/// <summary> /// 取得員工登入用資料 /// </summary> public EmployeeToLogin GetEmployeeDataToLogin(string empAccount) { EmployeeToLogin entity = null; using (EmployeeAuthorityDataAccess empAuthDao = new EmployeeAuthorityDataAccess()) { entity = empAuthDao.GetEmployeeDataToLogin(empAccount); dbErrMsg = empAuthDao.GetErrMsg(); } return(entity); }
public async Task <IActionResult> LoginEmployee([FromBody] EmployeeToLogin employeeToLogin) { var response = await _employeeRepository.AuthenticateEmployee(employeeToLogin.EmployeeEmail, employeeToLogin.EmployeePassword); if (response == null || !response.Succeeded) { return(Unauthorized("Employee not found or password is invalid")); } var authResult = await MapToAuthorizationResult(employeeToLogin.EmployeeEmail); return(Ok(authResult)); }
protected void btnSubmit_Click(object sender, EventArgs e) { Master.ShowErrorMsg(""); txtCheckCode.Text = ""; if (!IsValid) { return; } txtAccount.Text = txtAccount.Text.Trim(); txtPassword.Text = txtPassword.Text.Trim(); txtNewPsw.Text = txtNewPsw.Text.Trim(); if (string.IsNullOrEmpty(hidEmpAccountOfToken.Text)) { //登入驗證 EmployeeToLogin empVerify = empAuth.GetEmployeeDataToLogin(txtAccount.Text); if (empVerify == null && empAuth.GetDbErrMsg() != "") { //異常錯誤 Master.ShowErrorMsg(string.Format("{0}: {1}", Resources.Lang.ErrMsg_Exception, empAuth.GetDbErrMsg())); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".變更密碼驗證時發生異常錯誤,帳號[{0}] .An exception error occurred during change password verification! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); return; } //判斷是否有資料 if (empVerify == null) { //沒資料 Master.ShowErrorMsg(ACCOUNT_FAILED_ERRMSG); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".(變更密碼)帳號不存在,輸入帳號[{0}] .(change password)Account doesn't exist! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); return; } //有資料 //擋 role-guest if (empVerify.RoleName == "guest") { Master.ShowErrorMsg(Resources.Lang.ErrMsg_RoleGuestIsNotAllowedToUse); return; } //檢查密碼 string passwordHash = HashUtility.GetPasswordHash(txtPassword.Text); string empPassword = empVerify.EmpPassword; bool isPasswordCorrect = false; if (empVerify.PasswordHashed) { isPasswordCorrect = (passwordHash == empPassword); } else { isPasswordCorrect = (txtPassword.Text == empPassword); } if (!isPasswordCorrect) { Master.ShowErrorMsg(ACCOUNT_FAILED_ERRMSG); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".(變更密碼)密碼錯誤,帳號[{0}] .(change password)Password is incorrect! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); return; } //檢查是否停權 if (empVerify.IsAccessDenied) { Master.ShowErrorMsg(Resources.Lang.ErrMsg_AccountUnavailable); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".(變更密碼)帳號停用,帳號[{0}] .(change password)Account is denied! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); return; } //檢查上架日期 if (string.Compare(txtAccount.Text, "admin", true) != 0) // 不檢查帳號 admin { DateTime startDate = empVerify.StartDate.Value.Date; DateTime endDate = empVerify.EndDate.Value.Date; DateTime today = DateTime.Today; if (today < startDate || endDate < today) { Master.ShowErrorMsg(Resources.Lang.ErrMsg_AccountUnavailable); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".(變更密碼)帳號超出有效範圍,帳號[{0}] .(change password)Account validation date is out of range! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); return; } } } else if (string.Compare(txtAccount.Text, hidEmpAccountOfToken.Text.Trim(), true) != 0) { Master.ShowErrorMsg(ACCOUNT_FAILED_ERRMSG); //新增後端操作記錄 string description = string.Format(".(變更密碼)來自[{0}]重置密碼連結但是輸入錯誤帳號,輸入值[{1}] .(change password)From [{0}] reset password link but enter the wrong account! Input[{1}]", hidEmpAccountOfToken.Text, txtAccount.Text); empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = description, IP = c.GetClientIP() }); return; } //記錄登入時間與IP empAuth.UpdateEmployeeLoginInfo(txtAccount.Text, c.GetClientIP()); //確認可登入後,取得員工資料 EmployeeForBackend emp = empAuth.GetEmployeeData(txtAccount.Text); if (emp == null && empAuth.GetDbErrMsg() != "") { //異常錯誤 Master.ShowErrorMsg(string.Format("{0}: {1}", Resources.Lang.ErrMsg_Exception, empAuth.GetDbErrMsg())); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".(變更密碼)帳號登入取得使用者資料時發生異常錯誤,帳號[{0}] .(change password)An exception error occurred during obtaining user profile! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); return; } string empAccount = emp.EmpAccount; string empName = emp.EmpName; string email = emp.Email; bool result = empAuth.UpdateEmployeePassword(empAccount, HashUtility.GetPasswordHash(txtNewPsw.Text)); if (result) { if (!string.IsNullOrEmpty(hidEmpAccountOfToken.Text)) { //清除Email驗證用唯一值 empAuth.UpdateEmployeePasswordResetKey(hidEmpAccountOfToken.Text, ""); } //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = empAccount, Description = ".變更密碼 .Change password", IP = c.GetClientIP() }); // Email notice if (empName.Trim() == "") { empName = empAccount; } UserInfo userInfo = new UserInfo() { EmpAccount = empAccount, EmpName = empName, Email = email }; bool sentResult = false; if (LangManager.Instance.GetCultureName(c.qsLangNo.ToString()) == LangManager.CultureNameZHTW) { sentResult = SendNoticeMailToUserZhTw(userInfo); } else { sentResult = SendNoticeMailToUserEn(userInfo); } if (!sentResult) { c.LoggerOfUI.Error(string.Format("Account[{0}] Email[{1}] send notice mail to user failed.", empAccount, email)); } StringBuilder sbScript = new StringBuilder(200); sbScript.AppendFormat("window.alert('{0}!');", Resources.Lang.PswChange_Success).AppendLine(); sbScript.AppendFormat("window.location='{0}?l={1}';", FormsAuthentication.LoginUrl, c.qsLangNo).AppendLine(); ClientScript.RegisterStartupScript(GetType(), "", sbScript.ToString(), true); } else { Master.ShowErrorMsg(Resources.Lang.ErrMsg_ChangePasswordException); } }
protected void btnLogin_Click(object sender, EventArgs e) { txtCheckCode.Text = ""; if (!IsValid) { return; } txtAccount.Text = txtAccount.Text.Trim(); txtPassword.Text = txtPassword.Text.Trim(); //登入驗證 EmployeeToLogin empVerify = empAuth.GetEmployeeDataToLogin(txtAccount.Text); if (empVerify == null && empAuth.GetDbErrMsg() != "") { //異常錯誤 ShowErrorMsg(string.Format("{0}: {1}", Resources.Lang.ErrMsg_Exception, empAuth.GetDbErrMsg())); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".帳號登入驗證時發生異常錯誤,帳號[{0}] .An exception error occurred during login verification! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); //檢查登入失敗次數,是否顯示驗證圖 CheckLoginFailedCountToShowCaptcha(true); return; } //判斷是否有資料 if (empVerify == null) { //沒資料 ShowErrorMsg(ACCOUNT_FAILED_ERRMSG); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".帳號不存在,輸入帳號[{0}] .Account doesn't exist! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); //檢查登入失敗次數,是否顯示驗證圖 CheckLoginFailedCountToShowCaptcha(true); return; } //有資料 //檢查密碼 string passwordHash = HashUtility.GetPasswordHash(txtPassword.Text); string empPassword = empVerify.EmpPassword; bool isPasswordCorrect = false; if (empVerify.PasswordHashed) { isPasswordCorrect = (passwordHash == empPassword); } else { isPasswordCorrect = (txtPassword.Text == empPassword); } if (!isPasswordCorrect) { ShowErrorMsg(ACCOUNT_FAILED_ERRMSG); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".密碼錯誤,帳號[{0}] .Password is incorrect! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); //檢查登入失敗次數,是否顯示驗證圖 CheckLoginFailedCountToShowCaptcha(true); return; } //檢查是否停權 if (empVerify.IsAccessDenied) { ShowErrorMsg(Resources.Lang.ErrMsg_AccountUnavailable); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".帳號停用,帳號[{0}] .Account is denied! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); //檢查登入失敗次數,是否顯示驗證圖 CheckLoginFailedCountToShowCaptcha(true); return; } //檢查上架日期 if (string.Compare(txtAccount.Text, "admin", true) != 0) // 不檢查帳號 admin { DateTime startDate = empVerify.StartDate.Value.Date; DateTime endDate = empVerify.EndDate.Value.Date; DateTime today = DateTime.Today; if (today < startDate || endDate < today) { ShowErrorMsg(Resources.Lang.ErrMsg_AccountUnavailable); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".帳號超出有效範圍,帳號[{0}] .Account validation date is out of range! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); //檢查登入失敗次數,是否顯示驗證圖 CheckLoginFailedCountToShowCaptcha(true); return; } } //記錄登入時間與IP empAuth.UpdateEmployeeLoginInfo(txtAccount.Text, c.GetClientIP()); //確認可登入後,取得員工資料 EmployeeForBackend emp = empAuth.GetEmployeeData(txtAccount.Text); if (emp == null && empAuth.GetDbErrMsg() != "") { //異常錯誤 ShowErrorMsg(string.Format("{0}: {1}", Resources.Lang.ErrMsg_Exception, empAuth.GetDbErrMsg())); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = "", Description = string.Format(".帳號登入取得使用者資料時發生異常錯誤,帳號[{0}] .An exception error occurred during obtaining user profile! Account[{0}]", txtAccount.Text), IP = c.GetClientIP() }); //檢查登入失敗次數,是否顯示驗證圖 CheckLoginFailedCountToShowCaptcha(true); return; } //清除登入失敗次數 c.seLoginFailedCount = 0; DateTime thisLoginTime = DateTime.MinValue, lastLoginTime = DateTime.MinValue; if (emp.ThisLoginTime.HasValue) { thisLoginTime = emp.ThisLoginTime.Value; } if (emp.LastLoginTime.HasValue) { lastLoginTime = emp.LastLoginTime.Value; } LoginEmployeeData loginEmpData = new LoginEmployeeData() { EmpId = emp.EmpId, EmpName = emp.EmpName, Email = emp.Email, DeptId = emp.DeptId, DeptName = emp.DeptName, RoleId = emp.RoleId, RoleName = emp.RoleName, RoleDisplayName = emp.RoleDisplayName, StartDate = emp.StartDate.Value, EndDate = emp.EndDate.Value, EmpAccount = emp.EmpAccount, ThisLoginTime = thisLoginTime, ThisLoginIP = emp.ThisLoginIP, LastLoginTime = lastLoginTime, LastLoginIP = emp.LastLoginIP }; c.SaveLoginEmployeeDataIntoSession(loginEmpData); //新增後端操作記錄 empAuth.InsertBackEndLogData(new BackEndLogData() { EmpAccount = c.GetEmpAccount(), Description = ".登入系統! .Logged in!", IP = c.GetClientIP() }); //記錄指定語系 c.seLangNoOfBackend = c.qsLangNo; //設定已登入 FormsAuthentication.RedirectFromLoginPage(c.seLoginEmpData.EmpAccount, false); /* 需要帶入額外參數時使用 * if (string.IsNullOrEmpty(Request.QueryString["ReturnUrl"])) * { * FormsAuthentication.SetAuthCookie(c.seLoginEmpData.EmpAccount, false); * Response.Redirect(FormsAuthentication.DefaultUrl + "?l=" + c.qsLangNo.ToString()); * } */ }