Exemplo n.º 1
0
        /// <summary>
        /// 分页查询
        /// </summary>
        /// <param name="taskId">任务标识</param>
        /// <param name="userInfo">用户</param>
        /// <param name="recordCount">记录数</param>
        /// <param name="pageIndex">当前页</param>
        /// <param name="pageSize">每页显示</param>
        /// <param name="whereClause">条件</param>
        /// <param name="dbParameters">参数</param>
        /// <param name="order">排序</param>
        /// <returns>数据表</returns>
        public DataTable GetDataTableByPage(string taskId, BaseUserInfo userInfo, out int recordCount, int pageIndex, int pageSize, string whereClause, List <KeyValuePair <string, object> > dbParameters, string order = null)
        {
            var result        = new DataTable(BaseLoginLogEntity.TableName);
            int myRecordCount = 0;

            var parameter = ServiceInfo.Create(taskId, userInfo, MethodBase.GetCurrentMethod());

            // 这里需要连接到登录日志数据库服务器
            ServiceUtil.ProcessLoginLogDb(userInfo, parameter, (dbHelper) =>
            {
                if (SecretUtil.IsSqlSafe(whereClause))
                {
                    var loginLogManager = new BaseLoginLogManager(dbHelper, userInfo);
                    result           = loginLogManager.GetDataTableByPage(out myRecordCount, pageIndex, pageSize, whereClause, dbHelper.MakeParameters(dbParameters), order);
                    result.TableName = BaseLoginLogEntity.TableName;
                }
                else
                {
                    if (System.Web.HttpContext.Current != null)
                    {
                        // 记录注入日志
                        FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + whereClause, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
                    }
                }
            });
            recordCount = myRecordCount;

            return(result);
        }
Exemplo n.º 2
0
        public static string AddLog(string systemCode, BaseUserEntity userEntity, string ipAddress, string ipAddressName, string macAddress, string loginStatus)
        {
            if (!BaseSystemInfo.RecordLogOnLog)
            {
                return(string.Empty);
            }
            if (userEntity == null)
            {
                return(null);
            }

            string             result = string.Empty;
            BaseLoginLogEntity entity = new BaseLoginLogEntity();

            entity.SystemCode  = systemCode;
            entity.UserId      = userEntity.Id;
            entity.UserName    = userEntity.NickName;
            entity.RealName    = userEntity.RealName;
            entity.CompanyId   = userEntity.CompanyId;
            entity.CompanyName = userEntity.CompanyName;
            if (BaseSystemInfo.OnInternet && !string.IsNullOrEmpty(userEntity.CompanyId))
            {
                entity.CompanyCode = BaseOrganizeManager.GetCodeByCache(userEntity.CompanyId);
            }
            entity.IPAddress     = ipAddress;
            entity.IPAddressName = ipAddressName;
            entity.MACAddress    = macAddress;
            entity.LoginStatus   = loginStatus;
            entity.LogLevel      = LoginStatusToLogLevel(loginStatus);
            entity.CreateOn      = DateTime.Now;

            string tableName = GetSplitTableName(userEntity);

            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.LoginLogDbType, BaseSystemInfo.LoginLogDbConnection))
            {
                BaseLoginLogManager loginLogManager = new BaseLoginLogManager(dbHelper, tableName);
                try
                {
                    // 2015-07-13 把登录日志无法正常写入的,进行日志记录
                    result = loginLogManager.Add(entity, false, false);
                }
                catch (System.Exception ex)
                {
                    FileUtil.WriteMessage("AddLogTask: 异常信息:" + ex.Message
                                          + System.Environment.NewLine + "错误源:" + ex.Source
                                          + System.Environment.NewLine + "堆栈信息:" + ex.StackTrace, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "Log" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
                }
            }

            return(result);
        }
Exemplo n.º 3
0
        /// <summary>
        /// 用户退出
        /// </summary>
        /// <param name="openId">信令</param>
        /// <param name="createOpenId">重新生成令牌</param>
        /// <returns>影响行数</returns>
        public bool SignOut(string openId, bool createOpenId = true, string systemCode = "Base", string ipAddress = null, string macAddress = null)
        {
            int result = 0;

            // 应该进行一次日志记录
            // 从缓存读取、效率高
            string id = string.Empty;

            if (!string.IsNullOrWhiteSpace(openId))
            {
                BaseUserEntity userEntity = BaseUserManager.GetObjectByOpenIdByCache(openId);
                if (userEntity != null && !string.IsNullOrEmpty(userEntity.Id))
                {
                    string ipAddressName = string.Empty;
                    if (!string.IsNullOrEmpty(ipAddress))
                    {
                        ipAddressName = IpHelper.GetInstance().FindName(ipAddress);
                    }

                    BaseLoginLogManager.AddLog(systemCode, userEntity, ipAddress, ipAddressName, macAddress, Status.SignOut.ToDescription());

                    // 是否更新访问日期信息
                    if (!BaseSystemInfo.UpdateVisit)
                    {
                        return(result > 0);
                    }

                    string sqlQuery = string.Empty;
                    // 最后一次登录时间
                    sqlQuery = " UPDATE " + BaseUserLogOnEntity.TableName
                               + " SET " + BaseUserLogOnEntity.FieldPreviousVisit + " = " + BaseUserLogOnEntity.FieldLastVisit;
                    if (createOpenId)
                    {
                        // sqlQuery += " , " + BaseUserLogOnEntity.FieldOpenId + " = '" + System.Guid.NewGuid().ToString("N") + "'";
                    }
                    sqlQuery += " , " + BaseUserLogOnEntity.FieldUserOnLine + " = 0 "
                                + " , " + BaseUserLogOnEntity.FieldLastVisit + " = " + this.DbHelper.GetDbNow();

                    sqlQuery += "  WHERE " + BaseUserLogOnEntity.FieldId + " = " + DbHelper.GetParameter(BaseUserEntity.FieldId);

                    List <IDbDataParameter> dbParameters = new List <IDbDataParameter>();
                    dbParameters.Add(DbHelper.MakeParameter(BaseUserEntity.FieldId, userEntity.Id));
                    result = this.DbHelper.ExecuteNonQuery(sqlQuery, dbParameters.ToArray());
                }
            }

            return(result > 0);
        }
Exemplo n.º 4
0
        private static void AddLogTaskByBaseUserInfo(object param)
        {
            var          tuple         = param as Tuple <string, BaseUserInfo, string, string, string, string>;
            string       systemCode    = tuple.Item1;
            BaseUserInfo userInfo      = tuple.Item2;
            string       ipAddress     = tuple.Item3;
            string       ipAddressName = tuple.Item4;
            string       macAddress    = tuple.Item5;
            string       loginStatus   = tuple.Item6;

            BaseLoginLogEntity entity = new BaseLoginLogEntity();

            entity.SystemCode    = systemCode;
            entity.UserId        = userInfo.Id;
            entity.UserName      = userInfo.NickName;
            entity.RealName      = userInfo.RealName;
            entity.CompanyId     = userInfo.CompanyId;
            entity.CompanyName   = userInfo.CompanyName;
            entity.CompanyCode   = userInfo.CompanyCode;
            entity.IPAddress     = ipAddress;
            entity.IPAddressName = ipAddressName;
            entity.MACAddress    = macAddress;
            entity.LoginStatus   = loginStatus;
            entity.LogLevel      = LoginStatusToLogLevel(loginStatus);
            entity.CreateOn      = DateTime.Now;

            string tableName = GetSplitTableName(userInfo);

            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.LoginLogDbType, BaseSystemInfo.LoginLogDbConnection))
            {
                BaseLoginLogManager loginLogManager = new BaseLoginLogManager(dbHelper, tableName);
                try
                {
                    // 2015-07-13 把登录日志无法正常写入的,进行日志记录
                    loginLogManager.Add(entity, false, false);
                }
                catch (System.Exception ex)
                {
                    FileUtil.WriteMessage("AddLogTask: ipAddress:" + ipAddress + "macAddress:" + macAddress
                                          + System.Environment.NewLine + "异常信息:" + ex.Message
                                          + System.Environment.NewLine + "错误源:" + ex.Source
                                          + System.Environment.NewLine + "堆栈信息:" + ex.StackTrace, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "Log" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
                }
            }
        }
Exemplo n.º 5
0
        /// <summary>
        /// 检查一个服务调用是否是允许调用的?
        /// 1:是否要记录日志?
        /// 2:是否需要埋点?检查性能?访问频率等?调用次数?
        /// 3:非合法的调用?是否日志记录?
        /// 4:异常的要进行处理?
        /// </summary>
        /// <param name="appKey">应用唯一标识</param>
        /// <param name="appSecret">应用的签名密钥</param>
        /// <param name="callLimit">是否进行限制</param>
        /// <param name="systemCode">访问子系统</param>
        /// <param name="permissionCode">判断的权限编号</param>
        /// <returns>验证情况</returns>
        public static BaseResult CheckService(string appKey, string appSecret, bool callLimit = false, string systemCode = "Base", string permissionCode = null)
        {
            BaseResult result = new DotNet.Utilities.BaseResult();

            result.Status = false;

            // AppKey: 23286115
            // AppSecret: c8d1f06f599d7370467993c72a34c701
            // permissionCode: "User.Add"

            string ipAddress = Utilities.GetIPAddress(true);

            // 1: 判断参数是否合理?目标服务,总不可以为空,否则怎么区别谁在调用这个服务了?
            if (string.IsNullOrEmpty(appKey))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "appKey为空、访问被拒绝";
                return(result);
            }

            // 2: 判断是否在接口角色里, 只有在接口角色里的,才可以进行远程调用,这样也方便把接口随时踢出来。
            string roleCode = "Interface";

            if (!BaseUserManager.IsInRoleByCache(systemCode, appKey, roleCode))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "非接口用户、访问被拒绝";
                return(result);
            }

            // 3: 判断调用的频率是否?这里需要高速判断,不能总走数据库?调用的效率要高,不能被远程接口给拖死了、自己的服务都不正常了。
            if (callLimit && PooledRedisHelper.CallLimit(appKey, 10, 10000))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "访问频率过高、访问被拒绝";
                return(result);
            }

            // 4: 判断签名是否有效?是否过期?可以支持多个签名,容易升级、容易兼容、容易有个过度的缓冲期。为了提高安全性,必须要有签名才对。
            if (!BaseServicesLicenseManager.CheckServiceByCache(appKey, appSecret))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "不合法签名、访问被拒绝";
                return(result);
            }

            // 5: 判断对方的ip是否合法的?1个服务程序,可以有多个ip。可以把服务当一个用户看待,一个目标用户可能也配置了多个服务,一般是远程连接。
            BaseUserLogOnManager userLogOnManager = new BaseUserLogOnManager();
            BaseUserLogOnEntity  userLogOnEntity  = userLogOnManager.GetObject(appKey);

            if (BaseUserManager.CheckIPAddressByCache(userLogOnEntity, ipAddress, true))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "不合法IP、访问被拒绝";
                return(result);
            }

            // 6: 判断是否有权限?防止被过渡调用,拖死数据库,可以用缓存的方式进行判断,这样不容易被客户端、合作伙伴拖垮。
            if (!string.IsNullOrEmpty(permissionCode) && !BasePermissionManager.IsAuthorizedByCache(systemCode, appKey, permissionCode))
            {
                result.StatusCode    = "AccessDeny";
                result.StatusMessage = "无权限 " + permissionCode + "、访问被拒绝";
                return(result);
            }

            // 7: 判断是否有效?判断时间是否对?
            BaseUserManager userManager     = new BaseUserManager();
            BaseUserEntity  userEntity      = userManager.GetObject(appKey);
            UserLogOnResult userLogOnResult = userManager.CheckUser(userEntity, userLogOnEntity);

            if (!string.IsNullOrEmpty(userLogOnResult.StatusCode))
            {
                BaseLoginLogManager.AddLog(systemCode, userEntity, ipAddress, string.Empty, string.Empty, userLogOnResult.StatusMessage);
                result.StatusCode    = userLogOnResult.StatusCode;
                result.StatusMessage = userLogOnResult.StatusMessage;
                return(result);
            }

            // 8:目前需要判断的,都加上了。
            result.Status = true;
            return(result);
        }
Exemplo n.º 6
0
 /// <summary>
 /// 宋彪 2015-01-22
 /// 向登录用户发送登录提醒消息
 /// 1、邮件提醒;、2手机短信提醒;3、吉信提醒
 /// 为了避免线程阻塞,使用一个新线程处理提醒消息的发送
 /// 所有超管及IT信息中心的人员全部强制提醒
 /// </summary>
 /// <param name="userInfo">用户登录信息</param>
 public void SendLogOnRemind(BaseUserInfo userInfo)
 {
     System.Threading.ThreadPool.QueueUserWorkItem(delegate
     {
         try
         {
             //获取提醒实体信息 提醒要求已设置且启用
             string systemName = userInfo.SystemCode;
             BaseUserLogonExtendManager manager        = new BaseUserLogonExtendManager();
             BaseUserLogonExtendEntity userLogonRemind = manager.GetObject(userInfo.Id);
             BaseUserContactEntity userContactEntity   = new BaseUserContactManager().GetObject(userInfo.Id);
             WebClient webClient = new WebClient();
             //提醒对象实体和联系信息实体存在则进行下一步
             if (userLogonRemind != null && userContactEntity != null)
             {
                 //发送吉信消息提醒 有唯一账号而且设置了在登录时发送吉信登录提醒
                 if (!string.IsNullOrWhiteSpace(userInfo.NickName) && userLogonRemind.JixinRemind == 1)
                 {
                     //吉信接口地址
                     string url = "http://jixin.zt-express.com:8280/mng/httpservices/msg-sendMessageToUsers.action";
                     NameValueCollection postValues = new NameValueCollection();
                     //为空则无发送者,客户无回复按钮+(v1.1)
                     postValues.Add("sender", string.Empty);
                     //关闭延迟 默认为30秒 +(v1.1)
                     postValues.Add("closeDelay", "30");
                     //显示延迟 默认为0秒 +(v1.1)
                     postValues.Add("showDelay", "0");
                     //接收者,以逗号分隔,包含中文需使用URL编码
                     // ReSharper disable once AssignNullToNotNullAttribute
                     postValues.Add("receivers", System.Web.HttpUtility.UrlEncode(userInfo.NickName, System.Text.Encoding.UTF8));
                     //显示位置,0表示居中,1表示右下角(默认0)
                     postValues.Add("position", "1");
                     //消息标题
                     postValues.Add("title", "中天系统账号登录提醒");
                     //消息内容
                     string content = "<div style='word-break:keep-all;'><font color='#FF7E00'>" + userInfo.NickName + "</font>,您的账号于<font color='#FF7E00'>" + DateTime.Now.ToString(BaseSystemInfo.DateTimeFormat) + "</font>登录了<font color='#FF7E00'>" + systemName + "</font></div>"
                                      + "<div style='word-break:keep-all;margin-top:5px'>登录IP:<font color='#FF7E00'>" + userInfo.IPAddress + "</font></div>"
                                      + "<div style=' word-break:keep-all;margin-top:5px'>IP参考所在地:<font color='#FF7E00'>" + DotNet.Utilities.IpHelper.GetInstance().FindName(userInfo.IPAddress) + "</font></div>"
                                      + "<div style=' word-break:keep-all;margin-top:5px'>如果不是您自己登录,请马上联系:021-31165566,或即刻<a href='http://security.zt-express.com' target='_blank'>登录安全中心</a>修改密码。</div>";
                     postValues.Add("content", content);
                     postValues.Add("width", "300");
                     postValues.Add("height", "180");
                     // 向服务器发送POST数据
                     webClient.UploadValues(url, postValues);
                 }
                 //用户邮箱存在,邮箱已经认证而且设置了使用登录时发送邮件提醒
                 if (!string.IsNullOrWhiteSpace(userContactEntity.Email) && userContactEntity.EmailValiated == 1 && userLogonRemind.EmailRemind == 1)
                 {
                     string subject = userInfo.CompanyName + " - " + userInfo.NickName + " 登录" + systemName + " 系统提醒";
                     string body    = userInfo.UserName + System.Environment.NewLine + ":<br/>"
                                      + DateTime.Now.ToString(BaseSystemInfo.DateTimeFormat) + "登录了" + systemName + ";<br/>" + System.Environment.NewLine
                                      + "编号:" + userInfo.Code + ";<br/> " + System.Environment.NewLine
                                      + "登录系统:" + systemName + ";<br/> " + System.Environment.NewLine
                                      + "登录IP:" + userInfo.IPAddress + ";<br/> " + System.Environment.NewLine
                                      + "MAC地址:" + userInfo.MACAddress + ";<br/>" + System.Environment.NewLine
                                      + "如果不是您自己登录,请马上联系021-31165566,或即刻登录系统修改密码。";
                     SmtpClient smtp = new SmtpClient();
                     //邮箱的smtp地址
                     smtp.Host = "mail.zto.cn";//BaseSystemInfo.MailServer;
                     //端口号
                     smtp.Port = 25;
                     //构建发件人的身份凭据类
                     //smtp.Credentials = new NetworkCredential(BaseSystemInfo.MailUserName, BaseSystemInfo.MailPassword);
                     smtp.Credentials = new NetworkCredential("remind", "ztoremind#@!~");
                     //构建消息类
                     MailMessage objMailMessage = new MailMessage();
                     //设置优先级
                     objMailMessage.Priority = MailPriority.High;
                     //消息发送人
                     objMailMessage.From = new MailAddress("remind", "中通快递登录提醒", System.Text.Encoding.UTF8);
                     //收件人
                     objMailMessage.To.Add(userContactEntity.Email);
                     //标题
                     objMailMessage.Subject = subject;
                     //标题字符编码
                     objMailMessage.SubjectEncoding = System.Text.Encoding.UTF8;
                     //正文
                     objMailMessage.Body       = body;
                     objMailMessage.IsBodyHtml = true;
                     //内容字符编码
                     objMailMessage.BodyEncoding = System.Text.Encoding.UTF8;
                     //发送
                     smtp.Send(objMailMessage);
                 }
                 //用户手机存在,已验证,而且设置了登录时发送手机短信提醒 需要对网点扣费
                 if (!string.IsNullOrWhiteSpace(userContactEntity.Mobile) && userContactEntity.MobileValiated == 1 && userLogonRemind.MobileRemind == 1)
                 {
                     //根据朱工建议,增加判断登陆地是否发生变化
                     //获取最近两次的登录记录 按时间降序查询
                     BaseLoginLogManager loginLogManager        = new BaseLoginLogManager(userInfo);
                     List <BaseLoginLogEntity> loginLogEntities = loginLogManager.GetList <BaseLoginLogEntity>(new KeyValuePair <string, object>(BaseLoginLogEntity.FieldUserId, UserInfo.Id), 2, " CREATEON DESC ");
                     IpHelper ipHelper = new IpHelper();
                     string addressA   = ipHelper.FindName(loginLogEntities[0].IPAddress);
                     if (string.IsNullOrWhiteSpace(addressA))
                     {
                         addressA = ipHelper.FindName(loginLogEntities[0].IPAddress);
                     }
                     string addressB = ipHelper.FindName(loginLogEntities[1].IPAddress);
                     if (string.IsNullOrWhiteSpace(addressB))
                     {
                         addressB = ipHelper.FindName(loginLogEntities[1].IPAddress);
                     }
                     if (loginLogEntities[0] != null &&
                         loginLogEntities[1] != null &&
                         (!string.Equals(loginLogEntities[0].IPAddress, loginLogEntities[1].IPAddress, StringComparison.OrdinalIgnoreCase) ||
                          !string.Equals(addressA, addressB, StringComparison.OrdinalIgnoreCase)
                         ))
                     {
                         string url = "http://mas.zto.cn/WebAPIV42/API/Mobile/SendMessageByCompanyCode";
                         NameValueCollection postValues = new NameValueCollection();
                         postValues.Add("companyCode", userInfo.CompanyCode);
                         postValues.Add("mobiles", userContactEntity.Mobile);
                         string message = userInfo.NickName + ",您好!您的账号于" + DateTime.Now.ToString(BaseSystemInfo.DateTimeFormat) + "登录了" + systemName + ",登录IP:" + userInfo.IPAddress + ",如果不是您自己登录,请马上联系021-31165566,或即刻登录安全中心修改密码。";
                         postValues.Add("message", message);
                         postValues.Add("customerName", userInfo.NickName);
                         webClient.UploadValues(url, postValues);
                     }
                 }
                 //微信提醒
                 if (!string.IsNullOrWhiteSpace(userContactEntity.WeChat) && userContactEntity.WeChatValiated == 1 && userLogonRemind.WechatRemind == 1)
                 {
                     string url = "http://weixin.zto.cn/Template/WeiXinLogin";
                     NameValueCollection postValues = new NameValueCollection();
                     postValues.Add("first", "您已经成功登录系统");
                     postValues.Add("keyword1", userInfo.NickName);
                     postValues.Add("remark", userInfo.NickName + ",您的账号于" + DateTime.Now.ToString(BaseSystemInfo.DateTimeFormat) + "登录了" + systemName);
                     postValues.Add("OpenId", userContactEntity.WeChat);
                     //postValues.Add("url", "http://security.zt-express.com/changepassword"); 详情的链接
                     webClient.UploadValues(url, postValues);
                 }
             }
         }
         catch (Exception ex)
         {
             FileUtil.WriteMessage(userInfo.NickName + "登录提醒消息发送异常:" + ex.Message, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "Log" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
         }
     });
 }