public AuthenticateResult Authenticate(string username, string password)
{
try
{
using (var conn = RepositoryManager.GetNewConnection())
{
var repo = RepositoryManager.GetRepository <ISysOperatorRepository>();
var operatorInfos = repo.Query(new Hashtable {
{ "LoginName", username }, { "Status", (int)GeneralStatus.Enabled }
});
if (!operatorInfos.Any())
{
return(new AuthenticateResult()
{
ResultType = ResultType.UserNotFound, Messages = new[] { "User does not exist." }
});
}
var operatorInfo = operatorInfos.First();
var hashPassword = SysOperatorExtension.ExcryptPassword(password, operatorInfo.Salt);
if (hashPassword == operatorInfo.Password)
{
operatorInfo.MaskPassword();
operatorInfo.Password = password; // return password
return(new AuthenticateResult()
{
ResultType = ResultType.OK, Messages = new[] { "OK" }, OperatorInfo = operatorInfo
});
}
else
{
return(new AuthenticateResult()
{
ResultType = ResultType.AuthenticationError, Messages = new[] { "invalid user name and password" }
});
}
}
}
catch (Exception ex)
{
Log.Error(ex);
return(new AuthenticateResult()
{
ResultType = ResultType.UnknownError, Messages = new[] { "UnknownError" }
});
}
}
public HttpResponseMessage Put(int id, [FromBody] SysOperator sysOperatorInfo)
{
return(ActionWarpper.Process(sysOperatorInfo, OperationCodes.MSYSOPT, () =>
{
sysOperatorInfo.OperatorID = id;
var sysOperatorRepository = RepositoryManager.GetRepository <ISysOperatorRepository>();
var sysOperatorRoleRepo = RepositoryManager.GetRepository <ISysOperatorRoleRepository>();
var originalsysOperatorInfo = sysOperatorRepository.GetByKey(id);
if (originalsysOperatorInfo == null)
{
return Request.CreateResponse(HttpStatusCode.BadRequest, string.Format("operator Id={0} does not exist.", id));
}
#region SysOperatorRole
var addedRoles = new List <SysOperatorRole>();
var deletedRoleIds = new List <int>();
if (sysOperatorInfo.SysOperatorRoles != null && sysOperatorInfo.SysOperatorRoles.Any())
{
var originalPermissionIDs = originalsysOperatorInfo.SysOperatorRoles.Select(d => d.SysOperatorRoleID);
var currentPermissionIDs = sysOperatorInfo.SysOperatorRoles.Select(d => d.SysOperatorRoleID);
deletedRoleIds = originalPermissionIDs.Except(currentPermissionIDs).ToList();
addedRoles = sysOperatorInfo.SysOperatorRoles.FindAll(d => d.SysOperatorRoleID == 0);
deletedRoleIds.ForEach(d => sysOperatorRoleRepo.Delete(d));
addedRoles.ForEach(d => sysOperatorRoleRepo.Insert(d));
sysOperatorInfo.SysOperatorRoles.FindAll(d => d.SysOperatorRoleID != 0).ForEach(d => sysOperatorRoleRepo.Update(d));
}
else
{
deletedRoleIds = originalsysOperatorInfo.SysOperatorRoles.Select(d => d.SysOperatorRoleID).ToList();
deletedRoleIds.ForEach(d => sysOperatorRoleRepo.Delete(d));
}
#endregion
string salt = originalsysOperatorInfo.Salt;
var hashPassword = SysOperatorExtension.ExcryptPassword(sysOperatorInfo.Password, salt);
sysOperatorInfo.Password = hashPassword;
sysOperatorInfo.Salt = salt;
sysOperatorRepository.Update(sysOperatorInfo);
return Request.CreateResponse(HttpStatusCode.OK);
}, this));
}
public HttpResponseMessage Post([FromBody] SysOperator sysOperatorInfo)
{
return(ActionWarpper.Process(sysOperatorInfo, OperationCodes.ASYSOPT, () =>
{
var sysOperatorRepository = RepositoryManager.GetRepository <ISysOperatorRepository>();
var sysOperatorRoleRepo = RepositoryManager.GetRepository <ISysOperatorRoleRepository>();
string salt = Guid.NewGuid().ToString();
var hashPassword = SysOperatorExtension.ExcryptPassword(sysOperatorInfo.Password, salt);
sysOperatorInfo.Password = hashPassword;
sysOperatorInfo.Salt = salt;
sysOperatorRepository.Insert(sysOperatorInfo);
sysOperatorInfo.SysOperatorRoles.ForEach(a => a.OperatorID = sysOperatorInfo.OperatorID);
sysOperatorInfo.SysOperatorRoles.ForEach(a => sysOperatorRoleRepo.Insert(a));
return Request.CreateResponse(HttpStatusCode.OK, sysOperatorInfo);
}, this));
}
public GenericResult ChangePassowrd(string username, string oldPassword, string newPassword)
{
var sw = Stopwatch.StartNew();
using (var conn = RepositoryManager.GetNewConnection())
using (var transaction = conn.BeginTransaction())
{
try
{
var repo = RepositoryManager.GetRepository <ISysOperatorRepository>();
var operatorInfos = repo.Query(new Hashtable {
{ "LoginName", username }, { "Status", (int)GeneralStatus.Enabled }
});
if (!operatorInfos.Any())
{
return(new AuthenticateResult()
{
ResultType = ResultType.UserNotFound, Messages = new[] { "User does not exist." }
});
}
var operatorInfo = operatorInfos.First();
var hashPassword = SysOperatorExtension.ExcryptPassword(oldPassword, operatorInfo.Salt);
if (hashPassword != operatorInfo.Password)
{
return(new GenericResult()
{
ResultType = ResultType.AuthenticationError, Messages = new [] { "AuthenticationError" }
});
}
operatorInfo.Salt = Guid.NewGuid().ToString();
operatorInfo.Password = SysOperatorExtension.ExcryptPassword(newPassword, operatorInfo.Salt);
repo.UpdatePassword(operatorInfo);
Log.Info("Commit transaction!");
transaction.Commit();
return(new GenericResult()
{
ResultType = ResultType.OK, Messages = new[] { "OK" }
});
}
catch (Exception ex)
{
Log.Error("Unhandled error", ex);
if (transaction != null)
{
Log.Warn("Rollback transaction!");
transaction.Rollback();
}
return(new GenericResult()
{
ResultType = ResultType.UnknownError, Messages = new[] { "UnknownError" }
});
}
finally
{
Log.InfoFormat("Finish processing request, cost {0} milliseconds.", sw.ElapsedMilliseconds);
}
}
}