public bool GetBaseCaseFile(string linkkey, Com.HSJF.Infrastructure.Identity.Model.User user) { BaseCaseDAL bcd = new BaseCaseDAL(); var model = bcd.GetAuthorizeAndSelf(linkkey, user); if (model != null) { return(true); } return(false); }
/// <summary> /// 是否可以下载或者查看文件 /// </summary> /// <param name="linkkey"></param> /// <param name="user"></param> /// <returns></returns> public bool CanViewFile(string linkkey, Com.HSJF.Infrastructure.Identity.Model.User user) { bool flag1 = GetBaseCaseFile(linkkey, user); bool flag2 = IsInRole(user.Id).Result; //GetBaseAuditFile(linkkey, CurrentUser.Id).Result; if (flag1 || flag2) { return(true); } return(false); }
public async Task <ActionResult> Login() { //统一登陆 if (WebConfigurationManager.AppSettings["LoginMode"] == "SSL") { var returnurl = Server.UrlEncode(HttpContext.Request.Url.AbsoluteUri); if (!Request.Url.AbsoluteUri.ToLower().Contains(WebConfigurationManager.AppSettings["LoginKey"].ToLower())) { Response.Redirect(WebConfigurationManager.AppSettings["LoginUrl"] + "?returnUrl=" + returnurl + "&systemName=" + WebConfigurationManager.AppSettings["SystemName"]); return(null); } byte[] _Key = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["Cryptokey"] ?? "HSJF!@#$12345678"); byte[] _IV = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["CryptoIV"] ?? "HSJF^%$#12345678"); var userinfo = Request.QueryString[WebConfigurationManager.AppSettings["LoginKey"]]; byte[] outputb = Convert.FromBase64String(userinfo); SymmCrypto symm = new SymmCrypto(_Key, _IV); var userstr = symm.DecryptToString(outputb, Encoding.UTF8); JavaScriptSerializer jsonSerializer = new JavaScriptSerializer(); var luser = (LoginUser)jsonSerializer.Deserialize(userstr, typeof(LoginUser)); Microsoft.Owin.IOwinContext OwinContext = HttpContext.GetOwinContext(); //初始化用户管理相关 UserStore userStore = new UserStore(); UserDAL userdal = new UserDAL(); UserManager UserManager = new UserManager(userStore); Com.HSJF.Infrastructure.Identity.Model.User user = new Com.HSJF.Infrastructure.Identity.Model.User { UserName = luser.LoginName }; //byte[] _Key = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["Cryptokey"] ?? "HSJF!@#$12345678"); //byte[] _IV = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["CryptoIV"] ?? "HSJF^%$#12345678"); var newuser = UserManager.FindByName(luser.LoginName); user.Password = symm.DecryptToString(Convert.FromBase64String(newuser.Password)); if (!userdal.FindUser(user.UserName, Convert.ToBase64String(symm.EncryptFromString(user.Password)))) { ModelState.AddModelError("", "用户名不存在或者已被禁用!"); return(View()); } Microsoft.AspNet.Identity.Owin.SignInStatus SignInStatus = await PrivateLogin(user.UserName, user.Password); System.Web.HttpContext.Current.Session["_currentUser"] = UserManager.FindByName(user.UserName); return(RedirectToAction("Index", "Home")); } return(View()); }
public async Task <ActionResult> Login(LoginViewModel usermodel) { if (!ModelState.IsValid) { return(View(usermodel)); } Microsoft.Owin.IOwinContext OwinContext = HttpContext.GetOwinContext(); //初始化用户管理相关 UserStore userStore = new UserStore(); UserDAL userdal = new UserDAL(); UserManager UserManager = new UserManager(userStore); //初始化权限管理相关 PermissionStore ps = new PermissionStore(); PermissionManager pm = new PermissionManager(ps); //登录 SignInManager signInManager = new SignInManager(UserManager, OwinContext.Authentication); Microsoft.AspNet.Identity.Owin.SignInStatus SignInStatus; string pass = usermodel.Password; string username = usermodel.LoginName; var user = new Com.HSJF.Infrastructure.Identity.Model.User { UserName = username, Password = pass }; byte[] _Key = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["Cryptokey"] ?? "HSJF!@#$12345678"); byte[] _IV = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["CryptoIV"] ?? "HSJF^%$#12345678"); SymmCrypto symm = new SymmCrypto(_Key, _IV); if (!userdal.FindUser(usermodel.LoginName, Convert.ToBase64String(symm.EncryptFromString(usermodel.Password)))) { ModelState.AddModelError("", "用户名不存在或者已被禁用!"); return(View()); } //域登陆 if (WebConfigurationManager.AppSettings["LoginMode"] == "LDAP") { LdapAuthentication ldap = new LdapAuthentication(); if (!ldap.IsAuthenticated(usermodel.LoginName, usermodel.Password)) { ModelState.AddModelError("", "用户名或者密码错误!"); return(View()); } var newuser = UserManager.FindByName(username); user.Password = symm.DecryptToString(Convert.FromBase64String(newuser.Password)); } SignInStatus = await PrivateLogin(user.UserName, user.Password); switch (SignInStatus) { //成功 case Microsoft.AspNet.Identity.Owin.SignInStatus.Success: //此处表示已经在startup 中配置 //标示 //System.Security.Claims.ClaimsIdentity identity = UserManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie); //授权登陆 //AutherticationManager.SignIn(new Microsoft.Owin.Security.AuthenticationProperties { IsPersistent = true }, identity); System.Web.HttpContext.Current.Session["_currentUser"] = signInManager.UserManager.FindByName(user.UserName); return(RedirectToAction("Index", "Home")); //锁定 case Microsoft.AspNet.Identity.Owin.SignInStatus.LockedOut: Response.Write("LockedOut!"); break; //要求验证 case Microsoft.AspNet.Identity.Owin.SignInStatus.RequiresVerification: Response.Write("RequiresVerification!"); break; //登录失败 case Microsoft.AspNet.Identity.Owin.SignInStatus.Failure: ModelState.AddModelError("", @"用户名或者密码错误!"); return(View()); } return(View()); }