public string VerifyUserPasswordAndGetUserToken(string userCode, string password)
{
//密码最长存留期
int passawordActive = int.Parse(systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.PassawordActive));
//帐号锁定阀值
int passwordLockCount = int.Parse(systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.PasswordLockCount));
User user = this.GetUser(userCode);
if (user == null)
{
return "NullAccouunt";
}
else if (!user.IsActive && user.Code != "su")
{
return "Invalid";
}
else if (user.PasswordExpired && user.Code != "su")
{
return "PasswordExpired";
}
else if (user.AccountLocked && user.Code != "su")
{
return "AccountLocked";
}
else
{
if (!EncryptHelper.Md5(password).Equals(user.Password, StringComparison.OrdinalIgnoreCase))
{
if (user.Code != "su")
{
UserLoginFailLog loginFaiilLog = new UserLoginFailLog
{
UserCode = user.Code,
UserName = user.Name,
LoginTime = System.DateTime.Now
};
this.genericMgr.Create(loginFaiilLog);
//判断登入失败是否超过帐号锁定阀值
IList<UserLoginFailLog> userLoginFailLog = this.genericMgr.FindAll<UserLoginFailLog>(" select u from UserLoginFailLog as u where u.UserCode=? ", user.Code);
if (userLoginFailLog != null && userLoginFailLog.Count >= passwordLockCount)
{
this.genericMgr.UpdateWithNativeQuery(" update ACC_User set AccountLocked=1 where Code=? ", user.Code);
return "AccountLocked1";
}
}
return "PasswordError";
}
else
{
if (user.Code != "su")
{
this.genericMgr.FindAllWithNativeSql("if exists (select 1 from ACC_UserLoginFailLog where UserCode=?)begin delete ACC_UserLoginFailLog where UserCode=? end", new object[] { user.Code, user.Code });
//判断是否超过密码最长存留期没有改密码
IList<UserUpdatePasswordLog> updatePwLogs = this.genericMgr.FindAll<UserUpdatePasswordLog>(" select u from UserUpdatePasswordLog as u where u.UserCode=? and u.UpdateTime>=? ", new object[] { user.Code, System.DateTime.Now.AddDays(-passawordActive).Date });
if (updatePwLogs == null || updatePwLogs.Count == 0)
{
this.genericMgr.UpdateWithNativeQuery(" update ACC_User set PasswordExpired=1 where Code=? ", user.Code);
return "PasswordExpired";
}
}
}
}
return this.GenerateUserToken(userCode);
}
public ActionResult Login(LogOnModel model, string returnUrl)
{
var systemFlag = systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.SystemFlag);
ViewBag.IsShow = systemFlag == "1";
var systemTitle = systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.SystemTitle);
ViewBag.SystemTitle = systemTitle;
//密码最长存留期
int passawordActive = int.Parse(systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.PassawordActive));
//帐号锁定阀值
int passwordLockCount = int.Parse(systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.PasswordLockCount));
if (ModelState.IsValid)
{
var isUserInDomain = false;
User user = this.securityMgr.GetUserWithPermissions(model.UserName);
if (user == null)
{
ModelState.AddModelError(string.Empty, Resources.ErrorMessage.Errors_Login_Password_MisMatch);
}
else if (!user.IsActive && user.Code != "su")
{
ModelState.AddModelError(string.Empty, "用户帐号已停用。请联系管理员!");
}
else if (user.PasswordExpired && user.Code != "su")
{
ModelState.AddModelError(string.Empty, "用户帐号密码已经过期。");
//修改密码
return RedirectToAction("ChangePassword", new { userCode =user.Code});
}
else if (user.AccountLocked && user.Code != "su")
{
ModelState.AddModelError(string.Empty, "帐号已锁定。请联系管理员!");
}
else
{
if (this.securityMgr.IsDomainAuthenticated(model.UserName, model.Password))
{
isUserInDomain = true;
}
if (!isUserInDomain && !model.HashedPassword.Equals(user.Password, StringComparison.OrdinalIgnoreCase))
{
ModelState.AddModelError(string.Empty, Resources.ErrorMessage.Errors_Login_Password_MisMatch);
UserLoginFailLog loginFaiilLog = new UserLoginFailLog
{
UserCode = user.Code,
UserName = user.Name,
LoginTime = System.DateTime.Now
};
this.genericMgr.Create(loginFaiilLog);
//判断是否超过3次登入失败
IList<UserLoginFailLog> userLoginFailLog = this.genericMgr.FindAll<UserLoginFailLog>(" select u from UserLoginFailLog as u where u.UserCode=? ",user.Code);
if (userLoginFailLog != null && userLoginFailLog.Count >= passwordLockCount)
{
//user.AccountLocked = true;
//this.genericMgr.Update(user);
this.genericMgr.UpdateWithNativeQuery(" update ACC_User set AccountLocked=1 where Code=? ",user.Code);
ModelState.AddModelError(string.Empty, "密码连续3次错误,帐号已锁定。请联系管理员!");
}
}
else
{
//this.genericMgr.Delete<UserLoginFailLog>(genericMgr.FindAll<UserLoginFailLog>(" from UserLoginFailLog as u where u.UserCode=? ",user.Code));
this.genericMgr.FindAllWithNativeSql("if exists (select 1 from ACC_UserLoginFailLog where UserCode=?)begin delete ACC_UserLoginFailLog where UserCode=? end",new object[]{ user.Code,user.Code });
//////判断用户停用等
//if (user.PasswordExpired && user.Code != "su")
//{
// return RedirectToAction("ChangePassword");
//}
//判断是否超过密码最长存留期没有改密码
IList<UserUpdatePasswordLog> updatePwLogs = this.genericMgr.FindAll<UserUpdatePasswordLog>(" select u from UserUpdatePasswordLog as u where u.UserCode=? and u.UpdateTime>=? ", new object[]{ user.Code,System.DateTime.Now.AddDays(-passawordActive).Date });
if (updatePwLogs == null || updatePwLogs.Count == 0)
{
//user.PasswordExpired = true;
//this.genericMgr.Update(user);
this.genericMgr.UpdateWithNativeQuery(" update ACC_User set PasswordExpired=1 where Code=? ", user.Code);
ModelState.AddModelError(string.Empty, "用户帐号密码已经过期。");
//修改密码
return RedirectToAction("ChangePassword", new { userCode = user.Code });
}
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
Session.Add(WebConstants.UserSessionKey, user);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Default", "Main");
}
}
}
}
//// If we got this far, something failed, redisplay form
return View(model);
}
