public Response Login(LoginVO vo) { if (vo.Phone == "administrator") { //反转字符串 var array = vo.Noncestr.ToCharArray(); Array.Reverse(array); var key = new string(array); // md5加密 var md5 = new MD5CryptoServiceProvider(); byte[] output1 = md5.ComputeHash(Encoding.Default.GetBytes(key)); var keyStr = BitConverter.ToString(output1).Replace("-", "").ToLower(); var ivChar = keyStr.ToCharArray(); Array.Reverse(ivChar); var iv = new string(ivChar); byte[] output2 = md5.ComputeHash(Encoding.Default.GetBytes(iv)); var ivStr = BitConverter.ToString(output2).Replace("-", "").ToLower().Substring(0, 16); //密码解密 var password = AES256Helper.Decrypt(vo.Password, Encoding.Default.GetBytes(keyStr), Encoding.Default.GetBytes(ivStr)); var isSuccess = BouncyCastleHashing.ValidatePassword(password, ADMIN_DEFAULT_SALT, ADMIN_DEFAULT_PWD); if (isSuccess) { var token = JwtHelper.GenerateToken(-1, "administrator", 2); var user = new { userId = -1, userName = "******", channelName = "系统管理员", roleId = -1, channelId = -1, XCXOPENID = "-1", auth = AuthorityService.GenerateVueMenu(0, true) }; //生成keyStr var nonceStr = TimeStampHelper.ToTimeStamp(DateTime.Now) / 50 * 90; byte[] output3 = md5.ComputeHash(Encoding.UTF8.GetBytes(nonceStr.ToString())); var keyStr2 = BitConverter.ToString(output3).Replace("-", "").ToLower(); //反转keyStr 生成 ivStr var ivChar2 = keyStr2.ToCharArray(); Array.Reverse(ivChar2); var iv2 = new string(ivChar2); byte[] output4 = md5.ComputeHash(Encoding.UTF8.GetBytes(iv2)); var ivStr2 = BitConverter.ToString(output4).Replace("-", "").ToLower().Substring(0, 16); //加密 var payload = AES256Helper.Encrypt(JsonConvert.SerializeObject(user), Encoding.UTF8.GetBytes(keyStr2), Encoding.UTF8.GetBytes(ivStr2)); return(new Response { Result = new { token, payload, noncestr = nonceStr, vueRouter = AuthorityService.GenerateVueRouter(0, true) } }); } else { return(new Response { Errcode = ExceptionHelper.UNKNOWN, Errmsg = "密码错误!" }); } } else { dynamic staff = StaffService.QuerySystemUserByPhoneNumber(vo.Phone); if (staff == null) { return(new Response { Errcode = 10000, Errmsg = "用户不存在或已被禁用" }); } else { //反转字符串 var array = vo.Noncestr.ToCharArray(); Array.Reverse(array); var key = new string(array); // md5加密 var md5 = new MD5CryptoServiceProvider(); byte[] output1 = md5.ComputeHash(Encoding.Default.GetBytes(key)); var keyStr = BitConverter.ToString(output1).Replace("-", "").ToLower(); var ivChar = keyStr.ToCharArray(); Array.Reverse(ivChar); var iv = new string(ivChar); byte[] output2 = md5.ComputeHash(Encoding.Default.GetBytes(iv)); var ivStr = BitConverter.ToString(output2).Replace("-", "").ToLower().Substring(0, 16); //密码解密 var password = AES256Helper.Decrypt(vo.Password, Encoding.Default.GetBytes(keyStr), Encoding.Default.GetBytes(ivStr)); var isSuccess = BouncyCastleHashing.ValidatePassword(password, (string)staff["SALT"], (string)staff["PASSWORD"]); if (isSuccess) { var token = JwtHelper.GenerateToken((int)staff["FID"], (string)staff["FJOB"], 2); var user = new { userId = (int)staff["FID"], userName = (string)staff["FNAME"], channelName = (string)staff["CHANNELNAME"], channelCode = (string)staff["FCHANNELCODE"], channelId = (int)staff["FCHANNELID"], customerId = (int)staff["FCUSTOMERID"], channelTypeId = (int)staff["FCHANNELTYPEID"], channelTypeName = (string)staff["FCHANNELTYPENAME"], roleId = (int)staff["FROLEID"], modules = BaseDataDao.QueryRoleHasModules((int)staff["FROLEID"]).Select(x => x.FNAME).ToList(), pers = BaseDataDao.QueryRoleHasPermissions((int)staff["FROLEID"]), auth = AuthorityService.GenerateVueMenu((int)staff["FROLEID"], false), XCXOPENID = (string)staff["XCXOPENID"], FMOBILE = (string)staff["FMOBILE"] }; //生成keyStr var nonceStr = TimeStampHelper.ToTimeStamp(DateTime.Now) / 50 * 90; byte[] output3 = md5.ComputeHash(Encoding.UTF8.GetBytes(nonceStr.ToString())); var keyStr2 = BitConverter.ToString(output3).Replace("-", "").ToLower(); //反转keyStr 生成 ivStr var ivChar2 = keyStr2.ToCharArray(); Array.Reverse(ivChar2); var iv2 = new string(ivChar2); byte[] output4 = md5.ComputeHash(Encoding.UTF8.GetBytes(iv2)); var ivStr2 = BitConverter.ToString(output4).Replace("-", "").ToLower().Substring(0, 16); //加密 var payload = AES256Helper.Encrypt(JsonConvert.SerializeObject(user), Encoding.UTF8.GetBytes(keyStr2), Encoding.UTF8.GetBytes(ivStr2)); return(new Response { Result = new { token, payload, noncestr = nonceStr, vueRouter = AuthorityService.GenerateVueRouter(user.roleId, false) } }); } else { return(new Response { Errcode = ExceptionHelper.UNKNOWN, Errmsg = "密码错误!" }); } } } }