public virtual JObject Login(HttpContext context) { YZRequest request = new YZRequest(context); string lang = request.GetString("lang", "zh-chs"); string uid = request.GetString("uid"); string pwd = request.GetString("pwd", null); bool isapp = request.GetBool("isapp"); string cordova = request.GetString("cordova"); string model = request.GetString("model"); string name = request.GetString("name", model); string platform = request.GetString("platform"); string uuid = request.GetString("uuid"); string version = request.GetString("version"); string manufacturer = request.GetString("manufacturer"); bool isVirtual = request.GetBool("isVirtual", false); string serial = request.GetString("serial"); bool validationPanelShow = request.GetBool("validationPanelShow"); string smsGuid = request.GetString("smsGuid", null); string vcode = request.GetString("vcode", null); string keystore = request.GetString("keystore", null); //用私钥解密 if (!String.IsNullOrEmpty(keystore)) { string privateKey = (string)YZTempStorageManager.CurrentStore.Load(keystore); RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider(1024); rsaProvider.FromXmlString(privateKey); uid = System.Text.Encoding.UTF8.GetString(rsaProvider.Decrypt(Convert.FromBase64String(uid), false)); pwd = System.Text.Encoding.UTF8.GetString(rsaProvider.Decrypt(Convert.FromBase64String(pwd), false)); } Device device = null; SMS sms = null; JObject rv; if (isapp) { using (IYZDbProvider provider = YZDbProviderManager.DefaultProvider) { using (IDbConnection cn = provider.OpenConnection()) { device = DeviceManager.TryGetDevice(provider, cn, uid, uuid); } } //设备禁用 if (device != null && device.Disabled) { rv = new JObject(); rv[YZJsonProperty.success] = false; rv["prompt"] = true; rv[YZJsonProperty.errorMessage] = Resources.YZMobile.Aspx_Auth_DeviceDisabled; return(rv); } //账号保护 if (device == null) { bool IsAppLoginProtected; using (BPMConnection cn = new BPMConnection()) { cn.WebOpenAnonymous(); IsAppLoginProtected = User.IsAppLoginProtected(cn, uid); } if (IsAppLoginProtected) { if (!validationPanelShow) { rv = new JObject(); rv[YZJsonProperty.success] = false; rv["needSmsValidation"] = true; rv[YZJsonProperty.errorMessage] = Resources.YZMobile.Aspx_Auth_StrangerDevice; return(rv); } if (String.IsNullOrEmpty(smsGuid)) { throw new Exception(Resources.YZMobile.Aspx_Auth_GetValidationCodeFirst); } using (IYZDbProvider provider = YZDbProviderManager.DefaultProvider) { using (IDbConnection cn = provider.OpenConnection()) { sms = SMSManager.TryGetSMS(provider, cn, smsGuid); } } if (sms == null) { throw new Exception(Resources.YZMobile.Aspx_Auth_GetValidationCodeAgain); } if (sms.ValidationCode != vcode) { throw new Exception(Resources.YZMobile.Aspx_Auth_IncorrectValidationCode); } if (sms.ExpireDate < DateTime.Now) { throw new Exception(Resources.YZMobile.Aspx_Auth_GetValidationCodeAgain); } } } } if (String.IsNullOrEmpty(uid) /*|| String.IsNullOrEmpty(password)*/) { throw new Exception(Resources.YZStrings.Aspx_Login_EnterAccountTip); } string realAccount = null; string token = null; if (!BPMConnection.Authenticate(YZAuthHelper.BPMServerName, YZAuthHelper.BPMServerPort, uid, pwd, out realAccount, out token)) { throw new Exception(Resources.YZStrings.Aspx_Login_Fail); } YZAuthHelper.SetAuthCookie(realAccount, token); YZAuthHelper.SetLangSession(YZCultureInfoParse.Parse(lang, YZCultureInfoParse.DefauleCultureInfo).LCID); YZAuthHelper.ClearLogoutFlag(); rv = this.GenLoginResult(realAccount, false); //登录成功后处理 if (isapp) { using (IYZDbProvider provider = YZDbProviderManager.DefaultProvider) { using (IDbConnection cn = provider.OpenConnection()) { if (device != null) { device.LastLogin = DateTime.Now; DeviceManager.Update(provider, cn, device); } else { device = new Device(); device.Account = realAccount; device.UUID = uuid; device.Name = name; device.Model = model; device.Description = String.Format("{0} {1} {2} {3}", manufacturer, model, platform, version); device.Disabled = false; device.RegisterAt = DateTime.Now; device.LastLogin = device.RegisterAt; DeviceManager.Insert(provider, cn, device); } if (sms != null) { SMSManager.DeleteSMS(provider, cn, sms.ItemGUID); } } } } return(rv); }
public virtual void SMSValidation(HttpContext context) { YZRequest request = new YZRequest(context); string validateItemGUID = request.GetString("validateItemGUID"); string validateCode = request.GetString("validateCode"); string action = request.GetString("action", null); string uid = YZAuthHelper.LoginUserAccount; using (IYZDbProvider provider = YZDbProviderManager.DefaultProvider) { using (IDbConnection cn = provider.OpenConnection()) { SMS sms = SMSManager.TryGetSMS(provider, cn, validateItemGUID); if (sms == null) { throw new Exception(Resources.YZMobile.Aspx_Auth_GetValidationCodeAgain); } if (sms.ValidationCode != validateCode) { throw new Exception(Resources.YZMobile.Aspx_Auth_IncorrectValidationCode); } if (sms.ExpireDate < DateTime.Now) { throw new Exception(Resources.YZMobile.Aspx_Auth_GetValidationCodeAgain); } SMSManager.DeleteSMS(provider, cn, validateItemGUID); } } if (NameCompare.EquName(action, "bindandprotect")) { string iddcode = request.GetString("iddcode"); string phoneNumber = request.GetString("phoneNumber"); using (BPMConnection cn = new BPMConnection()) { cn.WebOpen(); User.SetAppLoginProtect(cn, uid, true); User.BindPhone(cn, uid, iddcode, phoneNumber); User user = User.TryGetUser(cn, uid); if (user != null) { if ((user.Permision & BPMObjectPermision.Edit) == BPMObjectPermision.Edit) { user.Mobile = phoneNumber; User.Update(cn, uid, user); } } } } if (NameCompare.EquName(action, "changebind")) { string iddcode = request.GetString("iddcode"); string phoneNumber = request.GetString("phoneNumber"); using (BPMConnection cn = new BPMConnection()) { cn.WebOpen(); User.BindPhone(cn, uid, iddcode, phoneNumber); User user = User.TryGetUser(cn, uid); if (user != null) { if ((user.Permision & BPMObjectPermision.Edit) == BPMObjectPermision.Edit) { user.Mobile = phoneNumber; User.Update(cn, uid, user); } } } } }