public SessionObject Login(string phone, string hashedPassword, int deviceType = 0, string clientId = "") { if (string.IsNullOrEmpty(phone)) { throw new ApiException("用户名不能为空。", "RequireParameter_userphone"); } if (string.IsNullOrEmpty(hashedPassword)) { throw new ApiException("hashedPassword 不能为空.", "RequireParameter_hashedPassword"); } int timeout = 60; var nowUser = _authenticationService.GetUserByPhone(phone); if (nowUser == null) { throw new ApiException("帐户不存在", "Account_NotExits"); } #region 验证密码 if (!string.Equals(nowUser.Password, hashedPassword)) { throw new ApiException("错误的密码", "Account_WrongPassword"); } #endregion if (!nowUser.IsActive) { throw new ApiException("用户处于非活动状态.", "InactiveUser"); } UserDevice existsDevice = _authenticationService.GetUserDevice(nowUser.UserId, deviceType); // Session.QueryOver<UserDevice>().Where(x => x.AccountId == nowAccount.Id && x.DeviceType == deviceType).SingleOrDefault(); if (existsDevice == null) { string passkey = MD5CryptoProvider.GetMD5Hash(nowUser.UserId + nowUser.Phone + DateTime.UtcNow + Guid.NewGuid()); existsDevice = new UserDevice() { UserId = nowUser.UserId, CreateTime = DateTime.UtcNow, ActiveTime = DateTime.UtcNow, ExpiredTime = DateTime.UtcNow.AddMinutes(timeout), DeviceType = deviceType, SessionKey = passkey }; _authenticationService.AddUserDevice(existsDevice); } else { existsDevice.ActiveTime = DateTime.UtcNow; existsDevice.ExpiredTime = DateTime.UtcNow.AddMinutes(timeout); _authenticationService.UpdateUserDevice(existsDevice); } nowUser.Password = ""; return(new SessionObject() { SessionKey = existsDevice.SessionKey, LogonUser = nowUser }); }
public SessionObject Login(string loginIdorEmail, string hashedPassword, int deviceType = 0, string clientId = "") { if (string.IsNullOrEmpty(loginIdorEmail)) { throw new ApiException("username can't be empty.", "RequireParameter_username"); } if (string.IsNullOrEmpty(hashedPassword)) { throw new ApiException("hashedPassword can't be empty.", "RequireParameter_hashedPassword"); } int timeout = 60; var nowUser = _authenticationService.GetUserByLoginId(loginIdorEmail); if (nowUser == null) { throw new ApiException("Account Not Exists", "Account_NotExits"); } #region Verify Password if (!string.Equals(nowUser.Password, hashedPassword)) { throw new ApiException("Wrong Password", "Account_WrongPassword"); } #endregion if (!nowUser.IsActive) { throw new ApiException("The user is inactive.", "InactiveUser"); } UserDevice existsDevice = _authenticationService.GetUserDevice(nowUser.UserId, deviceType);// Session.QueryOver<UserDevice>().Where(x => x.AccountId == nowAccount.Id && x.DeviceType == deviceType).SingleOrDefault(); if (existsDevice == null) { string passkey = MD5CryptoProvider.GetMD5Hash(nowUser.UserId + nowUser.LoginName + DateTime.UtcNow.ToString() + Guid.NewGuid().ToString()); existsDevice = new UserDevice() { UserId = nowUser.UserId, CreateTime = DateTime.UtcNow, ActiveTime = DateTime.UtcNow, ExpiredTime = DateTime.UtcNow.AddMinutes(timeout), DeviceType = deviceType, SessionKey = passkey }; _authenticationService.AddUserDevice(existsDevice); } else { existsDevice.ActiveTime = DateTime.UtcNow; existsDevice.ExpiredTime = DateTime.UtcNow.AddMinutes(timeout); _authenticationService.UpdateUserDevice(existsDevice); } nowUser.Password = ""; return(new SessionObject() { SessionKey = existsDevice.SessionKey, LogonUser = nowUser }); }