public CustomJsonResult LoginByAccount(RopOwnLoginByAccount rop)
{
var result = new CustomJsonResult();
var ret = new RetOwnLoginByAccount();
var sysUser = CurrentDb.SysUser.Where(m => m.UserName == rop.UserName).FirstOrDefault();
if (sysUser == null)
{
LoginLog("", "", Enumeration.LoginResult.Failure, rop.LoginWay, rop.Ip, "", "登录失败,账号不存在");
return(new CustomJsonResult(ResultType.Failure, ResultCode.Failure, "登录失败,账号不存在"));
}
if (!PassWordHelper.VerifyHashedPassword(sysUser.PasswordHash, rop.Password))
{
LoginLog(sysUser.Id, sysUser.Id, Enumeration.LoginResult.Failure, rop.LoginWay, rop.Ip, "", "登录失败,密码不正确");
return(new CustomJsonResult(ResultType.Failure, ResultCode.Failure, "登录失败,密码不正确"));
}
if (sysUser.IsDisable)
{
LoginLog(sysUser.Id, sysUser.Id, Enumeration.LoginResult.Failure, rop.LoginWay, rop.Ip, "", "登录失败,账号已被禁用");
return(new CustomJsonResult(ResultType.Failure, ResultCode.Failure, "登录失败,账号已被禁用"));
}
ret.Token = GuidUtil.New();
var tokenInfo = new TokenInfo();
tokenInfo.UserId = sysUser.Id;
switch (sysUser.BelongSite)
{
case Enumeration.BelongSite.Agent:
var agentUser = CurrentDb.SysAgentUser.Where(m => m.Id == sysUser.Id).FirstOrDefault();
if (agentUser != null)
{
tokenInfo.AgentId = agentUser.AgentId;
}
break;
case Enumeration.BelongSite.Merch:
var merchUser = CurrentDb.SysMerchUser.Where(m => m.Id == sysUser.Id).FirstOrDefault();
if (merchUser != null)
{
tokenInfo.MerchId = merchUser.MerchId;
}
break;
}
LoginLog(sysUser.Id, sysUser.Id, Enumeration.LoginResult.Success, rop.LoginWay, rop.Ip, "", "登录成功");
SSOUtil.SetTokenInfo(ret.Token, tokenInfo, new TimeSpan(1, 0, 0));
result = new CustomJsonResult(ResultType.Success, ResultCode.Success, "登录成功", ret);
return(result);
}
public static void Postpone()
{
var userInfo = GetUserInfo();
if (userInfo != null)
{
SSOUtil.Postpone(userInfo.Token);
}
}
public CustomJsonResult CheckPermission(string operater, string userId, string token, RupOwnCheckPermission rop)
{
var result = new CustomJsonResult();
SSOUtil.Postpone(token);
result = new CustomJsonResult(ResultType.Success, ResultCode.Success, "检查成功");
return(result);
}
public CustomJsonResult Logout(string operater, string userId, string token)
{
var result = new CustomJsonResult();
SSOUtil.Quit(token);
result = new CustomJsonResult(ResultType.Success, ResultCode.Success, "退出成功");
return(result);
}
public static void Postpone()
{
var userInfo = GetUserInfo();
if (userInfo != null)
{
var context = HttpContext.Current;
var request = context.Request;
var response = context.Response;
var token = request.Cookies[OwnRequest.SESSION_NAME];
if (token == null)
{
SSOUtil.Postpone(token.Value);
}
}
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
try
{
DateTime requestTime = DateTime.Now;
var request = ((HttpContextWrapper)actionContext.Request.Properties["MS_HttpContext"]).Request;
var requestMethod = request.HttpMethod;
bool skipAuthorization = actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any();
if (skipAuthorization)
{
return;
}
var token = request.QueryString["token"];
if (token == null)
{
token = request.Headers["X-Token"];
}
if (string.IsNullOrEmpty(token))
{
OwnApiHttpResult result = new OwnApiHttpResult(ResultType.Failure, ResultCode.NeedLogin, "token不能为空");
actionContext.Response = new OwnApiHttpResponse(result);
base.OnActionExecuting(actionContext);
return;
}
var tokenInfo = SSOUtil.GetTokenInfo(token);
if (tokenInfo == null)
{
OwnApiHttpResult result = new OwnApiHttpResult(ResultType.Failure, ResultCode.NeedLogin, "token 已经超时");
actionContext.Response = new OwnApiHttpResponse(result);
return;
}
base.OnActionExecuting(actionContext);
}
catch (Exception ex)
{
LogUtil.Error(string.Format("API错误:{0}", ex.Message), ex);
OwnApiHttpResult result = new OwnApiHttpResult(ResultType.Exception, ResultCode.Exception, "内部错误");
actionContext.Response = new OwnApiHttpResponse(result);
return;
}
}
public static UserInfo GetUserInfo()
{
UserInfo userInfo = null;
var context = HttpContext.Current;
var request = context.Request;
var response = context.Response;
var token = request.Cookies[OwnRequest.SESSION_NAME];
if (token == null)
{
return(null);
}
userInfo = SSOUtil.GetUserInfo(token.Value);
return(userInfo);
}
public static void Quit()
{
var userInfo = GetUserInfo();
if (userInfo != null)
{
SSOUtil.Quit(userInfo.Token);
var context = HttpContext.Current;
var request = context.Request;
var response = context.Response;
HttpCookie cookie_session = request.Cookies[OwnRequest.SESSION_NAME];
if (cookie_session != null)
{
TimeSpan ts = new TimeSpan(-1, 0, 0, 0);
cookie_session.Expires = DateTime.Now.Add(ts);
response.AppendCookie(cookie_session);
}
}
}
public CustomJsonResult Login(RopLogin rop)
{
RetLogin ret = new RetLogin();
var result = AdminServiceFactory.AuthorizeRelay.SignIn(rop.UserName, rop.Password, CommonUtil.GetIP(), Enumeration.LoginType.Website);
if (result.ResultType == Enumeration.LoginResult.Failure)
{
if (result.ResultTip == Enumeration.LoginResultTip.UserNotExist || result.ResultTip == Enumeration.LoginResultTip.UserPasswordIncorrect)
{
return(Json(ResultType.Failure, ret, "用户名或密码不正确"));
}
if (result.ResultTip == Enumeration.LoginResultTip.UserDisabled)
{
return(Json(ResultType.Failure, ret, "账户被禁用"));
}
if (result.ResultTip == Enumeration.LoginResultTip.UserDeleted)
{
return(Json(ResultType.Failure, ret, "账户被删除"));
}
}
string key = GuidUtil.New();
UserInfo userInfo = new UserInfo();
userInfo.UserId = result.User.Id;
userInfo.UserName = result.User.UserName;
SSOUtil.SetUserInfo(key, userInfo);
Response.Cookies.Add(new HttpCookie(OwnRequest.SESSION_NAME, key));
ret.Url = rop.ReturnUrl;
return(Json(ResultType.Success, ret, "登录成功"));
}
public static UserInfo GetUserInfo()
{
UserInfo userInfo = null;
var context = HttpContext.Current;
var request = context.Request;
var response = context.Response;
var token = request.Cookies[OwnRequest.SESSION_NAME];
if (token == null)
{
return(null);
}
userInfo = SSOUtil.GetUserInfo(token.Value);
//userInfo = new UserInfo();
//userInfo.Token = "1";
//userInfo.UserId = 1000;
//userInfo.UserName = "******";
return(userInfo);
}
public CustomJsonResult LoginByMinProgram(RopOwnLoginByMinProgram rop)
{
var result = new CustomJsonResult();
var ret = new RetOwnLoginByMinProgram();
var merch = CurrentDb.Merch.Where(m => m.Id == rop.MerchId && m.WxMpAppId == rop.AppId).FirstOrDefault();
if (merch == null)
{
return(new CustomJsonResult(ResultType.Failure, ResultCode.Failure, "商户信息认证失败"));
}
var wxAppInfoConfig = new WxAppInfoConfig();
wxAppInfoConfig.AppId = merch.WxMpAppId;
wxAppInfoConfig.AppSecret = merch.WxMpAppSecret;
wxAppInfoConfig.PayMchId = merch.WxPayMchId;
wxAppInfoConfig.PayKey = merch.WxPayKey;
wxAppInfoConfig.PayResultNotifyUrl = merch.WxPayResultNotifyUrl;
wxAppInfoConfig.NotifyEventUrlToken = merch.WxPaNotifyEventUrlToken;
var wxUserInfoByMinProram = SdkFactory.Wx.GetUserInfoByMinProramJsCode(wxAppInfoConfig, rop.EncryptedData, rop.Iv, rop.Code);
if (wxUserInfoByMinProram == null)
{
return(new CustomJsonResult(ResultType.Failure, ResultCode.Failure, "获取微信用户信息失败"));
}
var wxUserInfo = CurrentDb.WxUserInfo.Where(m => m.OpenId == wxUserInfoByMinProram.openId).FirstOrDefault();
if (wxUserInfo == null)
{
string sysClientUserId = GuidUtil.New();
var sysClientUser = new SysClientUser();
sysClientUser.Id = sysClientUserId;
sysClientUser.UserName = string.Format("wx{0}", Guid.NewGuid().ToString().Replace("-", ""));
sysClientUser.PasswordHash = PassWordHelper.HashPassword("888888");
sysClientUser.SecurityStamp = Guid.NewGuid().ToString();
sysClientUser.RegisterTime = DateTime.Now;
sysClientUser.Nickname = wxUserInfoByMinProram.nickName;
sysClientUser.Sex = wxUserInfoByMinProram.gender;
sysClientUser.Province = wxUserInfoByMinProram.province;
sysClientUser.City = wxUserInfoByMinProram.city;
sysClientUser.Country = wxUserInfoByMinProram.country;
sysClientUser.Avatar = wxUserInfoByMinProram.avatarUrl;
sysClientUser.IsVip = false;
sysClientUser.CreateTime = DateTime.Now;
sysClientUser.Creator = sysClientUserId;
sysClientUser.BelongSite = Enumeration.BelongSite.Client;
CurrentDb.SysClientUser.Add(sysClientUser);
CurrentDb.SaveChanges();
wxUserInfo = new WxUserInfo();
wxUserInfo.Id = GuidUtil.New();
wxUserInfo.MerchId = rop.MerchId;
wxUserInfo.AppId = rop.AppId;
wxUserInfo.ClientUserId = sysClientUser.Id;
wxUserInfo.OpenId = wxUserInfoByMinProram.openId;
wxUserInfo.CreateTime = DateTime.Now;
wxUserInfo.Creator = sysClientUserId;
CurrentDb.WxUserInfo.Add(wxUserInfo);
CurrentDb.SaveChanges();
}
else
{
var sysClientUser = CurrentDb.SysClientUser.Where(m => m.Id == wxUserInfo.ClientUserId).FirstOrDefault();
if (sysClientUser != null)
{
sysClientUser.Nickname = wxUserInfoByMinProram.nickName;
sysClientUser.Sex = wxUserInfoByMinProram.gender;
sysClientUser.Province = wxUserInfoByMinProram.province;
sysClientUser.City = wxUserInfoByMinProram.city;
sysClientUser.Country = wxUserInfoByMinProram.country;
sysClientUser.Avatar = wxUserInfoByMinProram.avatarUrl;
}
CurrentDb.SaveChanges();
}
var tokenInfo = new TokenInfo();
ret.Token = GuidUtil.New();
tokenInfo.UserId = wxUserInfo.ClientUserId;
SSOUtil.SetTokenInfo(ret.Token, tokenInfo, new TimeSpan(1, 0, 0));
result = new CustomJsonResult(ResultType.Success, ResultCode.Success, "登录成功", ret);
return(result);
}
public CustomJsonResult Login(LoginModel model)
{
GoToViewModel gotoViewModel = new GoToViewModel();
var result = SysFactory.AuthorizeRelay.SignIn(model.UserName, model.Password, CommonUtils.GetIP(), Enumeration.LoginType.Website);
if (result.ResultType == Enumeration.LoginResult.Failure)
{
if (result.ResultTip == Enumeration.LoginResultTip.UserNotExist || result.ResultTip == Enumeration.LoginResultTip.UserPasswordIncorrect)
{
return(Json(ResultType.Failure, gotoViewModel, "用户名或密码不正确"));
}
if (result.ResultTip == Enumeration.LoginResultTip.UserDisabled)
{
return(Json(ResultType.Failure, gotoViewModel, "账户被禁用"));
}
if (result.ResultTip == Enumeration.LoginResultTip.UserDeleted)
{
return(Json(ResultType.Failure, gotoViewModel, "账户被删除"));
}
}
string host = "";
string returnUrl = "";
switch (result.User.Type)
{
case Enumeration.UserType.Staff:
host = System.Configuration.ConfigurationManager.AppSettings["custom:WebBackUrl"];
//returnUrl = string.Format("{0}?returnUrl={1}", host, model.ReturnUrl);
returnUrl = string.Format("{0}", host);
break;
case Enumeration.UserType.Client:
break;
case Enumeration.UserType.Agent:
host = System.Configuration.ConfigurationManager.AppSettings["custom:WebAgentUrl"];
//returnUrl = string.Format("{0}?returnUrl={1}", host, model.ReturnUrl);
returnUrl = string.Format("{0}", host);
break;
case Enumeration.UserType.Salesman:
break;
}
UserInfo userInfo = new UserInfo();
userInfo.UserId = result.User.Id;
userInfo.UserName = result.User.UserName;
userInfo.Token = Guid.NewGuid().ToString().Replace("-", "");
SSOUtil.SetUserInfo(userInfo);
gotoViewModel.Url = string.Format("{0}?token={1}", returnUrl, userInfo.Token);
return(Json(ResultType.Success, gotoViewModel, "登录成功"));
}
public RedirectResult Oauth2()
{
try
{
var request = Request;
var code = request.QueryString["code"];
var returnUrl = request.QueryString["returnUrl"];
LogUtil.Info("returnUrl=>" + (returnUrl == null ? "" : returnUrl.ToString()));
if (string.IsNullOrEmpty(code))
{
var url = SdkFactory.Wx.Instance().GetAuthorizeUrl(returnUrl);
LogUtil.Info("待跳转路径2:" + url);
return(Redirect(url));
}
else
{
var oauth2_Result = SdkFactory.Wx.Instance().GetWebOauth2AccessToken(code);
if (oauth2_Result.errcode == null)
{
LogUtil.Info("用户OpenId:" + oauth2_Result.openid);
LogUtil.Info("用户AccessToken:" + oauth2_Result.access_token);
var snsUserInfo_Result = SdkFactory.Wx.Instance().GetUserInfoByOAuth2Token(oauth2_Result.access_token, oauth2_Result.openid);
WxUserInfo wxUserInfo = new WxUserInfo();
wxUserInfo.AccessToken = oauth2_Result.access_token;
wxUserInfo.OpenId = oauth2_Result.openid;
wxUserInfo.ExpiresIn = DateTime.Now.AddSeconds(oauth2_Result.expires_in);
wxUserInfo.Nickname = snsUserInfo_Result.nickname;
wxUserInfo.Sex = snsUserInfo_Result.sex;
wxUserInfo.Province = snsUserInfo_Result.province;
wxUserInfo.City = snsUserInfo_Result.city;
wxUserInfo.Country = snsUserInfo_Result.country;
wxUserInfo.HeadImgUrl = snsUserInfo_Result.headimgurl;
wxUserInfo.UnionId = snsUserInfo_Result.unionid;
wxUserInfo = BizFactory.WxUser.CheckedUser(GuidUtil.New(), wxUserInfo);
if (wxUserInfo != null)
{
LogUtil.Info("用户Id:" + wxUserInfo.ClientId);
string key = GuidUtil.New();
UserInfo userInfo = new UserInfo();
userInfo.UserId = wxUserInfo.ClientId;
userInfo.WxOpenId = oauth2_Result.openid;
userInfo.WxAccessToken = oauth2_Result.access_token;
SSOUtil.SetUserInfo(key, userInfo);
Response.Cookies.Add(new HttpCookie(OwnRequest.SESSION_NAME, key));
LogUtil.Info("returnUrl.UrlDecode 前:" + returnUrl);
string s_returnUrl = HttpUtility.UrlDecode(returnUrl);
LogUtil.Info("returnUrl.UrlDecode 后:" + s_returnUrl);
s_returnUrl = s_returnUrl.Replace("|", "&");
LogUtil.Info("returnUrl.UrlDecode 替换|,&:" + s_returnUrl);
LogUtil.Info("returnUrl 最后返回:" + s_returnUrl);
if (!string.IsNullOrEmpty(s_returnUrl))
{
return(Redirect(s_returnUrl));
}
}
LogUtil.Info("用户跳进主页");
return(Redirect("/Home/Index"));
}
}
}
catch (Exception ex)
{
LogUtil.Error("微信Oauth2授权验证发生异常", ex);
}
return(Redirect("/Home/Oauth2"));
}
public CustomJsonResult Login(RopLogin rop)
{
RetLogin ret = new RetLogin();
if (Session[sesionKeyLoginVerifyCode] == null)
{
return(Json(ResultType.Failure, ret, "验证码超时"));
}
if (Session[sesionKeyLoginVerifyCode].ToString() != rop.VerifyCode)
{
return(Json(ResultType.Failure, ret, "验证码不正确"));
}
var result = AdminServiceFactory.AuthorizeRelay.SignIn(rop.UserName, rop.Password, CommonUtil.GetIP(), Enumeration.LoginType.Website);
if (result.ResultType == Enumeration.LoginResult.Failure)
{
if (result.ResultTip == Enumeration.LoginResultTip.UserNotExist || result.ResultTip == Enumeration.LoginResultTip.UserPasswordIncorrect)
{
return(Json(ResultType.Failure, ret, "用户名或密码不正确"));
}
if (result.ResultTip == Enumeration.LoginResultTip.UserDisabled)
{
return(Json(ResultType.Failure, ret, "账户被禁用"));
}
if (result.ResultTip == Enumeration.LoginResultTip.UserDeleted)
{
return(Json(ResultType.Failure, ret, "账户被删除"));
}
}
string host = "";
string returnUrl = "";
switch (result.User.Type)
{
case Enumeration.UserType.Staff:
host = System.Configuration.ConfigurationManager.AppSettings["custom:WebBackUrl"];
//returnUrl = string.Format("{0}?returnUrl={1}", host, model.ReturnUrl);
returnUrl = string.Format("{0}", "/Wb/Home/Index");
break;
case Enumeration.UserType.Merchant:
host = System.Configuration.ConfigurationManager.AppSettings["custom:WebMerchUrl"];
//returnUrl = string.Format("{0}?returnUrl={1}", host, model.ReturnUrl);
returnUrl = string.Format("{0}", host);
break;
}
string key = GuidUtil.New();
UserInfo userInfo = new UserInfo();
userInfo.UserId = result.User.Id;
userInfo.UserName = result.User.UserName;
SSOUtil.SetUserInfo(key, userInfo);
ret.Url = string.Format("{0}?token={1}", returnUrl, key);
return(Json(ResultType.Success, ret, "登录成功"));
}