/// <summary>注销</summary> public ActionResult SignOut() { string accountIdentityName = KernelContext.Current.AuthenticationManagement.IdentityName; // 获取当前用户信息 IAccountInfo account = KernelContext.Current.User; KernelContext.Current.AuthenticationManagement.Logout(); // ------------------------------------------------------- // Session // ------------------------------------------------------- Session.Abandon(); HttpAuthenticationCookieSetter.ClearUserCookies(); Response.Cookies[accountIdentityName].Value = null; Response.Cookies[accountIdentityName].Expires = DateTime.Now.AddDays(-1); // ------------------------------------------------------- // IIdentity // ------------------------------------------------------- if (this.User != null && this.User.Identity.IsAuthenticated) { FormsAuthentication.SignOut(); } // 记录帐号操作日志 MembershipManagement.Instance.AccountLogService.Log(account.Id, "退出", string.Format("【{0}】在 {1} 登录了系统。【IP:{2}】", account.Name, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), IPQueryContext.GetClientIP())); return(View("/views/" + LocateFolder("main") + "/account/sign-out.cshtml")); }
/// <summary></summary> /// <param name="account"></param> /// <returns></returns> private string TryGetNavigationPortalIdentity(IAccountInfo account) { string portalIdentity = HttpContext.Current.Request.QueryString["portalIdentity"]; // ����û��ָ���Ż���ʶ������ȡ��ǰ�û���Ĭ�Ϲ�˾ΪĬ���Ż� if (string.IsNullOrEmpty(portalIdentity)) { if (HttpContext.Current.Request.Cookies["portalIdentity"] == null) { MemberInfo member = (MemberInfo)MembershipManagement.Instance.MemberService[account.Id]; // Ĭ���Ż���ʶ string defaultPortIdentity = "00000000-0000-0000-0000-000000000001"; if (member != null && member.Corporation != null) { string whereClause = string.Format(@" OrganizationId = ##{0}## AND Status = 1 ORDER BY OrderId ", member.CorporationId); IList <NavigationPortalInfo> list = NavigationContext.Instance.NavigationPortalService.FindAll(whereClause); HttpContext.Current.Response.Cookies.Add(new HttpCookie("portalIdentity")); HttpContext.Current.Response.Cookies["portalIdentity"].Value = list.Count > 0 ? list[0].Id : defaultPortIdentity; HttpContext.Current.Response.Cookies["portalIdentity"].Domain = HttpAuthenticationCookieSetter.ParseDomain(); } else { // Ĭ���Ż� HttpContext.Current.Response.Cookies.Add(new HttpCookie("portalIdentity")); HttpContext.Current.Response.Cookies["portalIdentity"].Value = defaultPortIdentity; HttpContext.Current.Response.Cookies["portalIdentity"].Domain = HttpAuthenticationCookieSetter.ParseDomain(); } } portalIdentity = HttpContext.Current.Request.Cookies["portalIdentity"].Value; } else { // �����ֹ�ָ���Ż���ʶ�������õ�ǰ�û����Ż��� if (HttpContext.Current.Request.Cookies["portalIdentity"] == null) { HttpContext.Current.Response.Cookies.Add(new HttpCookie("portalIdentity")); } HttpContext.Current.Response.Cookies["portalIdentity"].Value = portalIdentity; HttpContext.Current.Response.Cookies["portalIdentity"].Domain = HttpAuthenticationCookieSetter.ParseDomain(); } return(portalIdentity); }
// ------------------------------------------------------- // 退出帐号 // ------------------------------------------------------- #region 函数:Quit(XmlDocument doc) /// <summary>退出</summary> public string Quit(XmlDocument doc) { string identityName = KernelContext.Current.AuthenticationManagement.IdentityName; // 获取当前用户信息 IAccountInfo account = KernelContext.Current.User; KernelContext.Current.AuthenticationManagement.Logout(); // ------------------------------------------------------- // Session // ------------------------------------------------------- HttpContext.Current.Session.Clear(); // Mono 2.10.9 版本的 InProc 模式下调用 Session.Abandon() 会引发如下错误 // System.NullReferenceException: Object reference not set to an instance of an object at // System.Web.SessionState.SessionInProcHandler.GetItemInternal (System.Web.HttpContext context, System.String id, System.Boolean& locked, System.TimeSpan& lockAge, System.Object& lockId, System.Web.SessionState.SessionStateActions& actions, Boolean exclusive) if (Environment.OSVersion.Platform == PlatformID.Win32NT) { HttpContext.Current.Session.Abandon(); } HttpAuthenticationCookieSetter.ClearUserCookies(); HttpContext.Current.Response.Cookies[identityName].Value = null; HttpContext.Current.Response.Cookies[identityName].Expires = DateTime.Now.AddDays(-1); // ------------------------------------------------------- // IIdentity // ------------------------------------------------------- if (HttpContext.Current.User != null && HttpContext.Current.User.Identity.IsAuthenticated) { FormsAuthentication.SignOut(); } // 记录帐号操作日志 MembershipManagement.Instance.AccountLogService.Log(account.Id, "membership.member.quit", string.Format("【{0}】在 {1} 退出了系统。【IP:{2}】", account.Name, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), IPQueryContext.GetClientIP())); return("{\"message\":{\"returnCode\":0,\"value\":\"已成功退出。\"}}"); }
// ------------------------------------------------------- // 接口地址:/api/connect.auth.authorize.aspx // ------------------------------------------------------- #region 函数:GetAuthorizeCode(XmlDocument doc) /// <summary>获取详细信息</summary> /// <param name="doc">Xml 文档对象</param> /// <returns>返回操作结果</returns> public string GetAuthorizeCode(XmlDocument doc) { StringBuilder outString = new StringBuilder(); string clientId = XmlHelper.Fetch("clientId", doc); string redirectUri = XmlHelper.Fetch("redirectUri", doc); string responseType = XmlHelper.Fetch("responseType", doc); string scope = XmlHelper.Fetch("scope", doc); string style = XmlHelper.Fetch("style", doc); string loginName = XmlHelper.Fetch("loginName", doc); string password = XmlHelper.Fetch("password", doc); if (string.IsNullOrEmpty(loginName) || string.IsNullOrEmpty(password)) { HttpContentTypeHelper.SetValue("html"); return(CreateLoginPage(clientId, redirectUri, responseType, scope)); } else { // 当前用户信息 IAccountInfo account = MembershipManagement.Instance.AccountService.LoginCheck(loginName, password); if (account == null) { if (string.IsNullOrEmpty(responseType)) { outString.Append("{\"message\":{\"returnCode\":1,\"value\":\"帐号或者密码错误。\"}}"); return(outString.ToString()); } else { // 输出登录页面 // 设置输出的内容类型,默认为 html 格式。 HttpContentTypeHelper.SetValue("html"); return(CreateLoginPage(clientId, redirectUri, responseType, scope)); } } else { // 检验是否有授权码 if (!ConnectContext.Instance.ConnectAuthorizationCodeService.IsExist(clientId, account.Id)) { ConnectAuthorizationCodeInfo authorizationCode = new ConnectAuthorizationCodeInfo(); authorizationCode.Id = DigitalNumberContext.Generate("Key_32DigitGuid"); authorizationCode.AppKey = clientId; authorizationCode.AccountId = account.Id; authorizationCode.AuthorizationScope = string.IsNullOrEmpty(scope) ? "public" : scope; ConnectContext.Instance.ConnectAuthorizationCodeService.Save(authorizationCode); } // 设置访问令牌 ConnectContext.Instance.ConnectAccessTokenService.Write(clientId, account.Id); // 设置会话信息 ConnectAccessTokenInfo token = ConnectContext.Instance.ConnectAccessTokenService.FindOneByAccountId(clientId, account.Id); // 记录日志 string ip = IPQueryContext.GetClientIP(); MembershipManagement.Instance.AccountService.SetIPAndLoginDate(account.Id, ip, DateTime.Now); MembershipManagement.Instance.AccountLogService.Log(account.Id, "connect.auth.authorize", string.Format("【{0}】在 {1} 登录了系统。【IP:{2}】", account.Name, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), ip)); string sessionId = token.AccountId + "-" + token.Id; KernelContext.Current.AuthenticationManagement.AddSession(clientId, sessionId, account); HttpAuthenticationCookieSetter.SetUserCookies(sessionId); string code = ConnectContext.Instance.ConnectAuthorizationCodeService.GetAuthorizationCode(clientId, account); // responseType == null 则输出令牌信息 if (string.IsNullOrEmpty(responseType)) { outString.Append("{\"data\":" + AjaxUtil.Parse <ConnectAccessTokenInfo>(token) + ","); outString.Append("\"message\":{\"returnCode\":0,\"value\":\"验证成功。\"}}"); string callback = XmlHelper.Fetch("callback", doc); return(string.IsNullOrEmpty(callback) ? outString.ToString() : callback + "(" + outString.ToString() + ")"); } else if (responseType == "code") { HttpContext.Current.Response.Redirect(CombineUrlAndAuthorizationCode(redirectUri, code)); } else if (responseType == "token") { HttpContext.Current.Response.Redirect(CombineUrlAndAccessToken(redirectUri, token)); } else { HttpContext.Current.Response.Redirect(CombineUrlAndAuthorizationCode(redirectUri, code)); } } } outString.Append("{\"message\":{\"returnCode\":0,\"value\":\"执行成功。\"}}"); return(outString.ToString()); }
// ------------------------------------------------------- // 登录帐号 // ------------------------------------------------------- #region 函数:Auth(XmlDocument doc) /// <summary>验证</summary> public string Auth(XmlDocument doc) { // ------------------------------------------------------- // 验证码 验证 // ------------------------------------------------------- // 帐号信息 IAccountInfo account = null; // 用户信息 IMemberInfo member = null; string loginName = XmlHelper.Fetch("loginName", doc); string password = XmlHelper.Fetch("password", doc); switch (KernelConfigurationView.Instance.AuthenticationManagementType) { // Http 方式验证 (生产环境) case "X3Platform.Membership.Authentication.HttpAuthenticationManagement,X3Platform.Membership": string serverValidateCode = (HttpContext.Current.Session["ServerValidateCode"] == null ? string.Empty : HttpContext.Current.Session["AdminCheckCode"].ToString()); string clientValidateCode = XmlHelper.Fetch("validatecode", doc); if (string.IsNullOrEmpty(clientValidateCode)) { // -*- 不设置验证码 -*- // 3.验证码失效. // return "{\"message\":{\"returnCode\":3,\"value\":\"验证码失效。\"}}"; } else if (clientValidateCode != serverValidateCode.ToUpper()) { // 2.验证码不匹配. return("{\"message\":{\"returnCode\":2,\"value\":\"验证码不匹配。\"}}"); } account = MembershipManagement.Instance.AccountService.LoginCheck(loginName, password); break; // Http 方式验证 (测试环境) case "X3Platform.Membership.Authentication.MockAuthenticationManagement,X3Platform.Membership": if (password == MembershipConfigurationView.Instance.MockAuthenticationPassword) { account = MembershipManagement.Instance.AccountService.FindOneByLoginName(loginName); } else { return("{\"message\":{\"returnCode\":1,\"value\":\"密码错误, 系统当前的验证方式是模拟测试验证, 请从联系管理员获取测试密码。\"}}"); } break; case "X3Platform.Membership.Authentication.NLMAuthenticationManagement,X3Platform.Membership": return("{\"message\":{\"returnCode\":1,\"value\":\"系统当前的验证方式是Windows集成验证, 请使用Windows验证方式登录。\"}}"); case "X3Platform.Membership.Authentication.SSOAuthenticationManagement,X3Platform.Membership": return("{\"message\":{\"returnCode\":1,\"value\":\"系统当前的验证方式是单点登录验证, 请从门户登录。\"}}"); default: return("{\"message\":{\"returnCode\":1,\"value\":\"系统未设置任何登录方式, 请从联系管理员。\"}}"); } if (account == null) { // 1.用户名和密码不正确. return("{\"message\":{\"returnCode\":1,\"value\":\"用户名和密码不正确。\"}}"); } else { if (account.Status == 0) { // 2.用户名和密码不正确. return("{\"message\":{\"returnCode\":1,\"value\":\"此帐号被禁用,如有问题请联系提供管理员。\"}}"); } MembershipManagement.Instance.AccountService.SetIPAndLoginDate(account.Id, IPQueryContext.GetClientIP(), DateTime.Now); member = this.service.FindOne(account.Id); // 4.此帐号无此权限,请联系管理员。 if (member == null) { return("{\"message\":{\"returnCode\":4,\"value\":\"此帐号无此权限,请联系管理员。\"}}"); } // 设置帐号在线状态信息 member.Account.LoginName = loginName; member.Account.IP = IPQueryContext.GetClientIP(); string accountIdentity = string.Format("{0}-{1}", account.Id, DigitalNumberContext.Generate("Key_Session")); KernelContext.Current.AuthenticationManagement.AddSession(string.Empty, accountIdentity, account); HttpAuthenticationCookieSetter.SetUserCookies(accountIdentity); // 设置本地登录帐号 HttpContext.Current.Response.Cookies.Add(new HttpCookie("session-local-account", "{\"id\":\"" + account.Id + "\",\"name\":\"" + HttpUtility.UrlEncode(account.Name) + "\",\"loginName\":\"" + account.LoginName + "\"}")); // 设置本地服务器状态 HttpContext.Current.Response.Cookies.Add(new HttpCookie("session-local-status", "1")); MembershipManagement.Instance.AccountLogService.Log(account.Id, "membership.member.quit", string.Format("【{0}】在 {1} 登录了系统。【IP:{2}】", ((IAuthorizationObject)member.Account).Name, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), member.Account.IP)); FormsAuthentication.SetAuthCookie(loginName, false); } return("{\"message\":{\"returnCode\":0,\"value\":\"登录成功。\"}}"); }
// ------------------------------------------------------- // 注册帐号 // ------------------------------------------------------- #region 函数:Register(XmlDocument doc) /// <summary>注册帐号</summary> /// <param name="doc">Xml 文档对象</param> /// <returns></returns> public string Register(XmlDocument doc) { IAccountInfo param = new AccountInfo(); // Registration 注册类型: email | mobile | default string registration = XmlHelper.Fetch("registration", doc); // 登陆名 string loginName = XmlHelper.Fetch("loginName", doc); // 姓名 string name = XmlHelper.Fetch("name", doc); // 手机号码 string mobile = XmlHelper.Fetch("mobile", doc); // 邮箱 string email = XmlHelper.Fetch("email", doc); // 密码 string password = XmlHelper.Fetch("password", doc); string code = XmlHelper.Fetch("code", doc); if (registration == "mail") { if (string.IsNullOrEmpty(email)) { return("{\"message\":{\"returnCode\":1,\"value\":\"必须填写电子邮箱。\"}}"); } if (MembershipManagement.Instance.AccountService.IsExistCertifiedEmail(email)) { return("{\"message\":{\"returnCode\":1,\"value\":\"此邮箱已经存在。\"}}"); } if (!VerificationCodeContext.Instance.VerificationCodeService.Validate("Mail", email, "用户注册", code)) { return("{\"message\":{\"returnCode\":1,\"value\":\"邮件验证码错误。\"}}"); } param.LoginName = email; param.DisplayName = ((AccountInfo)param).Name = ((AccountInfo)param).GlobalName = email; param.CertifiedEmail = email; if (MembershipManagement.Instance.AccountService.IsExistLoginName(param.LoginName)) { return("{\"message\":{\"returnCode\":1,\"value\":\"此登录名已经存在。\"}}"); } } else if (registration == "mobile") { if (string.IsNullOrEmpty(mobile)) { return("{\"message\":{\"returnCode\":1,\"value\":\"必须填写手机号码。\"}}"); } if (MembershipManagement.Instance.AccountService.IsExistCertifiedMobile(mobile)) { return("{\"message\":{\"returnCode\":1,\"value\":\"此手机号码已经存在。\"}}"); } if (!VerificationCodeContext.Instance.VerificationCodeService.Validate("Mobile", mobile, "用户注册", code)) { return("{\"message\":{\"returnCode\":1,\"value\":\"短信验证码错误。\"}}"); } param.LoginName = mobile; param.DisplayName = ((AccountInfo)param).Name = mobile; param.CertifiedMobile = mobile; if (MembershipManagement.Instance.AccountService.IsExistLoginName(param.LoginName)) { return("{\"message\":{\"returnCode\":1,\"value\":\"此登录名已经存在。\"}}"); } } else { if (string.IsNullOrEmpty(loginName) || string.IsNullOrEmpty(name)) { return("{\"message\":{\"returnCode\":1,\"value\":\"必须填写登录名和全局名称。\"}}"); } if (MembershipManagement.Instance.AccountService.IsExistLoginNameAndGlobalName(loginName, name)) { return("{\"message\":{\"returnCode\":1,\"value\":\"此登录名已经存在。\"}}"); } param.LoginName = loginName; ((AccountInfo)param).GlobalName = name; if (MembershipManagement.Instance.AccountService.IsExistLoginNameAndGlobalName(param.LoginName, param.GlobalName)) { return("{\"message\":{\"returnCode\":1,\"value\":\"此登录名已经存在。\"}}"); } } param.Id = DigitalNumberContext.Generate("Key_Guid"); param.LoginDate = new DateTime(1970, 1, 1); param.Status = 1; param.IP = IPQueryContext.GetClientIP(); param = MembershipManagement.Instance.AccountService.Save(param); if (param != null) { MembershipManagement.Instance.AccountService.SetPassword(param.Id, password); var result = this.service.Save(new MemberInfo() { Id = param.Id, AccountId = param.Id, Mobile = mobile }); if (result != null) { // 设置帐号在线状态信息 string accountIdentity = DigitalNumberContext.Generate("Key_Guid"); SessionContext.Instance.Write(KernelContext.Current.AuthenticationManagement.GetAccountStorageStrategy(), accountIdentity, param); HttpAuthenticationCookieSetter.SetUserCookies(accountIdentity); } } // this.RegisterMember(param.Id, doc); return("{\"message\":{\"returnCode\":0,\"value\":\"帐号注册成功。\"}}"); }
private string GetNavigationPortalMenu() { IList <NavigationPortalInfo> list = NavigationContext.Instance.NavigationPortalService.FindAll(" Status = 1 ORDER BY OrderId , GroupId"); StringBuilder outString = new StringBuilder(); outString.Append("<div class=\"header-account-menu setting-menu-show\" style=\"display:none;\" onmouseout=\"masterpage.closeSettingMenu(event);\"> "); string currentGroupId = string.Empty; foreach (NavigationPortalInfo item in list) { if (string.IsNullOrEmpty(currentGroupId)) { currentGroupId = item.GroupId; } else if (item.GroupId != currentGroupId) { outString.Append("<div class=\"header-account-menu-line setting-menu-show\"></div>"); currentGroupId = item.GroupId; } outString.Append("<div class=\"header-account-menu-item setting-menu-show\" >"); outString.Append("<a class=\"setting-menu-show\" href=\"javascript:" + string.Format("x.cookies.add('portalIdentity','{0}',false,'/','{1}');location.href='{1}'", item.Id, item.Url, HttpAuthenticationCookieSetter.ParseDomain()) + "\" >"); outString.Append("<span class=\"menu-text setting-menu-show\">" + item.Text + "</span>"); outString.Append("<span class=\"menu-discption setting-menu-show\" >" + item.Description + "</span>"); outString.Append("</a>"); outString.Append("</div>"); } outString.Append("</div>"); return(outString.ToString()); }