public HttpResponseBase GetSecretSetList()
{
string json = string.Empty;
int totalCount = 0;
uint result = 0;
try
{
SecretAccountSetQuery query = new SecretAccountSetQuery();
query.Start = Convert.ToInt32(Request.Params["start"] ?? "0");
query.Limit = Convert.ToInt32(Request.Params["limit"] ?? "25");
if (!string.IsNullOrEmpty(Request.Params["search_content"]))
{
if (uint.TryParse(Request.Params["search_content"], out result))
{
query.user_id = result;
}
else
{
query.user_username = Request.Params["search_content"];
}
}
//判斷user_id 和ipfrom是否同時存在該賬號 若存在 則提示不能添加
if (!string.IsNullOrEmpty(Request.Params["id"]))
{
query.id = int.Parse(Request.Params["id"]);
}
if (!string.IsNullOrEmpty(Request.Params["ipfrom"]))
{
query.ipfrom = Request.Params["ipfrom"];
}
if (!string.IsNullOrEmpty(Request.Params["ispage"]))
{
query.IsPage = false;
}
sasMgr = new SecretAccountSetMgr(mySqlConnectionString);
DataTable dt = sasMgr.GetSecretSetList(query, out totalCount);
IsoDateTimeConverter timeConverter = new IsoDateTimeConverter();
//这里使用自定义日期格式,如果不使用的话,默认是ISO8601格式
timeConverter.DateTimeFormat = "yyyy-MM-dd HH:mm:ss";
//listUser是准备转换的对象
json = "{success:true,totalCount:" + totalCount + ",data:" + JsonConvert.SerializeObject(dt, Formatting.Indented, timeConverter) + "}";//返回json數據
}
catch (Exception ex)
{
Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
log.Error(logMessage);
json = "{success:false,totalCount:0,data:[]}";
}
this.Response.Clear();
this.Response.Write(json);
this.Response.End();
return this.Response;
}
public HttpResponseBase SecretLogin()
{
string json = string.Empty;
try
{
SecretAccountSet query = new SecretAccountSet();
sasMgr = new SecretAccountSetMgr(mySqlConnectionString);
_secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString);
query.user_id = Convert.ToUInt32((System.Web.HttpContext.Current.Session["caller"] as Caller).user_id.ToString());
query.ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
query.status = 1;
List<SecretAccountSet> store = sasMgr.GetSecretSetList(query);//獲得用戶的密保信息
if (store.Count != 0)//該用戶有機敏權限
{
if (!string.IsNullOrEmpty(Request.Params["password"]))
{
HashEncrypt hmd5 = new HashEncrypt();
if (store[0].secret_pwd != hmd5.SHA256Encrypt(Request.Params["oldpassword"]) && Request.Params["oldpassword"].ToString() != "" && store[0].pwd_status == 0)
{
ulaMgr = new UserLoginAttemptsMgr(mySqlConnectionString);
UserLoginAttempts ula = new UserLoginAttempts();
ula.login_mail = (System.Web.HttpContext.Current.Session["caller"] as Caller).user_email;
ula.login_ipfrom = query.ipfrom;
ula.login_type = 4;
ulaMgr.Insert(ula);
SecretAccountSet sas = new SecretAccountSet();
store[0].user_login_attempts += 1;
store[0].updatedate = DateTime.Now;
sasMgr.LoginError(store[0]);
int count = 5 - store[0].user_login_attempts;//還有count次登入機會
json = "{success:true,error:5,count:" + count + "}";//返回json數據0:密碼錯誤
}
else
{
if ((store[0].secret_pwd == hmd5.SHA256Encrypt(Request.Params["password"]) && Request.Params["oldpassword"].ToString() == "") || store[0].pwd_status == 0)//密碼驗證正確
{
if (store[0].secret_count != 0 || store[0].user_login_attempts != 0 || store[0].pwd_status == 0)
{
if (store[0].user_login_attempts != 0)
{
store[0].user_login_attempts = 0;
}
if (store[0].secret_count > 1)
{
store[0].secret_count = 1;
}
if (store[0].pwd_status == 0)
{
store[0].pwd_status = 1;
store[0].secret_pwd = hmd5.SHA256Encrypt(Request.Params["password"]);
}
store[0].updatedate = DateTime.Now;
sasMgr.Update(store[0]);//清空賬戶錯誤預警信息
}
//獲取最新的一條數據
SecretInfoLog info = _secretLogMgr.GetMaxCreateLog(new SecretInfoLog { user_id = query.user_id, ipfrom = query.ipfrom }).FirstOrDefault();
if (info.input_pwd_date == DateTime.MinValue)//該條數據是否已經記錄驗證時間,沒有則修改,有則新增
{
info.input_pwd_date = DateTime.Now;
_secretLogMgr.UpdateSecretInfoLog(info);
}
else
{
info.input_pwd_date = DateTime.Now;
_secretLogMgr.InsertSecretInfoLog(info);
}
json = "{success:true,error:0}";//返回json數據
}
else
{//密碼錯誤向
ulaMgr = new UserLoginAttemptsMgr(mySqlConnectionString);
UserLoginAttempts ula = new UserLoginAttempts();
ula.login_mail = (System.Web.HttpContext.Current.Session["caller"] as Caller).user_email;
ula.login_ipfrom = query.ipfrom;
ula.login_type = 4;
ulaMgr.Insert(ula);
SecretAccountSet sas = new SecretAccountSet();
store[0].user_login_attempts += 1;
store[0].updatedate = DateTime.Now;
sasMgr.LoginError(store[0]);
int count = 5 - store[0].user_login_attempts;//還有count次登入機會
if (store[0].secret_pwd != hmd5.SHA256Encrypt(Request.Params["oldpassword"]) && Request.Params["oldpassword"].ToString() != "" && store[0].pwd_status == 0)
{
json = "{success:true,error:1,count:" + count + "}";//返回json數據0:密碼錯誤
}
else
{
json = "{success:true,error:1,count:" + count + "}";//返回json數據0:密碼錯誤
}
}
}
}
else
{
json = "{success:true,error:3}";//返回json數據,後台未獲取到輸入的密碼
}
}
else
{
json = "{success:true,error:2}";//返回json數據1:用戶未註冊資安權限或被鎖定
}
}
catch (Exception ex)
{
Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
log.Error(logMessage);
json = "{success:false}";
}
this.Response.Clear();
this.Response.Write(json);
this.Response.End();
return this.Response;
}
/// <summary>
/// 誰在什麼時候通過哪個頁面訪問了哪筆機敏資料
/// </summary>
/// <returns></returns>
public HttpResponseBase SaveSecretLog()
{
string json = "{success:false,isconti:false,ispower:false,pwd_status:\"" + 0 + "\"}";
try
{
_secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString);
SecretInfoLog query = new SecretInfoLog();
//誰
query.user_id = Convert.ToUInt32((System.Web.HttpContext.Current.Session["caller"] as Caller).user_id.ToString());
query.ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
//在哪個時候
query.createdate = DateTime.Now;
//訪問了哪個頁面
if (!string.IsNullOrEmpty(Request.Params["urlRecord"]))
{
query.url = Request.Params["urlRecord"].ToString();
}
if (!string.IsNullOrEmpty(Request.Params["secretType"]))
{
query.type = Convert.ToInt32(Request.Params["secretType"].ToString());
}
//哪筆機敏資料
if (!string.IsNullOrEmpty(Request.Params["ralatedId"]))
{
query.related_id = Convert.ToInt32(Request.Params["ralatedId"].ToString());
}
sasMgr = new SecretAccountSetMgr(mySqlConnectionString);
SecretAccountSet querysas = new SecretAccountSet();
querysas.user_id = query.user_id;
querysas.ipfrom = query.ipfrom;
querysas.status = -1;
List<SecretAccountSet> store = sasMgr.GetSecretSetList(querysas);//獲得用戶的密保信息
if (store.Count > 0)//該賬號具有機敏權限
{
if ((store[0].secret_count < store[0].secret_limit) && store[0].status == 1)//該賬號查詢次數未達極限
{
if (_secretLogMgr.InsertSecretInfoLog(query) > 0)//查詢記錄保存成功
{
store[0].secret_count = store[0].secret_count + 1;
store[0].updatedate = DateTime.Now;
sasMgr.Update(store[0]);
//判斷是否具有權限
json = "{success:true,isconti:true,ispower:true,pwd_status:\"" + store[0].pwd_status + "\"}";//正常進行
}
}
else if ((store[0].secret_count >= store[0].secret_limit) && store[0].status == 1)//極限值訪問
{
store[0].status = 0;
store[0].updatedate = DateTime.Now;
sasMgr.Update(store[0]);
//判斷是否具有權限
json = "{success:true,isconti:false,ispower:true,pwd_status:\"" + store[0].pwd_status + "\"}";//已達極限
}
else if ((store[0].secret_count < store[0].secret_limit) && store[0].status == 0)
{//達極限
json = "{success:true,isconti:false,ispower:false,pwd_status:\"" + store[0].pwd_status + "\"}";//沒有賬號
}
else
{
json = "{success:true,isconti:false,ispower:true,pwd_status:\"" + store[0].pwd_status + "\"}";//已達極限
}
}
else
{
json = "{success:true,isconti:false,ispower:false,pwd_status:\"" + 0 + "\"}";//沒有賬號
}
}
catch (Exception ex)
{
Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
log.Error(logMessage);
}
this.Response.Clear();
this.Response.Write(json);
this.Response.End();
return this.Response;
}