public void LoginAsync(string loginName, string password, Action <DataResponse <LoginedUser>, Exception> callback)
{
RpcRoot.JsonRpc.PostAsync(
_controllerName,
nameof(IUserController.Login),
RpcUser.GetSignData(loginName, password),
new object(),
callback);
}
protected bool IsValidAdmin <TResponse>(ISignableData data, out TResponse response, out UserData user) where TResponse : ResponseBase, new()
{
user = null;
if (!WebApiRoot.UserSet.IsReadied)
{
string message = "服务器用户集启动中,请稍后";
response = ResponseBase.NotExist <TResponse>(message);
return(false);
}
ClientSignData query = ClientSign;
if (!Timestamp.IsInTime(query.Timestamp))
{
response = ResponseBase.Expired <TResponse>();
return(false);
}
if (!string.IsNullOrEmpty(query.LoginName))
{
user = WebApiRoot.UserSet.GetUser(query.UserId);
}
if (user == null && !string.IsNullOrEmpty(query.LoginName))
{
user = WebApiRoot.UserSet.GetUser(query.UserId);
}
if (user == null)
{
string message = "用户不存在";
response = ResponseBase.NotExist <TResponse>(message);
return(false);
}
else if (!user.IsAdmin())
{
string message = "对不起,您不是超管";
response = ResponseBase.NotExist <TResponse>(message);
return(false);
}
string mySign = RpcUser.CalcSign(user.LoginName, user.Password, query.Timestamp, data);
if (query.Sign != mySign)
{
string message = "登录名或密码错误";
response = ResponseBase.Forbidden <TResponse>(message);
Write.DevDebug(() => $"{message} sign:{query.Sign} mySign:{mySign}");
return(false);
}
response = null;
return(true);
}
private static bool IsValidUser(
ClientSignData clientSign, ISignableData data, bool isLoginAction,
out ResponseBase response, out UserData user)
{
user = null;
if (!AppRoot.UserSet.IsReadied)
{
string message = "服务器用户集启动中,请稍后";
response = ResponseBase.NotExist(message);
return(false);
}
if (!Timestamp.IsInTime(clientSign.Timestamp))
{
response = ResponseBase.Expired();
return(false);
}
if (!string.IsNullOrEmpty(clientSign.LoginName))
{
user = AppRoot.UserSet.GetUser(clientSign.UserId);
}
if (user == null)
{
string message = "用户不存在";
response = ResponseBase.NotExist(message);
return(false);
}
if (isLoginAction)
{
if (!AppRoot.UserSet.CheckLoginTimes(clientSign.LoginName))
{
response = ResponseBase.Forbidden("对不起,您的尝试太过频繁");
return(false);
}
}
string mySign = RpcUser.CalcSign(user.LoginName, user.Password, clientSign.Timestamp, data);
if (clientSign.Sign != mySign)
{
string message = "签名错误:1. 可能因为登录名或密码错误;2. 可能因为软件版本过期需要升级软件。";
response = ResponseBase.Forbidden(message);
return(false);
}
response = null;
return(true);
}
protected bool IsValidUser <TResponse>(ISignableData data, out TResponse response, out UserData user) where TResponse : ResponseBase, new()
{
user = null;
if (!WebApiRoot.UserSet.IsReadied)
{
string message = "服务器用户集启动中,请稍后";
response = ResponseBase.NotExist <TResponse>(message);
return(false);
}
ClientSignData query = ClientSign;
if (!Timestamp.IsInTime(query.Timestamp))
{
response = ResponseBase.Expired <TResponse>();
return(false);
}
// 对于User来说LoginName可以是LoginName、Email、Mobile
if (!string.IsNullOrEmpty(query.LoginName))
{
user = WebApiRoot.UserSet.GetUser(UserId.Create(query.LoginName));
}
if (user == null)
{
string message = "用户不存在";
response = ResponseBase.NotExist <TResponse>(message);
return(false);
}
if (user.IsAdmin())
{
response = null;
return(true);
}
string mySign = RpcUser.CalcSign(user.LoginName, user.Password, query.Timestamp, data);
if (query.Sign != mySign)
{
string message = "签名错误:1. 可能因为登录名或密码错误;2. 可能因为软件版本过期需要升级软件,请将软件升级到最新版本再试。";
response = ResponseBase.Forbidden <TResponse>(message);
return(false);
}
response = null;
return(true);
}
public void LoginAsync(string loginName, string password, Action <DataResponse <LoginedUser>, Exception> callback)
{
RpcRoot.PostAsync(RpcRoot.OfficialServerHost, RpcRoot.OfficialServerPort, _controllerName, nameof(IUserController.Login), RpcUser.GetSignData(loginName, password), new SignRequest(), callback);
}
