/// <summary>
/// 构造验证邮件链接
/// </summary>
/// <param name="step"></param>
/// <returns></returns>
private string buldValidateEmail(MessageStep step, string email, string code, out int expiredTime)
{
string url = LoadSettingsByKeys(Settings.ValidateEmailLink).Value;
//var user = DataOperateBasic<Base_User>.Get().GetModel(receiveId);
string sourceData = step.ToString() + "#" + email + "#" + code;
//处理时解密校验
string encryptData = DesTool.DesEncrypt(sourceData);
expiredTime = 0;
//构造链接
switch (step)
{
case MessageStep.RegisterActive:
expiredTime = LoadSettingsByKeys(Settings.RegisterActiveUrlValidity).Value.ToInt32Req() * 60;
break;
case MessageStep.CertificationValid:
expiredTime = LoadSettingsByKeys(Settings.CertificationValidTime).Value.ToInt32Req();
break;
case MessageStep.FindPwd:
expiredTime = LoadSettingsByKeys(Settings.FindPwdUrlValidity).Value.ToInt32Req();
break;
default:
throw new Exception("该消息类型不支持生成Email链接类邮件");
}
string strLink = string.Format("{0}?code={1}", url, encryptData);
return(strLink);
}
public ActionResult ChangePasswod(string oldPWD, string newPWD, string confirmPWD)
{
oldPWD = DesTool.DesEncrypt(oldPWD);
ResultView <int> view = new ResultView <int>();
if (newPWD != confirmPWD)
{
view.Flag = false;
view.Message = "请重新确认密码!";
return(Json(view));
}
Result <Base_User> userResult = new Result <Base_User>();
Result <int> result = new Result <int>();
using (AdminClientProxy proxy = new AdminClientProxy(ProxyEx(Request)))
{
var id = CurrentUser.UserId;
userResult = proxy.GetUserModel(id);
if (userResult.Data.PassWord != oldPWD)
{
view.Flag = false;
view.Message = "原密码输入错误!";
return(Json(view));
}
else
{
result = proxy.UpdateUserPassword(id, DesTool.DesEncrypt(newPWD));
}
}
return(Json(result.ToResultView()));
}
public ActionResult Add(Base_User model)
{
string fileDataJson = Request.Form["fileDataJson"]; //获取上传文件json字符串
List <Base_Files> fileList = JsonConvert.DeserializeObject <List <Base_Files> >(fileDataJson); //将文件信息json字符串序列化为列表
string belong = RoleType.Supplier.ToString();
Result <int> result = new Result <int>();
using (AdminClientProxy proxy = new AdminClientProxy(ProxyEx(Request)))
{
model.PassWord = "******";
model.PassWord = DesTool.DesEncrypt(model.PassWord);//用户密码加密
result = proxy.AddUser(model, fileList);
}
return(Json(result.ToResultView()));
}
public ActionResult Add(Base_User model)
{
//权限检查
Helper.IsCheck(HttpContext, AdminModule.AdminUserManager.ToString(), SystemRight.Add.ToString(), true);
string fileDataJson = Request.Form["fileDataJsonFile"]; //获取上传文件json字符串
List <Base_Files> fileList = JsonConvert.DeserializeObject <List <Base_Files> >(fileDataJson); //将文件信息json字符串序列化为列表
Result <int> result = new Result <int>();
using (AdminClientProxy proxy = new AdminClientProxy(ProxyEx(Request)))
{
model.PassWord = DesTool.DesEncrypt("123456");//用户密码加密
result = proxy.AddUser(model, fileList);
}
return(Json(result.ToResultView()));
}
public object UpdatePwd(UserPwd model)
{
if (model == null)
{
return(Json(APIResult.GetErrorResult("请输入旧密码!")));
}
string oldpwd = model.oldpwd;
string pwd = model.pwd;
if (string.IsNullOrWhiteSpace(oldpwd))
{
return(Json(APIResult.GetErrorResult("请输入旧密码!")));
}
if (string.IsNullOrWhiteSpace(pwd))
{
return(Json(APIResult.GetErrorResult("请输入新密码!")));
}
if (pwd.Equals(oldpwd))
{
return(Json(APIResult.GetErrorResult("新密码不能和旧密码相同!")));
}
oldpwd = APIAESTool.AesDecrypt(oldpwd);
oldpwd = DesTool.DesEncrypt(oldpwd);
pwd = APIAESTool.AesDecrypt(pwd);
pwd = DesTool.DesEncrypt(pwd);
var user = CurrentUserView;
if (user != null)
{
using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(user)))
{
var result = proxy.UpdatePassword(user.UserId, oldpwd, pwd);
if (result.Flag == EResultFlag.Success)
{
return(Json(APIResult.GetSuccessResult("密码修改成功!")));
}
return(Json(APIResult.GetErrorResult(MsgCode.CommonError, result.Exception.Decription)));
}
}
return(Json(APIResult.GetErrorResult(MsgCode.InvalidToken)));
}
public ActionResult Login(string userName, string password, string verifyCode, string isRemember)
{
ResultView <string> result;
try
{
userName = userName ?? Request.Form["userName"];
password = password ?? Request.Form["password"];
verifyCode = verifyCode ?? Request.Form["verifyCode"];
isRemember = isRemember ?? Request.Form["isRemember"];
if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(password))
{
result = (new ResultView <string> {
Flag = false, Message = "用户名或登录密码为空!"
});
return(Json(result));
}
if (string.IsNullOrWhiteSpace(verifyCode))
{
result = (new ResultView <string> {
Flag = false, Message = "请输入验证码!"
});
return(Json(result));
}
string code = (Session[ConstStr_Session.CurrValidateCode] ?? "").ToString();
if (string.IsNullOrWhiteSpace(code))
{
result = (new ResultView <string> {
Flag = false, Message = "验证码超时!"
});
return(Json(result));
}
if (!verifyCode.Equals(code))
{
result = (new ResultView <string> {
Flag = false, Message = "验证码错误,请重新输入!"
});
return(Json(result));
}
password = DesTool.DesEncrypt(password);
using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(Request)))
{
Result <UserView> loginResult = proxy.Login(userName, password, IsOpenSxLogin);
if (loginResult.Flag == 0)
{
Session[ConstStr_Session.CurrentUserEntity] = loginResult.Data;
//自动登录
if ("true".Equals(isRemember))
{
//保存用户名
HttpCookie cook = new HttpCookie(ConstString.COOKIEADMINNAME);
cook.Value = userName;
cook.Expires = DateTime.Now.AddDays(7);
Response.Cookies.Add(cook);
//保存密码
cook = new HttpCookie(ConstString.COOKIEADMINPWD);
cook.Value = password;
cook.Expires = DateTime.Now.AddDays(7);
Response.Cookies.Add(cook);
//存储在票据中,使用User.Identity或Request 中的Cookie 解密获取Ticket
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, userName, DateTime.Now,
DateTime.Now.AddMinutes(Session.Timeout - 1), false, userName);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
authCookie.HttpOnly = true;
Response.Cookies.Add(authCookie);
authTicket = new FormsAuthenticationTicket(1, password, DateTime.Now,
DateTime.Now.AddMinutes(Session.Timeout - 1), false, password);
encryptedTicket = FormsAuthentication.Encrypt(authTicket);
authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
authCookie.HttpOnly = true;
Response.Cookies.Add(authCookie);
}
else//清除cookie
{
var nameCookie = new HttpCookie(ConstString.COOKIEADMINNAME);
var pwdCookie = new HttpCookie(ConstString.COOKIEADMINPWD);
nameCookie.Expires = DateTime.Now.AddDays(-1);
pwdCookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Add(nameCookie);
Response.Cookies.Add(pwdCookie);
}
LoadUserRight(loginResult.Data.RoleType.ToString(), loginResult.Data.UserId);
result = (new ResultView <string> {
Flag = true, Message = "登录成功,正在跳转...", Data = "/Home/SignIndex"
});
}
else
{
result = (new ResultView <string> {
Flag = false, Message = loginResult.Exception.Decription
});
}
}
}
catch (Exception e)
{
//验证不通过,给出错误提示
return(Json(new ResultView <string> {
Flag = false, Message = "登录异常!" + e.Message
}));
}
return(Json(result));
}
public ActionResult Login(string username, string password, string verifyCode)
{
//IAcsClient client = null;
//IClientProfile profile = DefaultProfile.GetProfile("cn-hangzhou", ConstString.KeyId, ConstString.KeySecret);
//client = new DefaultAcsClient(profile);
//DefaultProfile.AddEndpoint("cn-hangzhou", "cn-hangzhou", "Jaq", "jaq.aliyuncs.com");
//AfsCheckRequest request = new AfsCheckRequest();
//request.Platform = 3;//必填参数,请求来源: 1:Android端; 2:iOS端; 3:PC端及其他
//request.Session = Request.Params["csessionid"];// 必填参数,从前端获取,不可更改
//request.Sig = Request.Params["sig"];// 必填参数,从前端获取,不可更改
//request.Token = Request.Params["token"];// 必填参数,从前端获取,不可更改
//request.Scene = Request.Params["scene"];// 必填参数,从前端获取,不可更改
ResultView <string> result = new ResultView <string>();
password = DesTool.DesEncrypt(password);
try
{
if (string.IsNullOrWhiteSpace(verifyCode))
{
result = (new ResultView <string> {
Flag = false, Message = "请输入验证码!"
});
return(Json(result));
}
string code = (Session[ConstStr_Session.CurrValidateCode] ?? "").ToString();
if (string.IsNullOrWhiteSpace(code))
{
result = (new ResultView <string> {
Flag = false, Message = "验证码超时!"
});
return(Json(result));
}
if (!verifyCode.Equals(code))
{
result = (new ResultView <string> {
Flag = false, Message = "验证码错误,请重新输入!"
});
return(Json(result));
}
//AfsCheckResponse response = client.GetAcsResponse(request);
//if (response.ErrorCode == null || response.ErrorCode.Value == 0)
//{
Result <UserView> loginResult = new Result <UserView>();
using (AdminClientProxy proxy = new AdminClientProxy(ProxyEx(Request, username)))
{
loginResult = proxy.Login(username, password, RoleType.Admin);
}
if (loginResult.Flag == 0)
{
Session[ConstStr_Session.CurrentUserEntity] = loginResult.Data;
string isAuto = Request.Form["autologin"];
//自动登录
if (!string.IsNullOrEmpty(isAuto))
{
//保存用户名
HttpCookie cook = new HttpCookie(ConstString.COOKIEADMINNAME);
cook.Value = username;
cook.Expires = DateTime.Now.AddDays(7);
Response.Cookies.Add(cook);
//保存密码
cook = new HttpCookie(ConstString.COOKIEADMINPWD);
cook.Value = password;
cook.Expires = DateTime.Now.AddDays(7);
Response.Cookies.Add(cook);
//存储在票据中,使用User.Identity或Request 中的Cookie 解密获取Ticket
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, username, DateTime.Now,
DateTime.Now.AddMinutes(Session.Timeout - 1), false, username);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
authCookie.HttpOnly = true;
Response.Cookies.Add(authCookie);
authTicket = new FormsAuthenticationTicket(1, password, DateTime.Now,
DateTime.Now.AddMinutes(Session.Timeout - 1), false, password);
encryptedTicket = FormsAuthentication.Encrypt(authTicket);
authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
authCookie.HttpOnly = true;
Response.Cookies.Add(authCookie);
}
else//清除cookie
{
var nameCookie = new HttpCookie(ConstString.COOKIEADMINNAME);
var pwdCookie = new HttpCookie(ConstString.COOKIEADMINPWD);
nameCookie.Expires = DateTime.Now.AddDays(-1);
pwdCookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Add(nameCookie);
Response.Cookies.Add(pwdCookie);
//Response.Cookies.Remove(ConstString.COOKIEADMINNAME);
//Response.Cookies.Remove(ConstString.COOKIEADMINPWD);
}
result = (new ResultView <string> {
Flag = true, Message = "登录成功,正在跳转..."
});
}
else
{
result = (new ResultView <string> {
Flag = false, Message = loginResult.Exception.Decription
});
}
//}
//else
//{
// result = (new ResultView<string> { Flag = false, Message = "Error:验证码错误" });
//}
}
catch (Exception e)
{
//验证不通过,给出错误提示
return(Json(new ResultView <string> {
Flag = false, Message = "验证码错误" + e.Message
}));
}
return(Json(result));
}
/// <summary>
/// 执行登录
/// </summary>
/// <param name="user"></param>
/// <param name="pwd">OCeSdjE6K7zhDnoxh07rqg==,是111111的aes加密结果,DF57306D30FED672是平台111111加密结果</param>
/// <param name="type"></param>
/// <param name="token">登录成功输出token</param>
/// <returns></returns>
private bool login(string user, string pwd, int sys, out string token)
{
//移动端过来的密码先通过通用解密,再通过c#加密
pwd = APIAESTool.AesDecrypt(pwd);
pwd = DesTool.DesEncrypt(pwd);
token = "";
#region 调用基础平台验证用户账号密码
if (IsOpenHbLogin == "1")
{
string url = LoginUrl + "?RequestParam={%22Param%22:{%22envRoot%22:{%22Product%22:%22BIM%22},%22paramRoot%22:{%22UserName%22:%22" + user + "%22,%22UserPass%22:%22" + pwd + "%22}}}";
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "GET";
request.ContentType = "multipart/form-data";
string responseStr = string.Empty;
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
StreamReader reader = new StreamReader(response.GetResponseStream(), Encoding.GetEncoding("UTF-8"));
responseStr = reader.ReadToEnd().ToString();
reader.Close();
LoginResult result = null;
if (!string.IsNullOrEmpty(responseStr))
{
result = JsonConvert.DeserializeObject <LoginResult>(responseStr);//将文件信息json字符
}
if (result == null || result.errorCode != "0")
{
return(false);
}
}
}
#endregion
//获取数据库用户信息
Result <UserView> login = new Result <UserView>();
using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx("")))
{
login = proxy.Login(user, pwd, IsOpenHbLogin);
}
if (login.Flag == 0 && login.Data != null)
{
string tempToken = sys == 1 ? login.Data.AndroidToken : login.Data.IosToken;//模拟用户数据库中的token
//先去数据库查询该用户是否有token,没有则生成token
if (!string.IsNullOrEmpty(tempToken))
{
DateTime expiryTime = sys == 1 ? login.Data.AndroidTokenTime.Value : login.Data.IosTokenTime.Value;//模拟用户数据库中的token过期时间
//如果用户有token,检查是否在有效期
if (DateTime.Now <= expiryTime)
{
token = tempToken;
}
}
//无token或不在有效期则生成新token
if (string.IsNullOrEmpty(token))
{
token = CreateToken(sys);
}
using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(login.Data)))
{
Result <Base_User> baseUser = proxy.GetUserModel(login.Data.UserId);
Base_User u = baseUser.Data;
if (sys == 1)
{
u.AndroidToken = token;
u.AndroidTokenTime = DateTime.Now.AddDays(7);
}
else
{
u.IosToken = token;
u.IosTokenTime = DateTime.Now.AddDays(7);
}
var xxx = proxy.UpdateUser(u);
}
//TODO:因目前的token只是一个验证凭据,本身不附带业务信息,所以加密需求不强,但一定要使用https连接;如后期有扩展token需求,需要做加密或签名操作
return(true);
}
else
{
return(false);
}
}
public ActionResult UpdatePwd(string oldPwd, string pwd, string cpwd)
{
var userInfo = Session[ConstStr_Session.CurrentUserEntity] as UserView;
if (userInfo == null)
{
return(RedirectToAction("Login", "Currency"));
}
if (string.IsNullOrWhiteSpace(oldPwd) || string.IsNullOrWhiteSpace(pwd))
{
return(Json(new ResultView <bool>
{
Flag = false,
Data = false,
Message = "请输入登录密码!"
}));
}
if (!pwd.Equals(cpwd))
{
return(Json(new ResultView <bool>
{
Flag = false,
Data = false,
Message = "两次密码输入不一致!"
}));
}
if (oldPwd.Equals(pwd))
{
return(Json(new ResultView <bool>
{
Flag = false,
Data = false,
Message = "新密码不能和旧密码相同!"
}));
}
using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(Request)))
{
var checkResult = proxy.GetUserModel(userInfo.UserId);
if (checkResult.Flag == EResultFlag.Success && checkResult.Data != null)
{
if (!checkResult.Data.PassWord.Equals(DesTool.DesEncrypt(oldPwd)))
{
return(Json(new ResultView <bool>
{
Flag = false,
Data = false,
Message = "旧密码不正确!"
}));
}
var result = proxy.UpdatePassword(userInfo.UserId, DesTool.DesEncrypt(oldPwd), DesTool.DesEncrypt(pwd));
return(Json(result.ToResultView()));
}
return(Json(new ResultView <bool>
{
Flag = false,
Data = false,
Message = "新密码不能和旧密码相同!"
}));
}
}