//用户登录和验证 public int CheckUser(User entity, out UserViewResult result) { using (var db = new HouseMarketEntities()) { result = new UserViewResult(); if (string.IsNullOrEmpty(entity.UserName)) { return (int)Errors.UserErrors.NullParameter; } else { var user = db.Users.FirstOrDefault(u => u.UserName == entity.UserName); if (user == null) { return (int)Errors.UserErrors.NameNotExisted; } else { if (user.Password != entity.Password) { return (int)Errors.UserErrors.WrongPassword; } else { PropertyFunction.CopyEntity(user, result); return 0; } } } } }
public MyIdentity(UserViewResult user) { if (user != null) { ID = user.UserID; Name = user.UserName; Permission = user.Permission.Value; IsAuthenticated = true; } }
//MD5加密生成令牌 public static string CreateTokenID(UserViewResult user) { MD5 md5 = MD5.Create(); byte[] value = Encoding.Default.GetBytes(user.UserName + DateTime.Now.ToString()); byte[] resultByte = md5.ComputeHash(value); string result = BitConverter.ToString(resultByte); result = result.Replace("-", ""); return result; }
/// <summary> /// 查询用户或用户登录 /// </summary> /// <returns>用户视图,总页数</returns> public HttpResponseMessage Get() { int totalPage = 0; string tokenID = string.Empty; List<UserViewResult> result = new List<UserViewResult>(); var queryString = Request.GetQueryNameValuePairs(); var token = queryString.FirstOrDefault(q=>q.Key.ToLower() == "token"); if (!string.IsNullOrEmpty(token.Value)) { tokenID = token.Value; } if (queryString.Any(q => q.Key.ToLower() == "logout")) { TokenFunction tokenFunction = new TokenFunction(); tokenFunction.DeleteToken(new Token() { TokenID = tokenID }); return Request.CreateResponse(HttpStatusCode.OK); } else if (queryString.Any(q => q.Key.ToLower() == "password")) { string userName = queryString.FirstOrDefault(q => q.Key.ToLower() == "username").Value; string password = queryString.FirstOrDefault(q => q.Key.ToLower() == "password").Value; var logonUser = new UserViewResult(); int error = AuthenticationFunction.UserLogon(userName, password, out tokenID, out logonUser); if (error == 0) { List<object> objectResult = new List<object>() { logonUser, tokenID }; return Request.CreateResponse(HttpStatusCode.OK, objectResult); } else { return GetResponse.UserResponse(error); } } else { AuthenticationFunction.TokenValidation(tokenID); if (!AuthenticationFunction.IsAuthenticated) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.BadRequest, "token expired")); } var queryConditions = new UserQueryConditions(); queryConditions.GetValues(queryString); UserFunction userFunction = new UserFunction(); userFunction.QueryUsers(queryConditions, out result, out totalPage); List<object> objectResult = new List<object>() { result, new { totalPage = totalPage } }; return Request.CreateResponse(HttpStatusCode.OK, objectResult); } }
//用户登录验证和发放令牌 public static int UserLogon(string userName, string password, out string tokenID, out UserViewResult logonUser) { tokenID = string.Empty; logonUser = new UserViewResult(); Database.User entity = new Database.User() { UserName = userName, Password = password }; UserFunction userFunction = new UserFunction(); int error = userFunction.CheckUser(entity, out logonUser); if (error != 0) { return error; } else { tokenID = AuthenticationFunction.CreateTokenID(logonUser); var newToken = new Token() { TokenID = tokenID, UserID = logonUser.UserID, ExpiredTime = DateTime.Now.AddMinutes(60) }; TokenFunction tokenFunction = new TokenFunction(); tokenFunction.AddToken(newToken); return 0; } }
//令牌验证 public static View_TokenUser TokenValidation(string tokenID) { if (string.IsNullOrEmpty(tokenID)) { return null; } else { TokenFunction tokenFunction = new TokenFunction(); var tokenUser = tokenFunction.QueryTokenUser(tokenID); if (tokenUser == null) { return null; } else if (tokenUser.ExpiredTime < DateTime.Now) { tokenFunction.DeleteToken(new Token() { TokenID = tokenID }); return null; } else { tokenUser.ExpiredTime = DateTime.Now.AddMinutes(60); UserViewResult logonUser = new UserViewResult(); PropertyFunction.CopyEntity(tokenUser, logonUser); MyIdentity myIdentity = new MyIdentity(logonUser); MyPrincipal myPrincipal = new MyPrincipal(myIdentity); SetPrincipal(myPrincipal); Token newToken = new Token(); PropertyFunction.CopyEntity(tokenUser, newToken); tokenFunction.EditTokenByToken(newToken); return tokenUser; } } }