Пример #1
0
        /// <summary>
        /// 用户登录验证
        /// <para>返回的哈希表包含键值:</para>
        /// <para>Msg 消息正文,值为[refresh]时需要刷新整个页面</para>
        /// <para>Url 跳转的URL链接</para>
        /// <para>IsCode 刷新验证码</para>
        /// </summary>
        /// <param name="userName">帐号名称</param>
        /// <param name="userPwd">帐号密码</param>
        /// <param name="checkCode">验证码</param>
        /// <param name="returnUrl">登录跳转页面</param>
        /// <param name="outEx">异常信息对象</param>
        /// <returns>验证结果</returns>
        public static Hashtable VerifyLogin(string userName, string userPwd, string checkCode, string returnUrl, out Exception outEx)
        {
            outEx = null;
            Hashtable ht = new Hashtable();

            ht.Add("Msg", GeneralHandler.FBaseInfo);
            ht.Add("Url", GeneralHandler.SiteLoginUrl);
            ht.Add("IsCode", false);
            try
            {
                if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(userPwd) || string.IsNullOrEmpty(checkCode))
                {
                    return(ht);
                }
                userPwd   = CryptoHelper.MD5(userPwd, true);
                checkCode = checkCode.ToLower();
                string verifyCode = HttpContext.Current.Session["CheckCode"] as string;
                verifyCode = verifyCode.ToLower();
                if (checkCode.Length != 4 || !ValidHelper.EngIsEngAndNum(checkCode) || checkCode != verifyCode)
                {
                    ht["Msg"]    = "您输入的验证码不正确[4个字符]。";
                    ht["IsCode"] = true;
                }
                else if (userName.Length < 4 || userName.Length > 16 || !ValidHelper.EngIsRegisters(userName))
                {
                    ht["Msg"] = "您输入的用户名不正确[4-16个字符]。";
                }
                else if (ValidHelper.IsSqlFilter(userName))
                {
                    ht["Msg"] = "您输入的用户名不正确[4-16个字符]。IsSqlFilter";
                }
                else if (!DawnAuthUserBLL.ExistsOfName(userName))
                {
                    ht["Msg"] = "您输入的用户名不存在!";
                }
                else
                {
                    var userIList = DawnAuthUserBLL.ISelect(string.Format("[user_name]='{0}' and [user_pwd]='{1}'", userName, userPwd));
                    if (userIList.Count == 0)
                    {
                        ht["Msg"] = "您输入的用户名与密码不匹配!";
                    }
                    else if (userIList.Count > 1)
                    {
                        ht["Msg"] = "您的账号存在异常,请联系管理员!";
                    }
                    else
                    {
                        var userInfo = userIList.First();
                        if (userInfo.UserStatus == 0)
                        {
                            ht["Msg"] = "您的账号存已禁用,请联系管理员!";
                        }
                        else if (userInfo.UserGrade < 1)
                        {
                            ht["Msg"] = "对不起,您的管理级别不符合!";
                        }
                        else
                        {
                            userIList.Clear();
                            HttpContext.Current.Session["LoginName"] = userName;
                            HttpContext.Current.Session[userName]    = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userInfo), GeneralHandler.TokenKey);
                            var userAuth = DawnAuthUserBLL.GetUserAuthority(userInfo.UserId);
                            HttpContext.Current.Session["LoginAuthority"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userAuth), GeneralHandler.TokenKey);
                            var userStat = DawnAuthUserBLL.GetUserStatus(userInfo.UserId);
                            HttpContext.Current.Session["LoginStatus"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userStat), GeneralHandler.TokenKey);
                            var userExtent = DawnAuthUserExtentBLL.ISelect(string.Format("user_id='{0}'", userInfo.UserId));
                            HttpContext.Current.Session["LoginExtent"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userExtent), GeneralHandler.TokenKey);
                            FormsAuthentication.SetAuthCookie(CryptoHelper.Encrypt(userName, GeneralHandler.TokenKey), false);

                            #region 登录日志

                            DawnAuthUserLoginMDL dataInfo = new DawnAuthUserLoginMDL();
                            dataInfo.UserId      = userInfo.UserId;
                            dataInfo.LogTime     = DateTime.Now;
                            dataInfo.LogIp       = RequestHelper.GetIPAddress();
                            dataInfo.LogMac      = DawnXZ.PHYUtility.ManagementHelper.Instance().MacAddress.ToUpper();
                            dataInfo.LogComputer = "Unknown";
                            dataInfo.LogAttach   = null;
                            dataInfo.LogCount    = 1;
                            DawnAuthUserLoginBLL.Insert(dataInfo);

                            #endregion

                            ht["Msg"] = GeneralHandler.StateSuccess;
                            ht["Url"] = string.IsNullOrEmpty(returnUrl) ? GeneralHandler.SiteLoginedUrl : returnUrl;
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                outEx     = ex;
                ht["Msg"] = GeneralHandler.StateRefresh;
            }
            return(ht);
        }
Пример #2
0
        public JsonResult Logined(FormCollection form)
        {
            Hashtable ht = new Hashtable();

            ht.Add("Msg", GeneralHandler.FBaseInfo);
            ht.Add("Url", GeneralHandler.SiteLoginUrl);
            ht.Add("IsCode", false);
            try
            {
                string txtUname = form["txtUname"] as string;
                string txtUpwd  = form["txtUpwd"] as string;
                txtUpwd = CryptoHelper.MD5(txtUpwd, true);
                string txtCheckCode = form["txtCheckCode"] as string;
                txtCheckCode = txtCheckCode.ToLower();
                string strCheckCode = Session["CheckCode"] as string;
                strCheckCode = strCheckCode.ToLower();
                if (txtCheckCode.Length != 4 || !ValidHelper.EngIsEngAndNum(txtCheckCode) || txtCheckCode != strCheckCode)
                {
                    ht["Msg"]    = "您输入的验证码不正确[4个字符]。";
                    ht["IsCode"] = true;
                }
                else if (txtUname.Length < 4 || txtUname.Length > 16 || !ValidHelper.EngIsRegisters(txtUname))
                {
                    ht["Msg"] = "您输入的用户名不正确[4-16个字符]。";
                }
                else if (ValidHelper.IsSqlFilter(txtUname))
                {
                    ht["Msg"] = "您输入的用户名不正确[4-16个字符]。IsSqlFilter";
                }
                else if (!DawnAuthUserBLL.ExistsOfName(txtUname))
                {
                    ht["Msg"] = "您输入的用户名不存在!";
                }
                else
                {
                    var userIList = DawnAuthUserBLL.ISelect(string.Format("[user_name]='{0}' and [user_pwd]='{1}'", txtUname, txtUpwd));
                    if (userIList.Count == 0)
                    {
                        ht["Msg"] = "您输入的用户名与密码不匹配!";
                    }
                    else if (userIList.Count > 1)
                    {
                        ht["Msg"] = "您的账号存在异常,请联系管理员!";
                    }
                    else
                    {
                        var userInfo = userIList.First();
                        if (userInfo.UserStatus == 0)
                        {
                            ht["Msg"] = "您的账号存已禁用,请联系管理员!";
                        }
                        else if (userInfo.UserGrade < 2)
                        {
                            ht["Msg"] = "对不起,您的管理级别不符合!";
                        }
                        else
                        {
                            userIList.Clear();
                            Session["LoginName"] = txtUname;
                            Session[txtUname]    = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userInfo), GeneralHandler.TokenKey);
                            var userAuth = DawnAuthUserBLL.GetUserAuthority(userInfo.UserId);
                            Session["LoginAuthority"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userAuth), GeneralHandler.TokenKey);
                            var userStat = DawnAuthUserBLL.GetUserStatus(userInfo.UserId);
                            Session["LoginStatus"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userStat), GeneralHandler.TokenKey);
                            var userExtent = DawnAuthUserExtentBLL.ISelect(string.Format("user_id='{0}'", userInfo.UserId));
                            Session["LoginExtent"] = CryptoHelper.Encrypt(JsonConvert.SerializeObject(userExtent), GeneralHandler.TokenKey);
                            FormsAuthentication.SetAuthCookie(CryptoHelper.Encrypt(txtUname, GeneralHandler.TokenKey), false);

                            #region 登录日志

                            DawnAuthUserLoginMDL dataInfo = new DawnAuthUserLoginMDL();
                            dataInfo.UserId      = userInfo.UserId;
                            dataInfo.LogTime     = DateTime.Now;
                            dataInfo.LogIp       = RequestHelper.GetIPAddress();
                            dataInfo.LogMac      = "Unknown";
                            dataInfo.LogComputer = "Unknown";
                            dataInfo.LogAttach   = null;
                            dataInfo.LogCount    = 1;
                            DawnAuthUserLoginBLL.Insert(dataInfo);

                            #endregion

                            ht["Msg"] = GeneralHandler.StateSuccess;
                            ht["Url"] = GeneralHandler.SiteLoginedUrl;
                            //var hidReturnUrl = form["hidReturnUrl"] as string;
                            //ht["Url"] = string.IsNullOrEmpty(hidReturnUrl) ? GeneralHandler.SiteLoginedUrl : hidReturnUrl;
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                //ht["Msg"] = GeneralHandler.StateRefresh;
                ht["Msg"] = "对不起!无法与数据库建立连接!请联系管理员!";
                GeneralHandler.InsertByError(ex);
            }
            return(Json(ht));
        }