protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
//Response.Redirect("Maintenance.aspx");
if (Request.QueryString.Count > 0 && Request.QueryString["email"] != null && Request.QueryString["pwd"] != null)
{
Session.Clear();
string uname = DataSecurity.Decrypt(Request.QueryString["email"].ToString());
string pwd = "ABC"; //DataSecurity.Decrypt(Request.QueryString["pwd"].ToString());
userlogin(uname, pwd);
}
if (GlobalVarables.isAuthenticated(Session))
{
if (Request.QueryString.Count > 0 && Request.QueryString["From"] != null && Request.QueryString["From"].ToString() == "Cart")
{
Response.Redirect("~/MemberPanel/Repurchase_1.aspx");
}
else
{
Response.Redirect("~/MemberPanel/DashBoard.aspx");
//Response.Redirect("~/MemberPanel/PromotrackerNov.aspx");
//Response.Redirect("~/MemberPanel/PromotionFeb.aspx");
//Response.Redirect("~/MemberPanel/AprilPromoTracker.aspx");
//Response.Redirect("~/MemberPanel/AnualBonanza.aspx");
}
}
}
}
private void btnOK_Click(object sender, System.Web.UI.ImageClickEventArgs e)
{
//确定修改密码
try
{
if (txtOldPwd.Text.Length == 0 || txtNewPwd.Text.Length == 0 || txtConfirmPwd.Text.Length == 0)
{
throw new BusinessException("UpdatePwd", "不能为空!");
}
if (txtOldPwd.Text.Equals(txtNewPwd.Text))
{
throw new BusinessException("UpdatePwd", "新老密码一样!");
}
if (!txtNewPwd.Text.Equals(txtConfirmPwd.Text))
{
throw new BusinessException("UpdatePwd", "确认密码和新密码不一致!");
}
if (!txtOldPwd.Text.Equals(DataSecurity.Decrypt(oper.cnvcOperPwd)))
{
throw new BusinessException("UpdatePwd", "输入的旧密码错误!");
}
oper.cnvcOperPwd = DataSecurity.Encrypt(txtNewPwd.Text);
SysManageFacade.UpdatePwd(oper);
Popup("密码修改成功!");
//更新会话
Session[ConstApp.S_OPER] = oper;
}
catch (Exception ex)
{
Popup(ex.Message);
}
}
async void DatosUsuario()
{
usuarios = await data.GetUsuarios();
userID = usuarios.Where(x => x.UsuarioNombreReal == _usuario).Select(y => y.UsuarioID).FirstOrDefault();
perfilUsuario = await data.GetUsuario(userID);
txtNombreRealPerfil.Text = perfilUsuario.UsuarioNombreReal;
txtCorreoPerfil.Text = perfilUsuario.UsuarioCorreo;
txtUsuarioPerfil.Text = perfilUsuario.UsuarioNombre;
txtClavePerfil.Text = DataSecurity.Decrypt(perfilUsuario.UsuarioClave, "sblw-3hn8-sqoy19");
}
private void btnOK_Click(object sender, System.Web.UI.ImageClickEventArgs e)
{
//确定修改密码
try
{
if (txtOldPwd.Text.Length == 0 || txtNewPwd.Text.Length == 0 || txtConfirmPwd.Text.Length == 0)
{
throw new BusinessException("UpdatePwd", "不能为空!");
}
if (txtOldPwd.Text.Equals(txtNewPwd.Text))
{
throw new BusinessException("UpdatePwd", "新老密码一样!");
}
if (!txtNewPwd.Text.Equals(txtConfirmPwd.Text))
{
throw new BusinessException("UpdatePwd", "确认密码和新密码不一致!");
}
if (Session[ConstValue.LOGIN_USER_SESSION] == null)
{
throw new BusinessException("UpdatePwd", "请先登录!");
}
Oper oper = (Oper)Session[ConstValue.LOGIN_USER_SESSION];
if (!txtOldPwd.Text.Equals(DataSecurity.Decrypt(oper.cnvcPwd)))
{
throw new BusinessException("UpdatePwd", "输入的旧密码错误!");
}
oper.cnvcPwd = DataSecurity.Encrypt(txtNewPwd.Text);
Dept curDept = Session[ConstValue.LOGIN_DEPT_SESSION] as Dept;
Oper curOper = Session[ConstValue.LOGIN_USER_SESSION] as Oper;
BusiLog busiLog = new BusiLog();
busiLog.cndOperDate = DateTime.Now;
busiLog.cnnSerial = Guid.NewGuid();
busiLog.cnvcOperName = curOper.cnvcOperName;
busiLog.cnvcComments = "修改密码:" + oper.cnvcOperName;
busiLog.cnvcDeptID = curDept.cnvcDeptID;
busiLog.cnvcDeptName = curDept.cnvcDeptName;
busiLog.cnvcOperType = "BS006";
busiLog.cnvcSource = "网站";
OperFacade.UpdatePwd(oper, busiLog);
Session[ConstValue.LOGIN_USER_SESSION] = oper;
Popup("密码修改成功!");
}
catch (Exception ex)
{
Popup(ex.Message);
}
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
DatabaseContext dbContext = new DatabaseContext();
string userName = context.UserName;
string password = context.Password;
if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(password))
{
context.SetError("invalid_grant", "Invalid credentials");
return;
}
User user = dbContext.Users.Where(x => x.UserName == context.UserName).SingleOrDefault();
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
if (user != null)
{
UserDTO userDTO = UserDTO.From(user);
string existingPassword = DataSecurity.Decrypt(user.Password);
if (password != existingPassword)
{
context.SetError("invalid_grant", "Provided username and password is incorrect");
return;
}
UserRole userRole = dbContext.UserRoles.Where(x => x.UserId == user.Id).SingleOrDefault();
if (userRole != null)
{
identity.AddClaim(new Claim(ClaimTypes.Role, userRole.Role.Name));
identity.AddClaim(new Claim("username", user.UserName));
identity.AddClaim(new Claim(ClaimTypes.Email, user.UserName));
identity.AddClaim(new Claim(ClaimTypes.UserData, user.Id.ToString()));
identity.AddClaim(new Claim("userId", user.Id.ToString()));
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{
"username", userName
},
{
"role", userRole.Role.Name
},
{
"id", userDTO.Id.ToString()
}
});
if (userDTO.Role != null && userDTO.Role.Count > 0)
{
foreach (RoleDTO role in userDTO.Role)
{
if (role.Accesses != null && role.Accesses.Count > 0)
{
List <MenuDTO> menuList = role.Accesses.ToList();
foreach (MenuDTO menu in menuList)
{
identity.AddClaim(new Claim(ClaimTypes.Webpage, menu.ControllerName + "$%" + menu.ActionName));
}
}
}
}
string urlAPI = string.Format("api/Menu/GetByGeneralAccess?generalAccess=1");
var generlAccessMenu = dbContext.Menus.Where(x => x.IsGeneralAccess == true).ToList();
if (generlAccessMenu.Count > 0)
{
IList <MenuDTO> generlAccessMenuDTO = MenuDTO.From(generlAccessMenu);
if (generlAccessMenuDTO != null && generlAccessMenuDTO.Count > 0)
{
foreach (MenuDTO menu in generlAccessMenuDTO)
{
identity.AddClaim(new Claim(ClaimTypes.Webpage, menu.ControllerName + "$%" + menu.ActionName));
}
}
}
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(identity);
}
else
{
context.SetError("invalid_grant", "Existing user not set any Role(s)");
return;
}
}
else
{
context.SetError("invalid_grant", "Provided username and password is incorrect");
return;
}
}
public bool ValidatePassword(string pass)
{
string confirmPass = DataSecurity.Decrypt(this.Password);
return(pass == confirmPass);
}
