public async Task <IActionResult> Login([FromBody] SysAdminLogin parm)
{
var apiRes = new ApiResult <string>()
{
statusCode = (int)ApiEnum.HttpRequestError
};
var token = "";
try
{
////获得公钥私钥,解密
var rsaKey = MemoryCacheService.Default.GetCache <List <string> >("LOGINKEY_" + parm.number);
if (rsaKey == null)
{
apiRes.message = "登录失败,请刷新浏览器再次登录";
return(Ok(apiRes));
}
var ras = new RSACrypt(rsaKey[0], rsaKey[1]);
parm.password = ras.Decrypt(parm.password);
}
catch (Exception ex)
{
apiRes.message = ex.Message;
apiRes.statusCode = (int)ApiEnum.Error;
}
apiRes.statusCode = (int)ApiEnum.Status;
apiRes.data = token;
return(Ok(apiRes));
}
/// <summary>
/// 用户登录实现
/// </summary>
/// <param name="parm"></param>
/// <returns></returns>
public async Task <ApiResult <SysUserInfo> > LoginAsync(SysAdminLogin parm)
{
var res = new ApiResult <SysUserInfo>();
parm.password = DES3Encrypt.EncryptString(parm.password);
var model = db.Queryable <SysUserInfo>()
.Where(c => c.loginName == parm.loginname).First();
if (model != null)
{
if (model.loginPWD.Equals(parm.password))
{
//修改登录时间
//保存操作日志
res.success = true;
res.message = "获取成功";
res.data = model;
}
else
{
res.success = false;
res.message = "密码错误";
res.statusCode = (int)ApiEnum.Error;
}
}
else
{
res.success = false;
res.statusCode = (int)ApiEnum.Error;
res.message = "账号错误~";
}
return(await Task.Run(() => res));
}
/// <summary>
/// 用户登录实现
/// </summary>
/// <param name="parm"></param>
/// <returns></returns>
public async Task <ApiResult <SysAdmin> > LoginAsync(SysAdminLogin parm)
{
var res = new ApiResult <SysAdmin>();
try
{
parm.password = DES3Encrypt.EncryptString(parm.password);
var model = Db.Queryable <SysAdmin>()
.Where(m => m.LoginName == parm.loginname).First();
if (model != null)
{
if (model.LoginPwd.Equals(parm.password))
{
//修改登录时间
model.LoginDate = DateTime.Now;
model.UpLoginDate = model.LoginDate;
SysAdminDb.Update(model);
#region 保存操作日志
var logModel = new SysLog()
{
Guid = Guid.NewGuid().ToString(),
LoginName = model.LoginName,
DepartName = model.DepartmentName,
OptionTable = "SysAdmin",
Summary = "登录操作",
IP = Utils.GetIp(),
LogType = (int)LogEnum.Login,
Urls = Utils.GetUrl(),
AddTime = DateTime.Now
};
SysLogDb.Insert(logModel);
#endregion
res.success = true;
res.message = "获取成功!";
res.data = model;
}
else
{
res.success = false;
res.statusCode = (int)ApiEnum.Error;
res.message = "密码错误~";
}
}
else
{
res.success = false;
res.statusCode = (int)ApiEnum.Error;
res.message = "账号错误~";
}
}
catch (Exception ex)
{
res.message = ApiEnum.Error.GetEnumText() + ex.Message;
res.statusCode = (int)ApiEnum.Error;
}
return(await Task.Run(() => res));
}
/// <summary>
/// 用户登录实现
/// </summary>
/// <param name="parm"></param>
/// <returns></returns>
public async Task <ApiResult <SysAdminMenuDto> > LoginAsync(SysAdminLogin parm)
{
var res = new ApiResult <SysAdminMenuDto>()
{
statusCode = (int)ApiEnum.Error
};
try
{
var adminModel = new SysAdminMenuDto();
parm.password = DES3Encrypt.EncryptString(parm.password);
var model = await Db.Queryable <SysAdmin>()
.Where(m => m.LoginName == parm.loginname).FirstAsync();
if (model == null)
{
res.message = "账号错误";
return(res);
}
if (!model.LoginPwd.Equals(parm.password))
{
res.message = "密码错误~";
return(res);
}
if (!model.Status)
{
res.message = "登录账号被冻结,请联系管理员~";
return(res);
}
adminModel.menu = GetMenuByAdmin(model.Guid);
if (adminModel == null)
{
res.message = "当前账号没有授权功能模块,无法登录~";
return(res);
}
//修改登录时间
model.LoginDate = DateTime.Now;
model.UpLoginDate = model.LoginDate;
model.LoginSum = model.LoginSum + 1;
SysAdminDb.Update(model);
res.statusCode = (int)ApiEnum.Status;
adminModel.admin = model;
res.data = adminModel;
}
catch (Exception ex)
{
res.message = ex.Message;
Logger.Default.ProcessError((int)ApiEnum.Error, ex.Message);
}
return(res);
}
/// <summary>
/// 登录
/// </summary>
/// <param name="parm">登录信息参数</param>
/// <param name="privateKey">加密私钥</param>
/// <param name="publicKey">加密公钥</param>
/// <returns></returns>
public async Task <IActionResult> OnPostLoginAsync(SysAdminLogin parm, string privateKey, string publicKey)
{
var apiRes = new ApiResult <Core.Model.Sys.SysAdmin>();
var token = "";
try
{
//Ras解密密码
var ras = new RSACrypt(privateKey, publicKey);
parm.password = ras.Decrypt(parm.password);
//查询登录结果
apiRes = _sysAdminService.LoginAsync(parm).Result;
var user = apiRes.data;
if (apiRes.statusCode == 200)
{
var identity = new ClaimsPrincipal(
new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Sid, user.Guid),
new Claim(ClaimTypes.Role, user.DepartmentName),
new Claim(ClaimTypes.Thumbprint, user.HeadPic),
new Claim(ClaimTypes.Name, user.TrueName),
new Claim(ClaimTypes.WindowsAccountName, user.LoginName),
new Claim(ClaimTypes.UserData, user.UpLoginDate.ToString()),
}, CookieAuthenticationDefaults.AuthenticationScheme)
);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, identity, new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddHours(2),
IsPersistent = true,
AllowRefresh = false
});
var tm = new TokenModel()
{
Uid = Guid.NewGuid().ToString(),
Role = "Admin",
Project = "Manage",
TokenType = "Web"
};
token = JwtHelper.IssueJWT(tm);
}
}
catch (Exception ex)
{
apiRes.message = ex.Message;
apiRes.statusCode = (int)ApiEnum.Error;
}
return(new JsonResult(new ApiResult <string>()
{
statusCode = apiRes.statusCode, message = apiRes.message, data = token
}));
}
/// <summary>
/// 登录验证
/// </summary>
/// <param name="model">接收数据</param>
/// <returns></returns>
public ActionResult LoginSysAdminSave(SysAdmin model)
{
var state = false;
var db = new HotelDatabase();
if (ModelState.IsValid)
{
db.Database.CreateIfNotExists();
var lst = db.SysAdmins.AsQueryable();
lst = lst.Where(o => o.SysAdminName.Contains(model.SysAdminName));
foreach (var q in lst)
{
if (q.SysAdminName == model.SysAdminName && q.SysAdminPassword == model.SysAdminPassword)
{
state = true;
}
else
{
state = false;
}
}
}
if (state == true)
{
try
{
var stateLogin = new SysAdminLogin();
stateLogin.SysAdminLoginState = "true";
stateLogin.SysAdminName = model.SysAdminName;
ViewBag.SysAdminName = model.SysAdminName;
db.SysAdminLogins.Add(stateLogin);
db.SaveChanges();
return(RedirectToAction("OrderListIndex", "BackstageManage"));
}
catch (ArgumentNullException e)
{
return(Content("<script> alert('该账号已登录!'); </script>"));
}
}
else
{
return(View("LoginSysAdmin"));
}
}
public async Task <ApiResult <SysAdminMenuDto> > LoginAsync(SysAdminLogin parm)
{
var res = new ApiResult <SysAdminMenuDto>()
{
statusCode = (int)ApiEnum.Error
};
try
{
var adminModel = new SysAdminMenuDto();
parm.password = parm.password;
var model = await Db.Queryable <SysAdmin>()
.Where(m => m.LoginName == parm.loginname).FirstAsync();
if (model == null)
{
res.message = "账号错误";
return(res);
}
if (!model.LoginPwd.Equals(parm.password))
{
res.message = "密码错误~";
return(res);
}
if (!model.Status)
{
res.message = "登录账号被冻结,请联系管理员~";
return(res);
}
adminModel.menu = GetMenuByAdmin(model.Guid);
if (adminModel == null)
{
res.message = "当前账号没有授权功能模块,无法登录~";
return(res);
}
}
catch (Exception)
{
res = null;
}
return(res);
}
/// <summary>
/// 登录
/// </summary>
/// <param name="parm"></param>
/// <returns></returns>
public async Task <IActionResult> OnPostLoginAsync(SysAdminLogin parm)
{
var apiRes = _sysAdminService.LoginAsync(parm);
try
{
var user = apiRes.Result.data;
if (apiRes.Result.statusCode == 200)
{
var identity = new ClaimsPrincipal(
new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Sid, user.Guid),
new Claim(ClaimTypes.Role, "超级管理员"),
new Claim(ClaimTypes.Thumbprint, user.HeadPic),
new Claim(ClaimTypes.Name, user.TrueName),
new Claim(ClaimTypes.WindowsAccountName, user.LoginName),
new Claim(ClaimTypes.UserData, user.UpLoginDate.ToString()),
}, CookieAuthenticationDefaults.AuthenticationScheme)
);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, identity, new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(60),
IsPersistent = true,
AllowRefresh = false
});
}
}
catch (Exception ex)
{
apiRes.Result.message = ex.Message;
apiRes.Result.statusCode = (int)ApiEnum.Error;
}
return(new JsonResult(new ApiResult <string>()
{
statusCode = apiRes.Result.statusCode, message = apiRes.Result.message
}));
}
/// <summary>
/// 用户登录实现
/// </summary>
/// <param name="parm"></param>
/// <returns></returns>
public async Task <ApiResult <SysAdmin> > LoginAsync(SysAdminLogin parm)
{
var res = new ApiResult <SysAdmin>();
try
{
parm.password = DES3Encrypt.EncryptString(parm.password);
var model = Db.Queryable <SysAdmin>()
.Where(m => m.LoginName == parm.loginname).First();
if (model != null)
{
if (model.LoginPwd.Equals(parm.password))
{
res.success = true;
res.message = "获取成功!";
res.data = model;
}
else
{
res.success = false;
res.statusCode = (int)ApiEnum.Error;
res.message = "密码错误~";
}
}
else
{
res.success = false;
res.statusCode = (int)ApiEnum.Error;
res.message = "账号错误~";
}
}
catch (Exception ex)
{
res.message = ApiEnum.Error.GetEnumText() + ex.Message;
res.statusCode = (int)ApiEnum.Error;
}
return(await Task.Run(() => res));
}
public async Task <IActionResult> Login([FromBody] SysAdminLogin parm)
{
var apiRes = new ApiResult <string>()
{
statusCode = (int)ApiEnum.HttpRequestError
};
var token = "";
try
{
//获得公钥私钥,解密
var rsaKey = MemoryCacheService.Default.GetCache <List <string> >("LOGINKEY");
if (rsaKey == null)
{
apiRes.message = "登录失败,请刷新浏览器再次登录";
return(Ok(apiRes));
}
//Ras解密密码
var ras = new RSACrypt(rsaKey[0], rsaKey[1]);
parm.password = ras.Decrypt(parm.password);
//获得用户登录限制次数
var configLoginCount = Convert.ToInt32(ConfigExtensions.Configuration[KeyHelper.LOGINCOUNT]);
//获得登录次数和过期时间
var loginConfig = MemoryCacheService.Default.GetCache <SysAdminLoginConfig>(KeyHelper.LOGINCOUNT) ?? new SysAdminLoginConfig();
if (loginConfig.Count != 0 && loginConfig.DelayMinute != null)
{
//说明存在过期时间,需要判断
if (DateTime.Now <= loginConfig.DelayMinute)
{
apiRes.message = "您的登录以超过设定次数,请稍后再次登录~";
return(Ok(apiRes));
}
else
{
//已经过了登录的预设时间,重置登录配置参数
loginConfig.Count = 0;
loginConfig.DelayMinute = null;
}
}
//查询登录结果
var dbres = await _adminService.LoginAsync(parm);
if (dbres.statusCode != 200)
{
//增加登录次数
loginConfig.Count += 1;
//登录的次数大于配置的次数,则提示过期时间
if (loginConfig.Count == configLoginCount)
{
var configDelayMinute = Convert.ToInt32(ConfigExtensions.Configuration[KeyHelper.LOGINDELAYMINUTE]);
//记录过期时间
loginConfig.DelayMinute = DateTime.Now.AddMinutes(configDelayMinute);
apiRes.message = "登录次数超过" + configLoginCount + "次,请" + configDelayMinute + "分钟后再次登录";
return(Ok(apiRes));
}
//记录登录次数,保存到session
MemoryCacheService.Default.SetCache(KeyHelper.LOGINCOUNT, loginConfig);
//提示用户错误和登录次数信息
apiRes.message = dbres.message + " 您还剩余" + (configLoginCount - loginConfig.Count) + "登录次数";
return(Ok(apiRes));
}
var user = dbres.data.admin;
var identity = new ClaimsPrincipal(
new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Sid, user.Guid),
new Claim(ClaimTypes.Role, user.DepartmentName),
new Claim(ClaimTypes.Thumbprint, user.HeadPic),
new Claim(ClaimTypes.Name, user.LoginName),
new Claim(ClaimTypes.WindowsAccountName, user.LoginName),
new Claim(ClaimTypes.UserData, user.UpLoginDate.ToString())
}, CookieAuthenticationDefaults.AuthenticationScheme)
);
//如果保存用户类型是Session,则默认设置cookie退出浏览器 清空
if (ConfigExtensions.Configuration[KeyHelper.LOGINSAVEUSER] == "Session")
{
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, identity, new AuthenticationProperties
{
AllowRefresh = false
});
}
else
{
//根据配置保存浏览器用户信息,小时单位
var hours = int.Parse(ConfigExtensions.Configuration[KeyHelper.LOGINCOOKIEEXPIRES]);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, identity, new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddHours(hours),
IsPersistent = true,
AllowRefresh = false
});
}
//获得第一条站点,并保存到session中
var site = await _siteService.GetListAsync(m => !m.IsDel, m => m.AddTime, DbOrderEnum.Asc);
//把权限存到缓存里
var menuSaveType = ConfigExtensions.Configuration[KeyHelper.LOGINAUTHORIZE];
if (menuSaveType == "Redis")
{
RedisHelper.Set(KeyHelper.ADMINMENU + "_" + dbres.data.admin.Guid, dbres.data.menu);
RedisHelper.Set(KeyHelper.NOWSITE, site.data.FirstOrDefault());
}
else
{
MemoryCacheService.Default.SetCache(KeyHelper.NOWSITE, site.data.FirstOrDefault());
MemoryCacheService.Default.SetCache(KeyHelper.ADMINMENU + "_" + dbres.data.admin.Guid, dbres.data.menu, 600);
}
token = JwtHelper.IssueJWT(new TokenModel()
{
Uid = user.Guid,
UserName = user.LoginName,
Role = "Admin",
TokenType = "Web"
});
MemoryCacheService.Default.RemoveCache("LOGINKEY");
MemoryCacheService.Default.RemoveCache(KeyHelper.LOGINCOUNT);
#region 保存日志
var agent = HttpContext.Request.Headers["User-Agent"];
var log = new SysLog()
{
Guid = Guid.NewGuid().ToString(),
Logged = DateTime.Now,
Logger = LogEnum.LOGIN.GetEnumText(),
Level = "Info",
Message = "登录:" + parm.loginname,
Callsite = "/fytadmin/login",
IP = Utils.GetIp(),
User = parm.loginname,
Browser = agent.ToString()
};
await _logService.AddAsync(log);
#endregion
}
catch (Exception ex)
{
apiRes.message = ex.Message;
apiRes.statusCode = (int)ApiEnum.Error;
#region 保存日志
var agent = HttpContext.Request.Headers["User-Agent"];
var log = new SysLog()
{
Guid = Guid.NewGuid().ToString(),
Logged = DateTime.Now,
Logger = LogEnum.LOGIN.GetEnumText(),
Level = "Error",
Message = "登录失败!" + ex.Message,
Exception = ex.Message,
Callsite = "/fytadmin/login",
IP = Utils.GetIp(),
User = parm.loginname,
Browser = agent.ToString()
};
await _logService.AddAsync(log);
#endregion
}
apiRes.statusCode = (int)ApiEnum.Status;
apiRes.data = token;
return(Ok(apiRes));
}
/// <summary>
/// 用户登录实现
/// </summary>
/// <param name="parm"></param>
/// <returns></returns>
public async Task <ApiResult <SysAdmin> > LoginAsync(SysAdminLogin parm)
{
var res = new ApiResult <SysAdmin>();
try
{
parm.password = DES3Encrypt.EncryptString(parm.password);
var model = DbContext._.Db.From <SysAdmin>().Where(d => d.LoginName == parm.loginname).ToFirstDefault();
if (model != null)
{
if (!model.Status)
{
res.success = false;
res.statusCode = (int)ApiEnum.Error;
res.message = "账号冻结~";
}
else
{
if (model.LoginPwd.Equals(parm.password))
{
//修改登录时间
model.LoginDate = DateTime.Now;
model.UpLoginDate = model.LoginDate;
//SysAdminDb.Update(model);
DbContext._.Db.Update <SysAdmin>(model, d => d.Guid == model.Guid);
#region 保存操作日志
//var logModel = new SysLog()
//{
// Guid = Guid.NewGuid().ToString(),
// LoginName = model.LoginName,
// DepartName = model.DepartmentName,
// OptionTable = "SysAdmin",
// Summary = "登录操作",
// IP = Utils.GetIp(),
// LogType = (int)LogEnum.Login,
// Urls = Utils.GetUrl(),
// AddTime = DateTime.Now
//};
//SysLogDb.Insert(logModel);
#endregion
res.success = true;
res.message = "获取成功!";
res.data = model;
}
else
{
res.success = false;
res.statusCode = (int)ApiEnum.Error;
res.message = "密码错误~";
}
}
}
else
{
res.success = false;
res.statusCode = (int)ApiEnum.Error;
res.message = "账号错误~";
}
}
catch (Exception ex)
{
res.message = ApiEnum.Error.GetEnumText() + ex.Message;
res.statusCode = (int)ApiEnum.Error;
}
return(await Task.Run(() => res));
}
public async Task <ApiResult <string> > Login([FromBody] SysAdminLogin parm)
{
var apiRes = new ApiResult <string>()
{
statusCode = (int)ApiEnum.HttpRequestError
};
var token = "";
try
{
#region 1. 从缓存获取公钥私钥解密,再解密密码
//获得公钥私钥,解密
var rsaKey = MemoryCacheHelper.Get <List <string> >(KeyModel.LoginKey);
if (rsaKey == null)
{
apiRes.msg = "登录失败,请刷新浏览器再次登录";
return(apiRes);
}
//Ras解密密码
var ras = new RSAEncrypt(rsaKey[0], rsaKey[1]);
parm.password = ras.Decrypt(parm.password);
#endregion
#region 2. 判断用户登录次数限制以及过期时间
//获得用户登录限制次数
var configLoginCount = Convert.ToInt32(Appsettings.Configuration[KeyModel.LoginCount]);
//获得登录次数和过期时间
SysAdminLoginConfig loginConfig = MemoryCacheHelper.Get <SysAdminLoginConfig>(KeyModel.LoginCount) ?? new SysAdminLoginConfig();
if (loginConfig.Count != 0 && loginConfig.DelayMinute != null)
{
//说明存在过期时间,需要判断
if (DateTime.Now <= loginConfig.DelayMinute)
{
apiRes.msg = "您的登录以超过设定次数,请稍后再次登录~";
return(apiRes);
}
else
{
//已经过了登录的预设时间,重置登录配置参数
loginConfig.Count = 0;
loginConfig.DelayMinute = null;
}
}
#endregion
#region 3. 从数据库查询该用户
//查询登录结果
var dbres = _adminService.LoginAsync(parm).Result;
if (dbres.statusCode != 200)
{
//增加登录次数
loginConfig.Count += 1;
//登录的次数大于配置的次数,则提示过期时间
if (loginConfig.Count == configLoginCount)
{
var configDelayMinute = Convert.ToInt32(Appsettings.Configuration[KeyModel.LogindElayMinute]);
//记录过期时间
loginConfig.DelayMinute = DateTime.Now.AddMinutes(configDelayMinute);
apiRes.msg = "登录次数超过" + configLoginCount + "次,请" + configDelayMinute + "分钟后再次登录";
return(apiRes);
}
//记录登录次数,保存到session
MemoryCacheHelper.Set(KeyModel.LoginCount, loginConfig);
//提示用户错误和登录次数信息
apiRes.msg = dbres.msg + " 您还剩余" + (configLoginCount - loginConfig.Count) + "登录次数";
return(apiRes);
}
#endregion
#region 4. 设置Identity User信息
var user = dbres.data.admin;
var identity = new ClaimsPrincipal(
new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Sid, user.ID),
new Claim(ClaimTypes.Role, user.RoleId),
new Claim(ClaimTypes.Thumbprint, user.HeadPic),
new Claim(ClaimTypes.Name, user.RelName),
new Claim(ClaimTypes.WindowsAccountName, user.Account),
new Claim(ClaimTypes.UserData, user.LastLoginTime.ToString())
}, CookieAuthenticationDefaults.AuthenticationScheme)
);
if (Appsettings.Configuration[KeyModel.LoginSaveUser] == "Session")
{//如果保存用户类型是Session,则默认设置cookie退出浏览器 清空,并且保存用户信息
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, identity, new AuthenticationProperties
{
AllowRefresh = false
});
}
else
{
//根据配置保存浏览器用户信息,小时单位
var hours = int.Parse(Appsettings.Configuration[KeyModel.LoginCookieExpires]);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, identity, new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddHours(hours),
IsPersistent = true,
AllowRefresh = false
});
}
#endregion
#region 5. 保存权限信息到缓存
if (dbres.data.menu != null)
{
var menuSaveType = Appsettings.Configuration[KeyModel.LoginAuthorize];
if (menuSaveType == "Redis")
{
RedisCacheHelper.Set(KeyModel.AdminMenu + "_" + dbres.data.admin.ID, dbres.data.menu);
}
else
{
MemoryCacheHelper.Set(KeyModel.AdminMenu + "_" + dbres.data.admin.ID, dbres.data.menu);
}
}
#endregion
#region 6. 生成token信息,并且返回给前端
token = JwtHelper.IssueToken(new TokenModel()
{
UserID = user.ID,
UserName = user.RelName,
UserAccount = user.Account,
Role = "AdminPolicy",
ProjectName = "DL.Admin"
});
MemoryCacheHelper.Del <string>(KeyModel.LoginKey);
MemoryCacheHelper.Del <string>(KeyModel.LoginCount);
#endregion
#region 7. 保存日志
var agent = HttpContext.Request.Headers["User-Agent"];
var log = new SysLog()
{
ID = Guid.NewGuid().ToString(),
CreateTime = DateTime.Now,
Layer = 1,
Message = "登录",
Url = "/Login/Login",
IP = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(),
Account = parm.loginname,
Browser = agent.ToString()
};
await _logService.AddAsync(log);
#endregion
}
catch (Exception ex)
{
apiRes.msg = ex.Message;
apiRes.statusCode = (int)ApiEnum.Error;
#region 保存日志
var agent = HttpContext.Request.Headers["User-Agent"];
var log = new SysLog()
{
ID = Guid.NewGuid().ToString(),
CreateTime = DateTime.Now,
Layer = 4,
Message = "登录失败!" + ex.Message,
Exception = ex.Message,
Url = "/Login/Login",
IP = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(),
Account = parm.loginname,
Browser = agent.ToString()
};
await _logService.AddAsync(log);
#endregion
}
apiRes.statusCode = (int)ApiEnum.Status;
apiRes.data = token;
return(apiRes);
}
public async Task <ApiResult <SysAdmin> > LoginAsync(SysAdminLogin parm)
{
return(await _adminService.LoginAsync(parm));
}
public async Task <IActionResult> Login([FromBody] SysAdminLogin parm)
{
var res = new ApiResult <string>()
{
statusCode = (int)ApiEnum.HttpRequestError
};
try
{
//获得公钥私钥,解密
var rsaKey = await _cache.GetAsync <List <string> >($"LOGINKEY:{parm.lid}");
if (rsaKey == null)
{
res.message = "登录失败,请刷新浏览器再次登录";
return(Ok(res));
}
//Ras解密密码
var ras = new RSACrypt(rsaKey[0], rsaKey[1]);
parm.password = ras.Decrypt(parm.password);
//获得用户登录限制次数
var configLoginCount = Convert.ToInt32(_config[KeyHelper.LOGINCOUNT]);
//获得登录次数和过期时间
var loginConfig = await _cache.GetAsync <SysAdminLoginConfig>(KeyHelper.LOGINCOUNT) ?? new SysAdminLoginConfig();
if (loginConfig.Count != 0 && loginConfig.DelayMinute != null)
{
//说明存在过期时间,需要判断
if (DateTime.Now <= loginConfig.DelayMinute)
{
res.message = "您的登录以超过设定次数,请稍后再次登录~";
return(Ok(res));
}
else
{
//已经过了登录的预设时间,重置登录配置参数
loginConfig.Count = 0;
loginConfig.DelayMinute = null;
}
}
#region 验证码
var captcha = new SimpleCaptcha();
if (!captcha.Validate(parm.code, parm.cid))
{
res.message = "验证码错误";
res.statusCode = (int)ApiEnum.ParameterError;
return(Ok(res));
}
#endregion
//查询登录结果
var dbres = await _adminService.LoginAsync(parm);
if (dbres.statusCode != 200)
{
//增加登录次数
loginConfig.Count += 1;
//登录的次数大于配置的次数,则提示过期时间
if (loginConfig.Count == configLoginCount)
{
var configDelayMinute = Convert.ToInt32(_config[KeyHelper.LOGINDELAYMINUTE]);
//记录过期时间
loginConfig.DelayMinute = DateTime.Now.AddMinutes(configDelayMinute);
res.message = "登录次数超过" + configLoginCount + "次,请" + configDelayMinute + "分钟后再次登录";
return(Ok(res));
}
//记录登录次数,保存到session
await _cache.SetAsync(KeyHelper.LOGINCOUNT, loginConfig);
//提示用户错误和登录次数信息
res.message = dbres.message;
return(Ok(res));
}
var user = dbres.data.admin;
var identity = new ClaimsPrincipal(
new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.PrimarySid, user.IsSystem.ToString()),
new Claim(ClaimTypes.Sid, user.Guid),
new Claim(ClaimTypes.Role, "授权用户"),
new Claim(ClaimTypes.Name, user.TrueName),
new Claim(ClaimTypes.WindowsAccountName, user.LoginName),
new Claim(ClaimTypes.UserData, user.UpLoginDate.ToString())
}, CookieAuthenticationDefaults.AuthenticationScheme)
);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, identity);
////如果保存用户类型是Session,则默认设置cookie退出浏览器 清空
//if (_config[KeyHelper.LOGINSAVEUSER] == "Session")
//{
// await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, identity, new AuthenticationProperties
// {
// AllowRefresh = false
// });
//}
//else
//{
// await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, identity, new AuthenticationProperties
// {
// ExpiresUtc = DateTime.UtcNow.AddHours(_config.GetValue(KeyHelper.LOGINCOOKIEEXPIRES, 0.5D)),
// IsPersistent = true,
// AllowRefresh = false
// });
//}
//把权限存到缓存里
await _cache.SetAsync(KeyHelper.ADMINMENU + "_" + dbres.data.admin.Guid, dbres.data.menu);
res.data = JwtHelper.IssueJWT(new TokenModel()
{
Uid = user.Guid,
UserName = user.LoginName,
Role = "Admin",
TokenType = "Web"
});
await _cache.RemoveAsync($"LOGINKEY:{parm.lid}");
await _cache.RemoveAsync(KeyHelper.LOGINCOUNT);
#region 保存日志
var agent = HttpContext.Request.Headers["User-Agent"];
var log = new SysLog()
{
Guid = Guid.NewGuid().ToString(),
Logged = DateTime.Now,
Logger = LogEnum.LOGIN.GetEnumText(),
Level = "Info",
Message = "登录:" + parm.loginname,
Callsite = "/fytadmin/login",
IP = HttpContext.GetIP(),
User = parm.loginname,
Browser = agent.ToString()
};
await _logService.AddAsync(log);
#endregion
}
catch (CryptographicException)
{
res.message = "登录失败,请刷新浏览器重试";
res.statusCode = (int)ApiEnum.Error;
return(Ok(res));
}
catch (Exception ex)
{
var agent = HttpContext.Request.Headers["User-Agent"];
var log = new SysLog()
{
Guid = Guid.NewGuid().ToString(),
Logged = DateTime.Now,
Logger = LogEnum.LOGIN.GetEnumText(),
Level = "Error",
Message = "登录失败!" + ex.Message,
Exception = ex.ToString(),
Callsite = "/fytadmin/login",
IP = HttpContext.GetIP(),
User = parm.loginname,
Browser = agent.ToString()
};
await _logService.AddAsync(log);
res.message = "登录失败,请刷新浏览器重试";
res.statusCode = (int)ApiEnum.Error;
return(Ok(res));
}
res.statusCode = (int)ApiEnum.Status;
return(Ok(res));
}
/// <summary>
/// 用户登录实现
/// </summary>
/// <param name="parm"></param>
/// <returns></returns>
public async Task <ApiResult <SysAdminMenuDto> > LoginAsync(SysAdminLogin parm)
{
var res = new ApiResult <SysAdminMenuDto>()
{
statusCode = (int)ApiEnum.Error
};
try
{
var adminModel = new SysAdminMenuDto();
parm.password = DES3Encrypt.EncryptString(parm.password);
var model = await Db.Queryable <SysAdmin>().Where(m => m.LoginName == parm.loginname).FirstAsync();
if (model == null)
{
res.message = "账号错误";
return(res);
}
if (!model.LoginPwd.Equals(parm.password))
{
res.message = "密码错误~";
return(res);
}
if (!model.Status)
{
res.message = "登录账号被冻结,请联系管理员~";
return(res);
}
var(isSystem, isAgent, isSubAdmin) = await roleService.GetRoleByAdminGuid(model.Guid);
if (isSystem)
{
}
else if (isAgent)
{
var exist = await Db.Queryable <CmsAgent>().AnyAsync(p => p.Admin_Guid == model.Guid && p.Status);
if (!exist)
{
res.message = "代理商已经被冻结,请联系管理员";
return(res);
}
}
else if (isSubAdmin)
{
var exist = await Db.Queryable <CmsMerchant>().AnyAsync(p => p.admin_guid == model.Guid && p.status);
if (!exist)
{
res.message = "商户已经被冻结,请联系管理员";
return(res);
}
}
else
{
var exist = await Db.Queryable <CmsMerchant>().AnyAsync(p => p.admin_guid == model.CreateBy && p.status);
if (!exist)
{
res.message = "商户已经被冻结,请联系管理员";
return(res);
}
}
adminModel.menu = GetMenuByAdmin(model.Guid);
if (adminModel == null)
{
res.message = "当前账号没有授权功能模块,无法登录~";
return(res);
}
//修改登录时间
model.LoginDate = DateTime.Now;
model.UpLoginDate = model.LoginDate;
model.LoginSum = model.LoginSum + 1;
SysAdminDb.Update(model);
var roleList = await Db.Queryable <SysRole>().Where(m => m.IsSystem).Select(m => m.Guid).ToListAsync();
model.IsSystem = roleList.Intersect(model.RoleList.Select(p => p.guid)).Any();
res.statusCode = (int)ApiEnum.Status;
adminModel.admin = model;
res.data = adminModel;
}
catch (Exception ex)
{
res.message = ex.Message;
Logger.Default.ProcessError((int)ApiEnum.Error, ex.Message);
}
return(res);
}
