public string Login(string username, string password)
{
try
{
string jsonResult = string.Empty;
ConditionBuilder condBuilder = new ConditionBuilder();
//1、先進行DB帳號驗證
if (username.IsNumeric())
condBuilder.Add(new SqlCondition() { Name = "EMPNO", Value = username });
else
condBuilder.Add(new SqlCondition() { Name = "DOMAIN_ACCOUNT", Value = username.ToLower() });
condBuilder.Add(new SqlCondition() { Name = "PASSWORD", Value = SecurityHelper.MD5(password) });
User logonUser = new User(condBuilder);
if (logonUser.Exists())
{
string token = SecurityHelper.MD5(logonUser.NAME + logonUser.PASSWORD + DateTime.Now.ToString());
logonUser.COOKIE = token;
logonUser.Update();
//設置Session和Cookie
HttpContext.Current.Session["LogonUser"] = logonUser;
HttpCookie cookie = new HttpCookie("DromManegeSystem");
cookie.Value = token;
cookie.Expires = DateTime.Now.AddDays(7);
HttpContext.Current.Response.AppendCookie(cookie);
//回應成功
jsonResult = "{success:true}";
}
else
{
//2、進行AD驗證
string domainPath = "cminl.oa";//群創域名
if (DomainAuthentication.CheckAD(domainPath, username, password))
{
condBuilder.Clear();
condBuilder.Add(new SqlCondition() { Name = "NAME", Value = username });
User logonUserAD = new User(condBuilder);
if (!logonUserAD.Exists())
jsonResult = "{success:false,msg:'用戶不存在!'}";
else
{
}
}
jsonResult = "{success:false,msg:'AD帳號或密碼錯誤!'}";
}
return jsonResult;
}
catch (Exception ex)
{
return string.Format("{{success:false,msg:\"Error From AuthController.Login:<br>{0}\"}}", ex.Message);
}
}
