public ApiResponse <SessionUser> Login(string userName, string passWord, int sysId, string ip)
{
Core.Model.BUser user = ValidateLogonUser(userName, passWord);
if (user != null)
{
Core.Model.BRole role = GetRoleByUserId(user.USR_ID);
if (role == null)
{
return(new ApiResponse <SessionUser> {
Success = false, Message = "当前登陆账户未分配角色权限!"
});
}
//判断当前角色的权限数量
List <Core.Model.BPermission> pmses = GetPermissionsBySysId(role.ROL_ID, sysId);
if (pmses.Count() == 0)
{
return(new ApiResponse <SessionUser> {
Success = false, Message = "您无权登录本系统,请联系系统管理员!"
});
}
LogOn(user.USR_ID, userName, ip);
return(new ApiResponse <SessionUser>(true, "", new SessionUser()
{
UserId = user.USR_ID, LoginName = userName, UserRole = new UserRole()
{
ID = role.ROL_ID, Name = role.ROL_DESC, Permissions = pmses
}
}));
}
return(new ApiResponse <SessionUser> {
Success = false, Message = "用户名或密码错误,或当前用户为无效状态!"
});
}
public Core.Model.BUser ValidateLogonUser(string loginName, string password)
{
try
{
Core.Model.BUser user = _usr.GetAllRw(" where USR_LOGINNAME=@USR_LOGINNAME and USR_PASSWORD=@USR_PASSWORD and USR_ACCESS_FLAG=1",
new SqlParameter("@USR_LOGINNAME", loginName), new SqlParameter("@USR_PASSWORD", Tool.MD5Lib.MD5(password))).FirstOrDefault();
return(user);
}
catch (Exception ex)
{
return(null);
}
}
