public ActionResult DelTokey(Acc acc)
{
//管理员帐号保护
if(acc.ID == "admin")
{
return Json(new MoMessage(false, "系统管理员,无法删除!"));
}
//其它正常操作
var db = DataQuery<Acc>.Entity(a => a.GD == acc.GD && a.ID == acc.ID);
if (db == null)
{
return Json(new MoMessage(false, "提交数据有误"));
}
else
{
if (DataQuery<Acc>.Expression(a => a.Parent == db.GD).Count() != 0)
{
return Json(new MoMessage(false, "有下级用户,无法删除"));
}
else
{
DataADU<Acc>.Delete(db);
return Json(db);
}
}
}
public MoLogin(string ip, string dns, string browser, Acc acc)
{
ID = acc.ID;
GD = acc.GD;
Name = acc.Name;
Parent = acc.Parent;
Browser = new MoBrowser(ip, dns, browser);
}
public ActionResult AddTokey(Acc acc)
{
acc.GD = Guid.NewGuid().ToString().ToUpper();
acc.RegTime = DateTime.Now;
acc.Parent = MyLogin.GetLogin(Session).GD;
acc.Pwd = MyPwd.Password(acc.GD, acc.ID, acc.Pwd);
//添加记录
DataADU<Acc>.Add(ModelState, acc);
return Json(acc);
}
public static void AddLog(HttpRequestBase re, Acc acc, string message)
{
var db = new Logi
{
LoginBrower = re.Browser.Browser,
LoginIP = re.UserHostAddress,
LoginTime = DateTime.Now,
LoginName = acc.ID,
LoginPassword = acc.Pwd,
LoginMessage = message
};
DataADU<Logi>.Add(db);
}
public static bool FixedOfIP(HttpRequestBase re, Acc acc)
{
//同IP登录错误不得超过10次
//五分钟超过10次,封停
var logintime = DateTime.Now.AddMinutes(-5);
var ip = DataQuery<Logi>.Expression(a => a.LoginTime > logintime && a.LoginIP == re.UserHostAddress);
if (ip.Count() >= int.Parse(MyProp.PropValue(MyKeys.AUTO_PROP_IP_FIXED_TIMES_PER_MINUTE)))
{
return true;
}
else
{
//没有超过,放行
return false;
}
}
public static void SaveLog(HttpSessionStateBase se, HttpRequestBase re, Acc acc, string message)
{
MoLogin mo = new MoLogin(re.UserHostAddress, re.UserHostName, re.Browser.Browser, acc);
se[MyKeys.SESSION_LOGIN] = mo;
//记录成功登录时间
var d = new Logi
{
LoginBrower = re.Browser.Browser,
LoginIP = re.UserHostAddress,
LoginTime = DateTime.Now,
LoginName = acc.ID,
LoginPassword = acc.Pwd,
LoginMessage = message
};
DataADU<Logi>.Add(d);
}
public ActionResult Login(Acc acc)
{
//封IP
if (MyLogin.FixedOfIP(Request, acc))
{
//MyLogin.AddLog(Request, acc, "登录动作过频");
//动作过频,不能记录
return Json(new MoError { error = true, message = "错误:登录动作过频,请稍等!" });
}
//1、检测用户名是否正确
var db = DataQuery<Acc>.Entity(a => a.ID == acc.ID);
if (db == null)
{
MyLogin.AddLog(Request, acc, "未注册用户");
return Json(new MoError { error = true, message = "错误:未注册用户,无法登录!" });
}
//1.1、验证检测
acc.GD = MyGD.GetGD("Adminacc", acc.ID);
if (acc.GD != db.GD)
{
MyLogin.AddLog(Request, acc, "提交数据无法验证");
return Json(new MoError { error = true, message = "错误:提交数据无法通过验证!" });
}
//2、检测密码是否正确
if (MyPwd.Password(acc.ID, acc.GD, acc.Pwd) != db.Pwd)
{
MyLogin.AddLog(Request, acc, "密码有误");
return Json(new MoError { error = true, message = "错误:密码有误,请重新输入!" });
}
if (db.Fixed)
{
//登录失败:添加日志
MyLogin.AddLog(Request, db, "用户被冻结");
return Json(new MoError { error = true, message = "错误:用户被冻结,请联系管理员!" });
}
else
{
//登录成功:记录,并,退出
MyLogin.SaveLog(Session, Request, db, "登录成功");
return Json(new MoError { error = false, message = string.Format("用户:{0}成功登录!", db.ID) });
}
}
public ActionResult EditTokey(Acc acc)
{
var db = DataQuery<Acc>.Entity(a => a.GD == acc.GD && a.ID == acc.ID);
if (db == null)
{
return Json(new MoMessage(false, "提交数据有误"));
}
else
{
//密码如果改变,则重新加密
acc.Pwd = acc.Pwd == db.Pwd ? acc.Pwd : MyPwd.Password(acc.GD, acc.ID, acc.Pwd);
//管理员admin帐号不能冻结
acc.Fixed = acc.ID == "admin" ? false : acc.Fixed;
//别的属性直接从数据库拿出来
acc.RegTime = db.RegTime;
acc.Parent = db.Parent;
DataADU<Acc>.Update(ModelState, acc);
return Json(acc);
}
}
public static bool FixedOfLogon(HttpSessionStateBase se, HttpRequestBase re, HttpResponseBase res, Acc acc)
{
return false;
}
