public SaveResult UpdatePassword(UserAccounts account, int userId, string userName, string Type)
{
UserAccounts oldAccount = FiiiPayDB.UserAccountDb.GetById(account.Id);
if (Type.Equals("Password"))
{
oldAccount.Password = account.Password;
var securityVerify = new SecurityVerification(SystemPlatform.FiiiPay);
securityVerify.DeleteErrorCount(SecurityMethod.Password, account.Id.ToString());
}
else if (Type.Equals("PIN"))
{
oldAccount.Pin = account.Pin;
var securityVerify = new SecurityVerification(SystemPlatform.FiiiPay);
securityVerify.DeleteErrorCount(SecurityMethod.Pin, account.Id.ToString());
}
// Create ActionLog
ActionLog actionLog = new ActionLog();
actionLog.IPAddress = GetClientIPAddress();
actionLog.AccountId = userId;
actionLog.CreateTime = DateTime.UtcNow;
actionLog.ModuleCode = typeof(UserManageBLL).FullName + ".UpdatePassword";
actionLog.Username = userName;
actionLog.LogContent = "Update User Password " + account.Id;
ActionLogBLL ab = new ActionLogBLL();
ab.Create(actionLog);
return(new SaveResult(FiiiPayDB.UserAccountDb.Update(oldAccount)));
}
public void ModifyCellphone(Guid accountId, string cellphone, string smsToken, string token, string gToken)
{
//
var dac = new MerchantAccountDAC();
var account = dac.GetById(accountId);
if (account.Cellphone == cellphone)
{
throw new CommonException(ReasonCode.FiiiPosReasonCode.CELLPHONE_MUST_BE_DIFFERENT, "新手机号码不能与原来的一致");
}
//验证短信码
SecurityVerification sv = new SecurityVerification(SystemPlatform.FiiiPOS);
sv.VerifyToken(accountId, smsToken, SecurityMethod.CellphoneCode);
//验证pin码
sv.VerifyToken(accountId, token, SecurityMethod.Pin);
//验证google token 20180521
new SecurityVerification(SystemPlatform.FiiiPOS).VerifyToken(accountId, gToken, SecurityMethod.SecurityValidate);
//修改手机号
dac.UpdateCellphone(accountId, cellphone);
}
public SaveResult DeleteErrorCount(Guid id, string type, int userId, string userName)
{
var securityVerify = new SecurityVerification(SystemPlatform.FiiiPay);
if (type.Equals("PIN"))
{
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new PinVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
}
if (type.Equals("SMS"))
{
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new CellphoneVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new RegisterCellphoneVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new LoginCellphoneVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new ForgetPasswordCellphoneVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new UpdatePinCellphoneVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new ResetPinCellphoneVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new UpdatePasswordCellphoneVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new UpdateCellphoneOldVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new UpdateCellphoneNewVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new MandatoryCellphoneVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new BindAccountCellphoneVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new ModifyCellphoneVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
}
if (type.Equals("GoogleAuth"))
{
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new GoogleVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
}
if (type.Equals("Identity"))
{
RedisHelper.KeyDelete(Constant.REDIS_SMS_DBINDEX, new MandatoryVerifier().GetErrorCountKey(SystemPlatform.FiiiPay, id.ToString()));
}
ActionLog actionLog = new ActionLog();
actionLog.IPAddress = GetClientIPAddress();
actionLog.AccountId = userId;
actionLog.CreateTime = DateTime.UtcNow;
actionLog.ModuleCode = typeof(UserManageBLL).FullName + ".DeleteErrorCount";
actionLog.Username = userName;
actionLog.LogContent = "DeleteErrorCount " + id + ":" + type;
new ActionLogBLL().Create(actionLog);
return(new SaveResult(true, "Save Success"));
}
private InvestorAccount CheckUser(string username, string password)
{
var user = new InvestorAccountDAC().GetByUsername(username);
if (user == null)
{
throw new CommonException(ReasonCode.ACCOUNT_NOT_EXISTS, R.AccountNotExist);
}
var securityVerify = new SecurityVerification(SystemPlatform.FiiiCoinWork);
var loginErrorCountsInt = securityVerify.CheckErrorCount(SecurityMethod.Password, user.Id.ToString());
if (user.Status == 0)
{
throw new CommonException(ReasonCode.ACCOUNT_DISABLED, R.该账户已被禁用);
}
if (!PasswordHasher.VerifyHashedPassword(user.Password, password))
{
securityVerify.IncreaseErrorCount(SecurityMethod.Password, user.Id.ToString());
}
securityVerify.DeleteErrorCount(SecurityMethod.Password, user.Id.ToString());
return(user);
}
public void Verify(SMSBusiness business, string uniqueKey, string code, bool deleteCode)
{
bool isOnlyCellphoneVerify = business != SMSBusiness.SecurityValidate;
var securityVerify = new SecurityVerification(Platform);
if (isOnlyCellphoneVerify)
{
securityVerify.CheckErrorCount(business, uniqueKey);
}
var keyByCode = $"{Platform.ToString()}:{SecurityMethod.CellphoneCode.ToString()}:{business.ToString()}:Code:{uniqueKey}";
var codeInDb = RedisHelper.StringGet(Constant.REDIS_SMS_DBINDEX, keyByCode);
if (codeInDb != null && codeInDb == code)//验证通过
{
if (deleteCode)
{
DeleteSMSCode(business, uniqueKey);
}
else
{
//如果验证通过,并且不删除这个验证码,表示以后还要用这个验证码验证
RedisHelper.KeyExpire(keyByCode, TimeSpan.FromMinutes(Constant.SMS_EXPIRED_TIME));
}
if (isOnlyCellphoneVerify)
{
securityVerify.DeleteErrorCount(business, uniqueKey);
}
return;
}
if (isOnlyCellphoneVerify)
{
securityVerify.IncreaseErrorCount(business, uniqueKey);
}
else
{
securityVerify.IncreaseErrorCount(SecurityMethod.SecurityValidate, uniqueKey, SecurityMethod.CellphoneCode);
}
}
private UserAccount CheckUser(int countryId, string cellphone, string password)
{
var user = new UserAccountDAC().GetByCountryIdAndCellphone(countryId, cellphone);
if (user == null)
{
throw new CommonException(ReasonCode.ACCOUNT_NOT_EXISTS, MessageResources.AccountNotFound);
}
var securityVerify = new SecurityVerification(SystemPlatform.FiiiPay);
var loginErrorCountsInt = securityVerify.CheckErrorCount(SecurityMethod.Password, user.Id.ToString());
if (user.Status == 0)
{
throw new CommonException(ReasonCode.ACCOUNT_DISABLED, MessageResources.AccountDisabled);
}
if (IsNullOrWhiteSpace(user.Password) || IsNullOrWhiteSpace(password) || !PasswordHasher.VerifyHashedPassword(user.Password, password))
{
securityVerify.IncreaseErrorCount(SecurityMethod.Password, user.Id.ToString());
}
securityVerify.DeleteErrorCount(SecurityMethod.Password, user.Id.ToString());
return(user);
}
public ActionResult Index(Account account, string TokenGid, string VerificationCode)
{
var securityVerify = new SecurityVerification(SystemPlatform.BackOffice);
var loginBll = new LoginBLL();
string loginMessage = String.Empty;
try
{
var loginErrorCountsInt = securityVerify.CheckErrorCount(SecurityMethod.Password, account.Username);
var cacheCode = RedisHelper.StringGet(TokenGid);
if (string.IsNullOrEmpty(cacheCode))
{
loginMessage = "Verification code was expired";
securityVerify.IncreaseErrorCount(SecurityMethod.Password, account.Username);
}
if (VerificationCode.ToUpper() != cacheCode.ToUpper())
{
loginMessage = "Verification code is wrong";
securityVerify.IncreaseErrorCount(SecurityMethod.Password, account.Username);
}
bool checkResult = loginBll.CheckUser(account.Username, account.Password, out account, ref loginMessage);
if (!checkResult)
{
securityVerify.IncreaseErrorCount(SecurityMethod.Password, account.Username);
}
RedisHelper.KeyDelete(TokenGid);
securityVerify.DeleteErrorCount(SecurityMethod.Password, account.Username);
}
catch (Framework.Exceptions.CommonException ex)
{
ViewBag.LoginMessage = string.IsNullOrEmpty(loginMessage) ? ex.Message : loginMessage;
return(View(account));
}
LoginUser lu = new LoginUser();
int roleId = account.RoleId.Value;
lu.UserId = account.Id;
lu.UserName = account.Username;
lu.RoleId = roleId;
lu.IsAdmin = false;// account.Username == "fiiipayadmin";
if (lu.IsAdmin)
{
lu.PerimissionList = loginBll.GetAllPermission(roleId);
}
else
{
lu.PerimissionList = loginBll.GetUserPermissionByRoleId(roleId);
}
RedisHelper.Set("loginuser" + account.Id, lu, new TimeSpan(1, 0, 0));
var userCookie = Request.Cookies["LoginUser"];
if (userCookie == null)
{
var cookie = Response.Cookies["LoginUser"];
cookie.Value = Encrypts.GetEncryptString(account.Id.ToString());
cookie.HttpOnly = true;
cookie.Expires = DateTime.Now.AddDays(1);
}
else
{
Response.Cookies.Add(Request.Cookies["LoginUser"]);
Response.Cookies["LoginUser"].Value = Encrypts.GetEncryptString(account.Id.ToString());
Response.Cookies["LoginUser"].Expires = DateTime.Now.AddDays(1);
Response.Cookies["LoginUser"].HttpOnly = true;
}
return(RedirectToAction("Index", "Home"));
}
public TransferResult FiiiPOSTransferToEx(Guid accountId, int cryptoId, decimal amount, string pinToken)
{
var securityVerify = new SecurityVerification(SystemPlatform.FiiiPOS);
securityVerify.VerifyToken(accountId, pinToken, SecurityMethod.Pin);
var openAccountDac = new OpenAccountDAC();
var openAccount = openAccountDac.GetOpenAccount(FiiiType.FiiiPOS, accountId);
if (openAccount == null)
{
throw new CommonException(ReasonCode.GENERAL_ERROR, R.FiiiExAccountNotExist);
}
var crypto = new CryptocurrencyDAC().GetById(cryptoId);
if (crypto == null)
{
throw new CommonException(ReasonCode.GENERAL_ERROR, R.CurrencyForbidden);
}
var walletDac = new MerchantWalletDAC();
var wallet = walletDac.GetByAccountId(accountId, crypto.Id);
if (wallet.Balance < amount)
{
throw new CommonException(ReasonCode.GENERAL_ERROR, Resources.余额不足);
}
//10091=参数不符合要求 10013=用户信息不存在 10020=币不存在 0=成功
int result = FiiiExCoinIn(openAccount.OpenId, crypto.Code, amount, out string recordId);
if (result != 0)
{
throw new CommonException(ReasonCode.GENERAL_ERROR, Resources.从FiiiEx划转失败);
}
MerchantExTransferOrder order;
using (var scope = new TransactionScope())
{
walletDac.Decrease(wallet.Id, amount);
order = new MerchantExTransferOrder
{
Timestamp = DateTime.UtcNow,
OrderNo = CreateOrderNo(),
OrderType = ExTransferType.ToEx,
AccountId = accountId,
WalletId = wallet.Id,
CryptoId = crypto.Id,
CryptoCode = crypto.Code,
Amount = amount,
Status = 1,
Remark = null,
ExId = recordId
};
order = new MerchantExTransferOrderDAC().Create(order);
scope.Complete();
}
try
{
FiiiEXTransferMSMQ.PubMerchantTransferToEx(order.Id, 0);
}
catch (Exception ex)
{
LogHelper.Info("FiiiPOSTransferToEx - error", ex);
}
return(new TransferResult
{
Id = order.Id,
Amount = order.Amount.ToString(crypto.DecimalPlace),
OrderNo = order.OrderNo,
Timestamp = order.Timestamp.ToUnixTime(),
CryptoCode = crypto.Code
});
}
