public ActionResult CheckLogin(string username, string password, string verifycode, int autologin) { try { #region 验证码验证 if (autologin == 0) { verifycode = Md5Helper.MD5(verifycode.ToLower(), 16); if (Session["session_verifycode"].IsEmpty() || verifycode != Session["session_verifycode"].ToString()) { throw new Exception("验证码错误,请重新输入"); } } #endregion #region 第三方账户验证 #endregion #region 内部账户验证 UserEntity userEntity = _app.GetEntity(username); if (userEntity != null) { //验证密码是否正确 string dbPassword = Md5Helper.MD5(DESEncrypt.Encrypt(password.ToLower(), userEntity.Secretkey).ToLower(), 32).ToLower(); if (dbPassword == userEntity.Password) { DateTime LastVisit = DateTime.Now; int LogOnCount = (userEntity.LogOnCount).ToInt() + 1; if (userEntity.LastVisit != null) { userEntity.PreviousVisit = userEntity.LastVisit.ToDate(); } userEntity.LastVisit = LastVisit; userEntity.LogOnCount = LogOnCount; userEntity.UserOnLine = 1; _app.UpdateEntity(userEntity); } else { return(Error("密码和账户名不匹配")); } Operator operators = new Operator(); operators.UserId = userEntity.UserId; operators.Code = userEntity.EnCode; operators.Account = userEntity.Account; operators.UserName = userEntity.RealName; operators.Password = userEntity.Password; operators.Secretkey = userEntity.Secretkey; operators.DepartmentId = userEntity.DepartmentId; operators.IPAddress = Net.Ip; operators.LogTime = DateTime.Now; operators.Token = DESEncrypt.Encrypt(Guid.NewGuid().ToString()); //判断是否系统管理员 if (userEntity.Account == "System" || userEntity.Account == "admin") { operators.IsSystem = true; } else { operators.IsSystem = false; } OperatorProvider.Provider.AddCurrent(operators); } return(Success("登录成功。")); #endregion } catch (Exception ex) { WebHelper.RemoveCookie("My_autologin"); //清除自动登录 return(Error(ex.Message)); } }