private void frmUserRight_Load(object sender, EventArgs e)
{
LoginUserManage lum = new LoginUserManage();
DataTable dtl = lum.GetLoginUserInfo();
ListItem item;
for (int i = 0; i < dtl.Rows.Count; i++)
{
item = new ListItem();
item.Text = dtl.Rows[i]["USERNAME"].ToString();
item.Value = dtl.Rows[i]["USERID"].ToString();
checkedListBox1.Items.Add(item);
}
UserRightManage urm = new UserRightManage();
dtl = urm.GetModule();
for (int i = 0; i < dtl.Rows.Count; i++)
{
item = new ListItem();
item.Text = dtl.Rows[i]["ModuleName"].ToString();
item.Value = dtl.Rows[i]["ModuleId"].ToString();
chLBPopedom.Items.Add(item);
}
}
private void btnSave_Click(object sender, EventArgs e)
{
if (txtOldPassword.Text.Trim() == "")
{
MessageBox.Show("Кв╩С╚внГ├▄┬в!", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Warning);
return;
}
if (txtNewPassword.Text.Trim() != txtNewPassword2.Text.Trim())
{
MessageBox.Show("Кв╩С╚в┴й┤╬¤Я═гх─л┬├▄┬в!", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Warning);
return;
}
LoginUserManage lum = new LoginUserManage();
if (!lum.CheckUserPassword(USERID, txtOldPassword.Text))
{
MessageBox.Show("├▄┬вляИ─╩Д░▄,Кв╝В▓жМ├╗Д├ч╗Ы├▄┬в╩С╚вН§╚илн!", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Stop);
return;
}
if (lum.ChangePassword(USERID, txtOldPassword.Text, txtNewPassword.Text))
{
MessageBox.Show("├▄┬вляИ─│╔╣д!", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
MessageBox.Show("├▄┬вляИ─╩Д░▄,Кв╝В▓жнГ├▄┬в╩Киы╩С╚вН§╚и!", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Stop);
}
this.Close();
}
public ActionResult Index(LogOnModel model)
{
#region 验证码验证
if (Session["__VCode"] == null || (Session["__VCode"] != null && model.ValidateCode != Session["__VCode"].ToString()))
{
ModelState.AddModelError("PersonName", "验证码错误!"); //return "";
return(View());
}
#endregion
if (ModelState.IsValid)
{
string accountId = AccountBLL.ValidateUser(model.PersonName, model.Password);
if (!string.IsNullOrWhiteSpace(accountId))
{//登录成功
Account account = new Account();
account.PersonName = model.PersonName;
account.Id = accountId;
Session["account"] = account;
LoginUserManage.Add(Session.SessionID, account.PersonName);
return(RedirectToAction("Index", "Home"));
}
}
ModelState.AddModelError("PersonName", "用户名或者密码出错。");
return(View());
}
public bool ValiddatePermission(string token, string controller, string action, string filePath)
{
bool bResult = false;
List <perm> perm = null;
perm = (List <perm>)HttpContext.Current.Session[filePath];
if (perm == null)
{
SysUserBLL userBLL = new SysUserBLL();
{
var userName = LoginUserManage.DecryptToken(token.Trim());
perm = userBLL.GetPermission(userName, controller); //获取当前用户的权限列表
HttpContext.Current.Session[filePath] = perm; //获取的劝降放入会话由Controller调用
}
}
//查询当前Action 是否有操作权限,大于0表示有,否则没有
int count = perm.Where(a => a.KeyCode.ToLower() == action.ToLower()).Count();
if (count > 0)
{
bResult = true;
}
else
{
bResult = false;
LoginUserManage.RedirectUrlFor401();
}
return(bResult);
}
public JsonResult Login(string UserName, string Password, string Code)
{
//if(Session["Code"]==null)
// return Json(JsonHandler.CreateMessage(0, "请重新刷新验证码"), JsonRequestBehavior.AllowGet);
//if (Session["Code"].ToString().ToLower() != Code.ToLower())
// return Json(JsonHandler.CreateMessage(0, "验证码错误"), JsonRequestBehavior.AllowGet);
SysUser user = accountBLL.Login(UserName, ValueConvert.MD5(Password));
if (user == null)
{
LogHandler.WriteServiceLog(UserName, ResultHelper.NowTime + "登录系统,IP:" + ResultHelper.GetUserIP() + "账户或密码错误", "失败", "登录", "系统入口");
return(Json(JsonHandler.CreateMessage(0, "用户名或密码错误"), JsonRequestBehavior.AllowGet));
}
else if (!Convert.ToBoolean(user.State))//被禁用
{
return(Json(JsonHandler.CreateMessage(0, "账户被系统禁用"), JsonRequestBehavior.AllowGet));
}
AccountModel account = new AccountModel();
account.Id = user.Id;
account.TrueName = user.TrueName;
account.Photo = string.IsNullOrEmpty(user.Photo)?"/Images/Photo.jpg":user.Photo;
account.UserName = user.UserName;
Session["Account"] = account;
GetThemes(user.Id);
LoginUserManage.Add(Session.SessionID, account.Id);
//在线用户统计
//OnlineHttpModule.ProcessRequest();
LogHandler.WriteServiceLog(UserName, ResultHelper.NowTime + "登录系统,IP:" + ResultHelper.GetUserIP(), "成功", "登录", "系统入口");
return(Json(JsonHandler.CreateMessage(1, ""), JsonRequestBehavior.AllowGet));
}
/// <summary>
/// 绑定下拉列表框,通用方法
/// </summary>
public void cboDataBind(ComboBox obj)
{
LoginUserManage lum = new LoginUserManage();
DataTable dtl = lum.GetLoginUserInfo();
ListItem item;
for (int i = 0; i < dtl.Rows.Count; i++)
{
item = new ListItem();
item.Text = dtl.Rows[i]["USERNAME"].ToString();
item.Value = dtl.Rows[i]["USERID"].ToString();
obj.Items.Add(item);
}
}
/// <summary>
/// 加载当前所有用户
/// </summary>
private void LoadLoginUser()
{
LoginUserManage LoginUserManage = new LoginUserManage();
DataTable dtl = LoginUserManage.GetLoginUserInfo();
ListItem listitem = new ListItem();
chklstUser.Items.Clear();
for (int i = 0; i < dtl.Rows.Count; i++)
{
listitem = new ListItem();
listitem.Text = dtl.Rows[i]["UserName"].ToString();
listitem.Value = dtl.Rows[i]["UserID"].ToString();
chklstUser.Items.Add(listitem);
}
}
//重写基类的验证方式,加入我们自定义的Ticket验证
public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
{
//url获取token
var content = actionContext.Request.Properties[ConfigPara.MS_HttpContext] as HttpContextBase;
var token = content.Request.QueryString[ConfigPara.Token];
if (!string.IsNullOrEmpty(token))
{
//解密用户ticket,并校验用户名密码是否匹配
//读取请求上下文中的Controller,Action,Id
var routes = new RouteCollection();
RouteConfig.RegisterRoutes(routes);
RouteData routeData = routes.GetRouteData(content);
//取出区域的控制器Action,id
string controller = actionContext.ActionDescriptor.ControllerDescriptor.ControllerName;
string action = actionContext.ActionDescriptor.ActionName;
//URL路径
string filePath = HttpContext.Current.Request.FilePath;
if (LoginUserManage.ValidateTicket(token) && ValiddatePermission(token, controller, action, filePath))
{
//已经登录,有权限,且没有单机登录限制
base.IsAuthorized(actionContext);
}
else
{
HandleUnauthorizedRequest(actionContext);
}
}
//如果取不到身份验证信息,并且不允许匿名访问,则返回未验证401
else
{
var attributes = actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().OfType <AllowAnonymousAttribute>();
bool isAnonymous = attributes.Any(a => a is AllowAnonymousAttribute);
if (isAnonymous)
{
base.OnAuthorization(actionContext);
}
else
{
HandleUnauthorizedRequest(actionContext);
}
}
}
private void login()
{
if (cboUserID.Text.Trim() == "")
{
MessageBox.Show("请选择用户名!", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Warning);
return;
}
if (txtPassword.Text.Trim() == "")
{
MessageBox.Show("请输入用户密码!", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Warning);
return;
}
LoginUserManage lum = new LoginUserManage();
if (lum.CheckUserPassword(((ListItem)cboUserID.SelectedItem).Value, txtPassword.Text))
{
SysParams.UserID = ((ListItem)cboUserID.SelectedItem).Value;
SysParams.UserName = ((ListItem)cboUserID.SelectedItem).Text;
//将本次登陆的用户名与项目名称存起来
WriteLoginUnitXML();
//this.DialogResult = DialogResult.OK;
this.Visible = false;
frmStorageMain frmStorageMain = new frmStorageMain();
frmStorageMain.ShowDialog();
}
else
{
MessageBox.Show("你输入的用户账号或用户密码有错误,请重输!", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Stop);
return;
}
}
