/// <summary>
/// 管理后台AD验证
/// </summary>
/// <param name="dto"></param>
/// <returns></returns>
public async Task <ReturnValueModel> AdminVerifyAsync(VerifyAdminInputDto dto)
{
ReturnValueModel rvm = new ReturnValueModel();
try
{
//if (string.IsNullOrEmpty(dto?.Value))
//{
// rvm.Success = false;
// rvm.Msg = "请输入账号和密码。";
// return rvm;
//}
//string a = Encoding.Default.GetString(Convert.FromBase64String(dto.Value));
//string pattern = @"(\\[^bfrnt\\/‘\""])";
//var result = System.Text.RegularExpressions.Regex.Replace(a, pattern, "\\$1");
//VerifyBase verifyAdmin = Json.ToObject<VerifyBase>(result);
if (string.IsNullOrEmpty(dto?.UserName))
{
rvm.Success = false;
rvm.Msg = "请输入账号。";
return(rvm);
}
if (string.IsNullOrEmpty(dto?.Password))
{
rvm.Success = false;
rvm.Msg = "请输入密码。";
return(rvm);
}
var user = await _rep.FirstOrDefaultAsync <UserModel>(s => s != null && s.IsDeleted != 1 && s.ADAccount == dto.UserName.ToUpper());
//是否系统管理员
if (user?.Id == "00000000-0000-0000-0000-000000000000")
{
if (user?.Password != dto.Password)
{
rvm.Success = false;
rvm.Msg = "登录失败。";
return(rvm);
}
}
else
{
//匹配AD白名单
var whiteName = await _rep.FirstOrDefaultAsync <BotADWhiteName>(s => s.IsDeleted != 1 && s.ADAccount == dto.UserName);
//var isWhiteName = await CheckWhiteName(dto.UserName);
if (whiteName == null)
{
rvm.Success = false;
rvm.Msg = "您输入的账号无权限访问或账号密码不正确。";
rvm.Result = null;
LoggerHelper.WriteLogInfo("[CheckWhiteName]:错误------不在白名单");
return(rvm);
}
//验证AD域
var verify = await GetVerifyApi(dto.UserName, dto?.Password);
if (verify.Success == false)
{
return(verify);
}
//var user = await _rep.FirstOrDefaultAsync<UserModel>(s => s != null && s.IsDeleted != 1 && s.ADAccount == dto.UserName.ToUpper());
if (user == null)
{
var id = Guid.NewGuid().ToString();
user = new UserModel
{
Id = id,
ADAccount = dto.UserName.ToUpper(),
Code = id,
IsDeleted = 0,
IsEnabled = 0,
Password = Guid.NewGuid().ToString(),
CreateTime = DateTime.UtcNow.AddHours(8),
CreateUser = id,
};
_rep.Insert <UserModel>(user);
}
else
{
if (user.ADAccount != dto.UserName)
{
user.ADAccount = dto.UserName.ToUpper();
_rep.Update(user);
}
}
string roleId = "002222B5-C4D4-4DD7-9FEE-53201BD2BA55";
var userRole = await _rep.FirstOrDefaultAsync <UserRole>(s => s.IsDeleted != 1 && s.UserId == user.Id && s.RoleId == roleId);
//添加审核员权限
if (whiteName.ChatAudit == 1 && userRole == null)
{
_rep.Insert <UserRole>(new UserRole
{
Id = Guid.NewGuid().ToString(),
SapCode = user.Code,
UserId = user.Id,
RoleId = roleId,
CreateTime = DateTime.UtcNow.AddHours(8),
CreateUser = user.Id,
});
}
_rep.SaveChanges();
}
string _host = ConfigurationManager.AppSettings["HostUrl"];
var buToken = await new WebClient <string>()
.Post($"{_host}/auth/token")
.Data(new Dictionary <string, object>
{
{ "username", user.ADAccount },
{ "password", user.Password },
{ "grant_type", "password" },
{ "CompanyCode", user.CompanyCode ?? "" },
}).ResultAsync();
if (string.IsNullOrEmpty(buToken.ToString()))
{
rvm.Msg = "fail";
rvm.Success = false;
rvm.Result = "获取HCP,token失败" + _host;
return(rvm);
}
dynamic obj = new ExpandoObject();
obj.BuToken = Json.ToObject <HCPTokenOutDto>(buToken.ToString());
//生成KBS系统Token
string kbsHost = ConfigurationManager.AppSettings["KBSUrl"];
string loginSecretkey = ConfigurationManager.AppSettings["LoginSecretkey"];
string sign = Tool.Sign(new Dictionary <string, object>
{
{ "Id", user.Id }
}, loginSecretkey);
var kbsToken = await new WebClient <Result>()
.Post($"{kbsHost}Account/LoginAD")
.JsonData(new LoginADInputDto
{
Sign = sign,
Id = user.Id
}).ResultFromJsonAsync();
if (kbsToken?.Code == 0)
{
rvm.Msg = "fail";
rvm.Success = false;
rvm.Result = kbsToken?.Message;
return(rvm);
}
obj.KbsToken = Json.ToObject <KBSTokenOutDto>(kbsToken.Data.ToString());
_cacheManager.Set(user.Id.ToString() + "KBS", obj.KbsToken, 12);
rvm.Msg = "success";
rvm.Success = true;
rvm.Result = obj;
}
catch (Exception ex)
{
string error = string.Empty;
error += ($"--------------------------------------------------------------------------------");
error += ($"[MSG]:{ex.Message};\n");
error += ($"[Source]:{ex.Source}\n");
error += ($"[StackTrace]:{ex.StackTrace}\n");
error += ($"[StackTrace]:{ex.TargetSite.Name}\n");
error += ($"--------------------------------------------------------------------------------");
rvm.Msg = "fail_";
rvm.Success = false;
rvm.Result = error;
}
return(rvm);
}
public async Task <IHttpActionResult> AdminVerify([FromBody] VerifyAdminInputDto dto)
{
var ret = await _aDVerifyService.AdminVerifyAsync(dto);
return(Ok(ret));
}
