");
break;
case CustomerLoginResults.WrongPassword:
default:
errorMessge = _localizationService.GetResource("Account.Login.WrongCredentials");
break;
}
if (!string.IsNullOrWhiteSpace(errorMessge))
{
return(ReturnResult(string.Empty, 1, errorMessge));
}
else
{
var result = new
{
token = WebApiValidate.GetApiValidateToken(customer.Id),
id = customer.Id,
username = customer.Username,
email = customer.Email.ConvertToString(),
firstname = customer.GetAttribute <string>(SystemCustomerAttributeNames.FirstName).ConvertToString(),
lastname = customer.GetAttribute <string>(SystemCustomerAttributeNames.LastName).ConvertToString(),
imageurl = _pictureService.GetPictureUrl(
customer.GetAttribute <int>(SystemCustomerAttributeNames.AvatarPictureId),
_mediaSettings.AvatarPictureSize,
false).ConvertToString()
};
return(ReturnResult(result, 0, string.Empty));
}
}
catch (Exception ex)
{
LogException(ex);
return(ReturnResult(string.Empty, 1, "读取数据出现错误"));
}
}
