public bool GetBaseCaseFile(string linkkey, Com.HSJF.Infrastructure.Identity.Model.User user)
{
BaseCaseDAL bcd = new BaseCaseDAL();
var model = bcd.GetAuthorizeAndSelf(linkkey, user);
if (model != null)
{
return(true);
}
return(false);
}
/// <summary>
/// 是否可以下载或者查看文件
/// </summary>
/// <param name="linkkey"></param>
/// <param name="user"></param>
/// <returns></returns>
public bool CanViewFile(string linkkey, Com.HSJF.Infrastructure.Identity.Model.User user)
{
bool flag1 = GetBaseCaseFile(linkkey, user);
bool flag2 = IsInRole(user.Id).Result;
//GetBaseAuditFile(linkkey, CurrentUser.Id).Result;
if (flag1 || flag2)
{
return(true);
}
return(false);
}
public async Task <ActionResult> Login()
{
//统一登陆
if (WebConfigurationManager.AppSettings["LoginMode"] == "SSL")
{
var returnurl = Server.UrlEncode(HttpContext.Request.Url.AbsoluteUri);
if (!Request.Url.AbsoluteUri.ToLower().Contains(WebConfigurationManager.AppSettings["LoginKey"].ToLower()))
{
Response.Redirect(WebConfigurationManager.AppSettings["LoginUrl"] + "?returnUrl=" + returnurl + "&systemName=" + WebConfigurationManager.AppSettings["SystemName"]);
return(null);
}
byte[] _Key = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["Cryptokey"] ?? "HSJF!@#$12345678");
byte[] _IV = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["CryptoIV"] ?? "HSJF^%$#12345678");
var userinfo = Request.QueryString[WebConfigurationManager.AppSettings["LoginKey"]];
byte[] outputb = Convert.FromBase64String(userinfo);
SymmCrypto symm = new SymmCrypto(_Key, _IV);
var userstr = symm.DecryptToString(outputb, Encoding.UTF8);
JavaScriptSerializer jsonSerializer = new JavaScriptSerializer();
var luser = (LoginUser)jsonSerializer.Deserialize(userstr, typeof(LoginUser));
Microsoft.Owin.IOwinContext OwinContext = HttpContext.GetOwinContext();
//初始化用户管理相关
UserStore userStore = new UserStore();
UserDAL userdal = new UserDAL();
UserManager UserManager = new UserManager(userStore);
Com.HSJF.Infrastructure.Identity.Model.User user = new Com.HSJF.Infrastructure.Identity.Model.User {
UserName = luser.LoginName
};
//byte[] _Key = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["Cryptokey"] ?? "HSJF!@#$12345678");
//byte[] _IV = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["CryptoIV"] ?? "HSJF^%$#12345678");
var newuser = UserManager.FindByName(luser.LoginName);
user.Password = symm.DecryptToString(Convert.FromBase64String(newuser.Password));
if (!userdal.FindUser(user.UserName, Convert.ToBase64String(symm.EncryptFromString(user.Password))))
{
ModelState.AddModelError("", "用户名不存在或者已被禁用!");
return(View());
}
Microsoft.AspNet.Identity.Owin.SignInStatus SignInStatus = await PrivateLogin(user.UserName, user.Password);
System.Web.HttpContext.Current.Session["_currentUser"] = UserManager.FindByName(user.UserName);
return(RedirectToAction("Index", "Home"));
}
return(View());
}
public async Task <ActionResult> Login(LoginViewModel usermodel)
{
if (!ModelState.IsValid)
{
return(View(usermodel));
}
Microsoft.Owin.IOwinContext OwinContext = HttpContext.GetOwinContext();
//初始化用户管理相关
UserStore userStore = new UserStore();
UserDAL userdal = new UserDAL();
UserManager UserManager = new UserManager(userStore);
//初始化权限管理相关
PermissionStore ps = new PermissionStore();
PermissionManager pm = new PermissionManager(ps);
//登录
SignInManager signInManager = new SignInManager(UserManager, OwinContext.Authentication);
Microsoft.AspNet.Identity.Owin.SignInStatus SignInStatus;
string pass = usermodel.Password;
string username = usermodel.LoginName;
var user = new Com.HSJF.Infrastructure.Identity.Model.User {
UserName = username, Password = pass
};
byte[] _Key = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["Cryptokey"] ?? "HSJF!@#$12345678");
byte[] _IV = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["CryptoIV"] ?? "HSJF^%$#12345678");
SymmCrypto symm = new SymmCrypto(_Key, _IV);
if (!userdal.FindUser(usermodel.LoginName, Convert.ToBase64String(symm.EncryptFromString(usermodel.Password))))
{
ModelState.AddModelError("", "用户名不存在或者已被禁用!");
return(View());
}
//域登陆
if (WebConfigurationManager.AppSettings["LoginMode"] == "LDAP")
{
LdapAuthentication ldap = new LdapAuthentication();
if (!ldap.IsAuthenticated(usermodel.LoginName, usermodel.Password))
{
ModelState.AddModelError("", "用户名或者密码错误!");
return(View());
}
var newuser = UserManager.FindByName(username);
user.Password = symm.DecryptToString(Convert.FromBase64String(newuser.Password));
}
SignInStatus = await PrivateLogin(user.UserName, user.Password);
switch (SignInStatus)
{
//成功
case Microsoft.AspNet.Identity.Owin.SignInStatus.Success:
//此处表示已经在startup 中配置
//标示
//System.Security.Claims.ClaimsIdentity identity = UserManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);
//授权登陆
//AutherticationManager.SignIn(new Microsoft.Owin.Security.AuthenticationProperties { IsPersistent = true }, identity);
System.Web.HttpContext.Current.Session["_currentUser"] = signInManager.UserManager.FindByName(user.UserName);
return(RedirectToAction("Index", "Home"));
//锁定
case Microsoft.AspNet.Identity.Owin.SignInStatus.LockedOut:
Response.Write("LockedOut!");
break;
//要求验证
case Microsoft.AspNet.Identity.Owin.SignInStatus.RequiresVerification:
Response.Write("RequiresVerification!");
break;
//登录失败
case Microsoft.AspNet.Identity.Owin.SignInStatus.Failure:
ModelState.AddModelError("", @"用户名或者密码错误!");
return(View());
}
return(View());
}
