protected void btnLogin_Click(object sender, EventArgs e)
    {
        Session["UserID"]   = null;
        Session["UserName"] = null;

        #region varify login
        UserInfo userInfo = new UserInfo();
        userInfo.UserName = this.TxtUserName.Text.Trim();
        userInfo.Password = this.TxtPassword.Text.Trim();

        UserInfo_BLL userInfoBll = new UserInfo_BLL();
        UserInfo     result      = userInfoBll.CheckUserInfoByUserNameAndPassword(userInfo);
        #endregion

        if (result != null && result.UserID > 0)// after login redirect MyDetails
        {
            Session["UserID"]   = result.UserID;
            Session["UserName"] = result.UserName;
            Response.Redirect("~/Pages/User/MyDetails.aspx");
        }
        else
        {
            lblError.Text = "User Name or Password Incorrect.";
        }
    }
        // GET api/usersinfo/{username}
        // 获取用户信息,非管理员只能获取自己的
        public UserInfo_API_Get Get(string id)
        {
            this.CheckUserName(id);
            this.CheckAdministrator(id);
            UserInfo_BLL userinfo = Managers.s_userManager.GetUser(id);

            return(Mapper.Map <UserInfo_API_Get>(userinfo));
        }
        // PUT api/usersinfo/{username}
        // 更新用户信息,非管理员只能更新自己的
        public void Put(string id, UserInfo_API_Put userinfo, long updateticks)
        {
            this.CheckUserName(id);
            this.CheckAdministrator(id);

            //非管理员忽略掉Role的修改
            if (this.GetUserRole() != RoleType.ADMINISTARTOR)
            {
                userinfo.Role = null;
            }

            UserInfo_BLL ui_bll = Mapper.Map <UserInfo_BLL>(userinfo);

            ui_bll.UserName    = id;
            ui_bll.UpdateTicks = updateticks;
            Managers.s_userManager.SetUser(ui_bll);
        }
示例#4
0
    protected void autoLogin()
    {
        Session["UserID"]   = null;
        Session["UserName"] = null;

        #region varify login
        UserInfo userInfo = new UserInfo();
        userInfo.UserName = this.TxtUserName.Text.Trim();
        userInfo.Password = this.TxtPassword.Text.Trim();

        UserInfo_BLL userInfoBll = new UserInfo_BLL();
        UserInfo     result      = userInfoBll.CheckUserInfoByUserNameAndPassword(userInfo);
        #endregion

        Session["UserID"]   = result.UserID;
        Session["UserName"] = result.UserName;
        Response.Redirect("~/Default.aspx");
    }
示例#5
0
        protected WebApiPrincipal GetWebApiPrincipal(string strName, string strKey, HttpActionContext actionContext)
        {
            //获取用户基本信息(包括经过二次MD5加密的密码)
            UserInfo_BLL userBll = Managers.s_userManager.GetUser(strName);

            if (userBll != null)
            {
                string strEncryptedPassword = Managers.s_userManager.GetEncryptedPwdOfUser(strName);
                try
                {
                    Guid guidRequest = Guid.Empty;
                    if (!WebApiServerHelper.VerifyAuthKey(strName, strKey, actionContext.Request.RequestUri.ToString(),
                                                          strEncryptedPassword, ref guidRequest))
                    {
                        return(null);
                    }

                    //判断GUID防止重发攻击
                    if (!GlobalServerData.s_guidsetRequest.IsExistAndAdd(guidRequest))
                    {
                        return(null);
                    }

                    return(new WebApiPrincipal(new WebApiIdentity
                    {
                        Name = userBll.UserName,
                        DispName = userBll.RealName,
                        Password = strEncryptedPassword,
                        Role = userBll.Role
                    }));
                }
                catch (Exception)
                {
                    //Ignore any exception
                }
            }
            return(null);
        }
示例#6
0
        // GET api/entrance
        // 如果验证成功,就返回请求者的信息
        public UserInfo_API_Get Get()
        {
            UserInfo_BLL userinfo = Managers.s_userManager.GetUser(this.GetUserName());

            return(Mapper.Map <UserInfo_API_Get>(userinfo));
        }