/// <summary> /// 管理后台AD验证 /// </summary> /// <param name="dto"></param> /// <returns></returns> public async Task <ReturnValueModel> AdminVerifyAsync(VerifyAdminInputDto dto) { ReturnValueModel rvm = new ReturnValueModel(); try { //if (string.IsNullOrEmpty(dto?.Value)) //{ // rvm.Success = false; // rvm.Msg = "请输入账号和密码。"; // return rvm; //} //string a = Encoding.Default.GetString(Convert.FromBase64String(dto.Value)); //string pattern = @"(\\[^bfrnt\\/‘\""])"; //var result = System.Text.RegularExpressions.Regex.Replace(a, pattern, "\\$1"); //VerifyBase verifyAdmin = Json.ToObject<VerifyBase>(result); if (string.IsNullOrEmpty(dto?.UserName)) { rvm.Success = false; rvm.Msg = "请输入账号。"; return(rvm); } if (string.IsNullOrEmpty(dto?.Password)) { rvm.Success = false; rvm.Msg = "请输入密码。"; return(rvm); } var user = await _rep.FirstOrDefaultAsync <UserModel>(s => s != null && s.IsDeleted != 1 && s.ADAccount == dto.UserName.ToUpper()); //是否系统管理员 if (user?.Id == "00000000-0000-0000-0000-000000000000") { if (user?.Password != dto.Password) { rvm.Success = false; rvm.Msg = "登录失败。"; return(rvm); } } else { //匹配AD白名单 var whiteName = await _rep.FirstOrDefaultAsync <BotADWhiteName>(s => s.IsDeleted != 1 && s.ADAccount == dto.UserName); //var isWhiteName = await CheckWhiteName(dto.UserName); if (whiteName == null) { rvm.Success = false; rvm.Msg = "您输入的账号无权限访问或账号密码不正确。"; rvm.Result = null; LoggerHelper.WriteLogInfo("[CheckWhiteName]:错误------不在白名单"); return(rvm); } //验证AD域 var verify = await GetVerifyApi(dto.UserName, dto?.Password); if (verify.Success == false) { return(verify); } //var user = await _rep.FirstOrDefaultAsync<UserModel>(s => s != null && s.IsDeleted != 1 && s.ADAccount == dto.UserName.ToUpper()); if (user == null) { var id = Guid.NewGuid().ToString(); user = new UserModel { Id = id, ADAccount = dto.UserName.ToUpper(), Code = id, IsDeleted = 0, IsEnabled = 0, Password = Guid.NewGuid().ToString(), CreateTime = DateTime.UtcNow.AddHours(8), CreateUser = id, }; _rep.Insert <UserModel>(user); } else { if (user.ADAccount != dto.UserName) { user.ADAccount = dto.UserName.ToUpper(); _rep.Update(user); } } string roleId = "002222B5-C4D4-4DD7-9FEE-53201BD2BA55"; var userRole = await _rep.FirstOrDefaultAsync <UserRole>(s => s.IsDeleted != 1 && s.UserId == user.Id && s.RoleId == roleId); //添加审核员权限 if (whiteName.ChatAudit == 1 && userRole == null) { _rep.Insert <UserRole>(new UserRole { Id = Guid.NewGuid().ToString(), SapCode = user.Code, UserId = user.Id, RoleId = roleId, CreateTime = DateTime.UtcNow.AddHours(8), CreateUser = user.Id, }); } _rep.SaveChanges(); } string _host = ConfigurationManager.AppSettings["HostUrl"]; var buToken = await new WebClient <string>() .Post($"{_host}/auth/token") .Data(new Dictionary <string, object> { { "username", user.ADAccount }, { "password", user.Password }, { "grant_type", "password" }, { "CompanyCode", user.CompanyCode ?? "" }, }).ResultAsync(); if (string.IsNullOrEmpty(buToken.ToString())) { rvm.Msg = "fail"; rvm.Success = false; rvm.Result = "获取HCP,token失败" + _host; return(rvm); } dynamic obj = new ExpandoObject(); obj.BuToken = Json.ToObject <HCPTokenOutDto>(buToken.ToString()); //生成KBS系统Token string kbsHost = ConfigurationManager.AppSettings["KBSUrl"]; string loginSecretkey = ConfigurationManager.AppSettings["LoginSecretkey"]; string sign = Tool.Sign(new Dictionary <string, object> { { "Id", user.Id } }, loginSecretkey); var kbsToken = await new WebClient <Result>() .Post($"{kbsHost}Account/LoginAD") .JsonData(new LoginADInputDto { Sign = sign, Id = user.Id }).ResultFromJsonAsync(); if (kbsToken?.Code == 0) { rvm.Msg = "fail"; rvm.Success = false; rvm.Result = kbsToken?.Message; return(rvm); } obj.KbsToken = Json.ToObject <KBSTokenOutDto>(kbsToken.Data.ToString()); _cacheManager.Set(user.Id.ToString() + "KBS", obj.KbsToken, 12); rvm.Msg = "success"; rvm.Success = true; rvm.Result = obj; } catch (Exception ex) { string error = string.Empty; error += ($"--------------------------------------------------------------------------------"); error += ($"[MSG]:{ex.Message};\n"); error += ($"[Source]:{ex.Source}\n"); error += ($"[StackTrace]:{ex.StackTrace}\n"); error += ($"[StackTrace]:{ex.TargetSite.Name}\n"); error += ($"--------------------------------------------------------------------------------"); rvm.Msg = "fail_"; rvm.Success = false; rvm.Result = error; } return(rvm); }
public async Task <IHttpActionResult> AdminVerify([FromBody] VerifyAdminInputDto dto) { var ret = await _aDVerifyService.AdminVerifyAsync(dto); return(Ok(ret)); }