/// <summary>
/// 验证登录
/// </summary>
/// <param name="sessionid">登录会话Id</param>
/// <returns></returns>
private BusinessBaseViewModel <object> ValidateLogin(string sessionid, HttpActionContext actionContext)
{
var response = new BusinessBaseViewModel <object> {
Status = ResponseStatus.Fail
};
if (sessionid.IsNullOrWhiteSpace())
{
response.Status = ResponseStatus.UnSessionIdParamsError;
return(response);
}
string deviceNo = string.Empty;
string sessionidCacheKey = TianYuConsts.GetSessionIdCacheKey(sessionid);
var userGroup = Cache.CacheHelper.Get <SystemLoginUserInfo>(sessionidCacheKey);
if (userGroup.IsNull())
{
var model = LoginSessionDataHelper.GetSessionInfoModel(sessionid);
if (model.IsNull())
{
response.Status = ResponseStatus.SessionIdError;
return(response);
}
else
{
deviceNo = model.DeviceNo;
}
}
else
{
// deviceNo = userGroup.DeviceNo;
}
string ticket = actionContext.Request.Headers.Authorization.Parameter;
if (ticket.IsNullOrWhiteSpace())
{
response.Status = ResponseStatus.UnAuthorityError;
return(response);
}
//解密票据
string key = TianYuConsts.GetTicketCacheKey(ticket);
var ticketDetailsModel = CacheHelper.Get <AuthenticationTicketDetailsModel>(key);
if (ticketDetailsModel.IsNull())
{
response.Status = ResponseStatus.AuthenticationTicketTimeOut;
return(response);
}
if (ticketDetailsModel.ClientType != AuthClientType.SamllApp.GetEnumDescription() && ticketDetailsModel.DeviceNo != deviceNo)
{
response.Status = ResponseStatus.SessionIdOtherLogin;
response.BusinessData = deviceNo;
return(response);
}
response.BusinessData = userGroup;
response.Status = ResponseStatus.Success;
return(response);
}
/// <summary>
/// 退出登录
/// </summary>
/// <returns></returns>
public BusinessBaseViewModel <string> Logout()
{
var response = new BusinessBaseViewModel <string>()
{
Status = ResponseStatus.Fail
};
var token = CookieHelper.GetCookieValue(TianYuConsts.SystemLoginCookieName);
if (!token.IsNullOrWhiteSpace())
{
CookieHelper.RemoveCookie(TianYuConsts.SystemLoginCookieName);
CacheHelper.Remove(TianYuConsts.GetSessionIdCacheKey(token));
}
response.Status = ResponseStatus.Success;
return(response);
}
/// <summary>
/// 登录后台
/// </summary>
/// <param name="loginName">用户名</param>
/// <param name="loginPwd">密码</param>
/// <returns>登录凭据</returns>
public BusinessBaseViewModel <string> Login(string loginName, string loginPwd)
{
var response = new BusinessBaseViewModel <string>()
{
Status = ResponseStatus.Fail
};
if (loginName.IsNullOrWhiteSpace() || loginPwd.IsNullOrWhiteSpace())
{
response.ErrorMessage = "请输入用户名或密码";
return(response);
}
var Staff = _staffRepostory.FirstOrDefault(t => t.LoginName == loginName && t.Status != (int)SystemStaffStatus.Del);
if (Staff.IsNull())
{
response.ErrorMessage = "请输入用户名不存在或密码错误";
return(response);
}
if (Staff.Status == (int)SystemStaffStatus.Stop)
{
response.ErrorMessage = "该用户已经被禁用";
return(response);
}
if (Staff.LoginPwd.Equals((loginPwd + Staff.MaskCode).ToMd5(), StringComparison.InvariantCultureIgnoreCase))
{
//更新最近登录时间
Staff.LastLoginTime = DateTime.Now;
_staffRepostory.Update(Staff, "LastLoginTime");
_staffRepostory.SaveChanges();
//生成一个登录凭据
var sessionIdString = $"admin:login:{loginName}:{Utils.NewGuid()}";
var sessionId = DESEncrypt.Encrypt(sessionIdString.ToBase64());
string sessionKey = TianYuConsts.GetSessionIdCacheKey(sessionId);
if (CacheHelper.Exists(sessionKey))
{
CacheHelper.Remove(sessionKey);
}
//将用户菜单权限缓存到cache
var menuList = _systemRoleService.FindStaffMenuRole(Staff.Id);
CacheHelper.Insert(TianYuConsts.GetLoginUserMenuCacheKey(sessionId), menuList, true);
var buttonList = _systemRoleService.FindStaffRoleNameByStaffId(Staff.Id);
CacheHelper.Insert(TianYuConsts.GetLoginUserButtonCacheKey(sessionId), buttonList, true);
var loginUserInfo = new SystemLoginUserInfo
{
Id = Staff.Id,
Eamil = Staff.Eamil,
LoginName = Staff.LoginName,
Mobile = Staff.Mobile,
NickName = Staff.NickName,
SectionId = Staff.SectionId,
Status = Staff.Status,
Tel = Staff.Tel
};
//存储当前登录用户数据
CacheHelper.Insert(TianYuConsts.GetLoginUserInfoCacheKey(sessionId), loginUserInfo, DateTime.Now.AddHours(1));
response.BusinessData = sessionId;
response.Status = ResponseStatus.Success;
return(response);
}
else
{
response.ErrorMessage = "请输入用户名不存在或密码错误";
return(response);
}
}