//查询单个(查ID) public int Select(ref M_EmployeeLogin Obj, int ID, ref string ErrMsg) { SqlConnection conn; using (conn = CreatConn()) { SqlCommand cmd = new SqlCommand($"select ID,Username,Password from {TableName} where ID = {ID}", conn); SqlDataReader sdr; try { conn.Open(); sdr = cmd.ExecuteReader(); while (sdr.Read()) { Obj.ID = (int)sdr["ID"]; Obj.Password = (string)sdr["Password"]; Obj.Username = (string)sdr["Username"]; return 1; } return -1; } catch (Exception ex) { ErrMsg = ex.Message; return -1; } finally { cmd.Dispose(); } } }
public ActionResult Login(Models.LoginViewModel model) { Random r = new Random(); RefreshToken rt = new RefreshToken(); M_TokenTable mtt = new M_TokenTable(); M_EmployeeLogin obj = new M_EmployeeLogin(); M_Online mol = new M_Online(); string ErrMsg = string.Empty; if (B_EmployeeLogin.Login(ref obj, model.LoginTel, model.Password, ref ErrMsg) != -1) { try { mol.PastTime = (long)DateTime.UtcNow.AddMinutes(30).Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds; mol.LastLogin = DateTime.Now; mol.Admin_BL = 1; mol.Token = r.NextDouble().ToString(); B_Online.Insert(ref mol, ref ErrMsg); rt.iss = "lzfyhgm"; rt.exp = (long)DateTime.UtcNow.AddDays(30).Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds; rt.iat = (long)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds;; byte[] key = AES.Md5((rt.exp * r.NextDouble()).ToString(), AES.Md5DataType.t32); byte[] IV = AES.Md5((rt.iat * r.NextDouble()).ToString(), AES.Md5DataType.t16); mtt.AesIV = Convert.ToBase64String(key); mtt.AesKey = Convert.ToBase64String(IV); mtt.Exp = rt.exp; mtt.User_ID = obj.ID; mtt.Sign = RefreshToken.Sign(rt); B_TokenTable.Insert(ref mtt, ref ErrMsg); string refreshtoken = RefreshToken.CreateReftoken(rt, key, IV, obj.ID); string user_agent = HttpContext.Request.Headers.Get("User-Agent"); string token = RefreshToken.CreateToken(obj.ID, user_agent, mol.Token); UseCookie.Add("UserName", model.LoginTel, DateTime.Now.AddMinutes(30)); UseSession.Add("UserName", model.LoginTel); UseCookie.Add("UserID", obj.ID.ToString(), DateTime.Now.AddMinutes(30)); UseSession.Add("UserID", obj.ID.ToString()); UseCookie.Add("token", token, DateTime.Now.AddMinutes(30)); UseSession.Add("token", token); UseCookie.Add("RefreshToken", refreshtoken, DateTime.Now.AddDays(30)); } catch (Exception ex) { Response.Write(ex.Message); return(View()); } return(RedirectToAction("Index")); } Response.Write(ErrMsg); return(View()); }
//查询多个(查ID) public int Select(ref List<M_EmployeeLogin> Obj, List<int> ID, ref string ErrMsg) { SqlConnection conn; using (conn = CreatConn()) { SqlCommand cmd = new SqlCommand($"select ID,Username,Password from {TableName} where ID = @ID", conn); SqlDataReader sdr; SqlParameter par = new SqlParameter("@ID", SqlDbType.Int); cmd.Parameters.Add(par); int tmpOut = 0; try { conn.Open(); foreach (int i in ID) { cmd.Parameters["@ID"].Value = i; sdr = cmd.ExecuteReader(); while (sdr.Read()) { M_EmployeeLogin TmpObj = new M_EmployeeLogin(); TmpObj.ID = (int)sdr["ID"]; TmpObj.Password = (string)sdr["Password"]; TmpObj.Username = (string)sdr["Username"]; Obj.Add(TmpObj); tmpOut++; } sdr.Close(); } } catch (Exception ex) { ErrMsg = ex.Message; return -1; } finally { cmd.Dispose(); } if (ID.Count() == tmpOut) { return 1; } else { return -1; } } }
//更新单个(查ID) public int Update(M_EmployeeLogin Obj, ref string ErrMsg) { SqlConnection conn; using (conn = CreatConn()) { SqlCommand cmd = new SqlCommand($"update {TableName} set User_ID = @User_ID, Username = @Username, Password = @Password where ID = @ID", conn); SqlParameter par = new SqlParameter("@User_ID", SqlDbType.Int); par.Value = Obj.User_ID; cmd.Parameters.Add(par); par = new SqlParameter("@Username", SqlDbType.Char, 50); par.Value = Obj.Username; cmd.Parameters.Add(par); par = new SqlParameter("@Password", SqlDbType.Char, 50); par.Value = Obj.Password; cmd.Parameters.Add(par); par = new SqlParameter("@ID", SqlDbType.Int); par.Value = Obj.ID; cmd.Parameters.Add(par); try { conn.Open(); if (cmd.ExecuteNonQuery() > 0) { return 1; } else { return -1; } } catch (Exception ex) { ErrMsg = ex.Message; return -1; } finally { cmd.Dispose(); } } }
//插入单个 public int Insert(ref M_EmployeeLogin Obj,ref string ErrMsg) { SqlConnection conn; using (conn = CreatConn()) { SqlCommand cmd = new SqlCommand($"insert into {TableName} (User_ID,Username,Password) values (@User_ID,@Username,@Password);select @@IDENTITY as int", conn); SqlParameter par = new SqlParameter("@User_ID", SqlDbType.Int); par.Value = Obj.User_ID; cmd.Parameters.Add(par); par = new SqlParameter("@Username", SqlDbType.Char, 50); par.Value = Obj. Username; cmd.Parameters.Add(par); par = new SqlParameter("@Password", SqlDbType.Char, 50); par.Value = Obj.Password; cmd.Parameters.Add(par); try { conn.Open(); decimal d = (decimal)cmd.ExecuteScalar(); Obj.ID = (int)d; if (Obj.ID > 0) { return 1; } else { return -1; } } catch (Exception ex) { ErrMsg = ex.Message; return -1; } finally { cmd.Dispose(); } } }
//员工登录 public int Login(ref M_EmployeeLogin Obj, string username, string password, ref string ErrMsg) { SqlConnection conn; using (conn = CreatConn()) { SqlCommand cmd = new SqlCommand($"Select * from {TableName} where Username = @username and Password = @password", conn); SqlParameter par = new SqlParameter("@username", SqlDbType.Char, 50); par.Value = username; cmd.Parameters.Add(par); par = new SqlParameter("@password", SqlDbType.Char, 50); par.Value = password; cmd.Parameters.Add(par); SqlDataReader sdr; try { conn.Open(); sdr = cmd.ExecuteReader(); while (sdr.Read()) { Obj.ID = (int)sdr["ID"]; Obj.Password = (string)sdr["Password"]; Obj.Username = (string)sdr["Username"]; return 1; } return -1; } catch (Exception ex) { ErrMsg = ex.Message; return -1; } finally { cmd.Dispose(); } } }
//查询单个(查ID) public static int Select(ref M_EmployeeLogin Obj, int ID, ref string ErrMsg) { I_EmployeeLogin I = (D_EmployeeLogin)SimpleFactory.CreateObject(DBType.EmployeeLogin); return I.Select(ref Obj, ID, ref ErrMsg); }
//更新单个(查ID) public static int Update(M_EmployeeLogin Obj, ref string ErrMsg) { I_EmployeeLogin I = (D_EmployeeLogin)SimpleFactory.CreateObject(DBType.EmployeeLogin); return I.Update(Obj, ref ErrMsg); }
//员工登录 public static int Login(ref M_EmployeeLogin Obj, string username, string password, ref string ErrMsg) { I_EmployeeLogin I = (D_EmployeeLogin)SimpleFactory.CreateObject(DBType.EmployeeLogin); return I.Login(ref Obj, username, password, ref ErrMsg); }