private void SaveToken(OAuthToken token, string code) { DBAccess dba = new DBAccess(); dba.AddTable(DBConst.C3010A00); dba.AddWhere(DBConst.C3010A03, code); dba.AddWhere(DBConst.C3010A04, OAuthClient.KUAIPAN); dba.AddWhere(DBConst.C3010A05, CharUtil.Text2DB(token.UserId)); dba.AddDeleteBatch(); dba.ReInit(); dba.AddTable(DBConst.C3010A00); dba.AddParam(DBConst.C3010A01, 0); dba.AddParam(DBConst.C3010A02, HashUtil.UtcTimeInHex(false)); dba.AddParam(DBConst.C3010A03, code); dba.AddParam(DBConst.C3010A04, OAuthClient.KUAIPAN); dba.AddParam(DBConst.C3010A05, CharUtil.Text2DB(token.UserId)); dba.AddParam(DBConst.C3010A06, KuaipanServer.CONSUMER_KEY); dba.AddParam(DBConst.C3010A07, KuaipanServer.CONSUMER_SECRET); dba.AddParam(DBConst.C3010A08, CharUtil.Text2DB(token.Token)); dba.AddParam(DBConst.C3010A09, CharUtil.Text2DB(token.Secret)); dba.AddParam(DBConst.C3010A0A, 1); dba.AddParam(DBConst.C3010A0B, DBConst.SQL_NOW, false); dba.AddParam(DBConst.C3010A0C, DBConst.SQL_NOW, false); dba.AddInsertBatch(); dba.ExecuteBatch(); }
/// <summary> /// 修改口令 /// </summary> /// <param name="name"></param> /// <param name="oldPass"></param> /// <param name="newPass"></param> /// <returns></returns> public bool WsSignPk(string name, string oldPass, string newPass, XmlWriter writer) { var dba = new DBAccess(); dba.AddTable(DBConst.C3010400); dba.AddColumn(DBConst.C3010402); dba.AddWhere(DBConst.C3010400, CharUtil.Text2DB(name)); var dt = dba.ExecuteSelect(); if (dt.Rows.Count != 1) { writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!"); return false; } string code = dt.Rows[0][DBConst.C3010402] as string; dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddColumn(DBConst.APWD0002); dba.AddColumn(DBConst.APWD0003); dba.AddWhere(DBConst.APWD0001, code); dba.AddSort(DBConst.APWD0002, true); dt = dba.ExecuteSelect(); if (dt.Rows.Count != 4) { writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!"); return false; } string data = dt.Rows[0][DBConst.APWD0003] as string; if (string.IsNullOrEmpty(data)) { writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!"); return false; } byte[] b = Convert.FromBase64String(data); string info = dt.Rows[0][DBConst.APWD0003] as string; string main = dt.Rows[0][DBConst.APWD0003] as string; string safe = dt.Rows[0][DBConst.APWD0003] as string; // 已有口令校验 if (info != Digest(name, oldPass, b)) { writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!"); return false; } // 口令 byte[] k = GenK(name, code, oldPass); // 向量 byte[] v = GenV(name, code, oldPass); byte[] t = Convert.FromBase64String(main); #region AES 加密 AesManaged aes1 = new AesManaged(); using (MemoryStream mStream = new MemoryStream()) { using (CryptoStream cStream = new CryptoStream(mStream, aes1.CreateDecryptor(k, v), CryptoStreamMode.Write)) { cStream.Write(t, 0, t.Length); cStream.FlushFinalBlock(); t = mStream.ToArray(); } } aes1.Clear(); #endregion new Random().NextBytes(b); // 口令 k = GenK(name, code, newPass); // 向量 v = GenV(name, code, newPass); #region AES 加密 AesManaged aes2 = new AesManaged(); using (MemoryStream mStream = new MemoryStream()) { using (CryptoStream cStream = new CryptoStream(mStream, aes2.CreateEncryptor(k, v), CryptoStreamMode.Write)) { cStream.Write(t, 0, t.Length); cStream.FlushFinalBlock(); t = mStream.ToArray(); } } aes1.Clear(); #endregion // 摘要用户登录信息 info = Digest(name, newPass, b); data = Convert.ToBase64String(b); main = Convert.ToBase64String(t); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddWhere(DBConst.APWD0001, code); dba.AddDeleteBatch(); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, code); dba.AddParam(DBConst.APWD0002, "Data"); dba.AddParam(DBConst.APWD0003, data); dba.AddInsertBatch(); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, code); dba.AddParam(DBConst.APWD0002, "Info"); dba.AddParam(DBConst.APWD0003, info); dba.AddInsertBatch(); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, code); dba.AddParam(DBConst.APWD0002, "Main"); dba.AddParam(DBConst.APWD0003, main); dba.AddInsertBatch(); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, code); dba.AddParam(DBConst.APWD0002, "Safe"); dba.AddParam(DBConst.APWD0003, safe); dba.AddInsertBatch(); dba.ExecuteBatch(); writer.WriteElementString("Code", code); writer.WriteElementString("Data", data); writer.WriteElementString("Info", info); writer.WriteElementString("Main", main); writer.WriteElementString("Safe", safe); return true; }
/// <summary> /// 用户注册 /// </summary> /// <returns></returns> public bool WsSignUp(string name, string pass, XmlWriter writer) { name = name.ToLower(); Random r = new Random(); // 口令 byte[] t = new byte[72]; int i = 0; byte[] a = Encoding.UTF8.GetBytes(_Code); Array.Copy(a, 0, t, i, a.Length); i += a.Length; _Salt = new byte[16]; r.NextBytes(_Salt); Array.Copy(_Salt, 0, t, i, _Salt.Length); i += _Salt.Length; _Keys = new byte[32]; r.NextBytes(_Keys); Array.Copy(_Keys, 0, t, i, _Keys.Length); i += _Keys.Length; _Mask = CharUtil.GenerateUserChar(); a = Encoding.UTF8.GetBytes(_Mask); Array.Copy(a, 0, t, i, a.Length); #region AES 加密 byte[] k = GenK(name, _Code, pass); byte[] v = GenV(name, _Code, pass); AesManaged aes = new AesManaged(); using (MemoryStream mStream = new MemoryStream()) { using (CryptoStream cStream = new CryptoStream(mStream, aes.CreateEncryptor(k, v), CryptoStreamMode.Write)) { cStream.Write(t, 0, t.Length); cStream.FlushFinalBlock(); t = mStream.ToArray(); } } aes.Clear(); #endregion DBAccess dba = new DBAccess(); dba.AddTable(DBConst.APWD0000); dba.AddWhere(DBConst.APWD0001, _Code); dba.AddDeleteBatch(); a = new byte[256]; r.NextBytes(a); string data = Convert.ToBase64String(a); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, _Code); dba.AddParam(DBConst.APWD0002, "Data"); dba.AddParam(DBConst.APWD0003, data); dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false); dba.AddInsertBatch(); string info = Digest(name, pass, a); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, _Code); dba.AddParam(DBConst.APWD0002, "Info"); dba.AddParam(DBConst.APWD0003, info); dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false); dba.AddInsertBatch(); string main = Convert.ToBase64String(t); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, _Code); dba.AddParam(DBConst.APWD0002, "Main"); dba.AddParam(DBConst.APWD0003, main); dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false); dba.AddInsertBatch(); string safe = ""; dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, _Code); dba.AddParam(DBConst.APWD0002, "Safe"); dba.AddParam(DBConst.APWD0003, safe); dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false); dba.AddInsertBatch(); dba.ExecuteBatch(); a = new byte[256]; new Random().NextBytes(a); writer.WriteElementString("Code", _Code); writer.WriteElementString("Data", data); writer.WriteElementString("Info", info); writer.WriteElementString("Main", main); writer.WriteElementString("Safe", safe); return true; }
public void InitUserData() { #region 数据初始化 DBAccess dba = new DBAccess(); dba.AddTable(DBConst.ACAT0200); dba.AddWhere(DBConst.ACAT0202, Code); dba.AddDeleteBatch(); dba.ReInit(); dba.AddParam(DBConst.ACAT0201, DBConst.ACAT0201, false); dba.AddParam(DBConst.ACAT0202, Code); dba.AddParam(DBConst.ACAT0203, DBConst.ACAT0203, false); dba.AddParam(DBConst.ACAT0204, DBConst.ACAT0204, false); dba.AddParam(DBConst.ACAT0205, DBConst.ACAT0205, false); dba.AddParam(DBConst.ACAT0206, DBConst.ACAT0206, false); dba.AddParam(DBConst.ACAT0207, DBConst.ACAT0207, false); dba.AddParam(DBConst.ACAT0208, DBConst.ACAT0208, false); dba.AddParam(DBConst.ACAT0209, DBConst.ACAT0209, false); dba.AddParam(DBConst.ACAT020A, DBConst.ACAT020A, false); dba.AddParam(DBConst.ACAT020B, DBConst.ACAT020B, false); dba.AddParam(DBConst.ACAT020C, 1); dba.AddParam(DBConst.ACAT020D, 1); dba.AddWhere(DBConst.ACAT0202, IUser.AMON_CODE); dba.AddBackupBatch(DBConst.ACAT0200, DBConst.ACAT0200); dba.ReInit(); dba.AddTable(DBConst.APWD0300); dba.AddWhere(DBConst.APWD0303, Code); dba.AddDeleteBatch(); dba.ReInit(); dba.AddParam(DBConst.APWD0301, DBConst.APWD0301, false); dba.AddParam(DBConst.APWD0302, DBConst.APWD0302, false); dba.AddParam(DBConst.APWD0303, Code); dba.AddParam(DBConst.APWD0304, DBConst.APWD0304, false); dba.AddParam(DBConst.APWD0305, DBConst.APWD0305, false); dba.AddParam(DBConst.APWD0306, DBConst.APWD0306, false); dba.AddParam(DBConst.APWD0307, DBConst.APWD0307, false); dba.AddParam(DBConst.APWD0308, DBConst.APWD0308, false); dba.AddParam(DBConst.APWD0309, DBConst.APWD0309, false); dba.AddParam(DBConst.APWD030A, DBConst.APWD030A, false); dba.AddParam(DBConst.APWD030B, 1); dba.AddParam(DBConst.APWD030C, 1); dba.AddWhere(DBConst.APWD0303, IUser.AMON_CODE); dba.AddBackupBatch(DBConst.APWD0300, DBConst.APWD0300); dba.ReInit(); dba.AddTable(DBConst.AUDC0100); dba.AddWhere(DBConst.AUDC0102, Code); dba.AddDeleteBatch(); dba.ReInit(); dba.AddParam(DBConst.AUDC0101, DBConst.AUDC0101, false); dba.AddParam(DBConst.AUDC0102, Code); dba.AddParam(DBConst.AUDC0103, DBConst.AUDC0103, false); dba.AddParam(DBConst.AUDC0104, DBConst.AUDC0104, false); dba.AddParam(DBConst.AUDC0105, DBConst.AUDC0105, false); dba.AddParam(DBConst.AUDC0106, DBConst.AUDC0106, false); dba.AddParam(DBConst.AUDC0107, DBConst.AUDC0107, false); dba.AddParam(DBConst.AUDC0108, DBConst.AUDC0108, false); dba.AddParam(DBConst.AUDC0109, DBConst.AUDC0109, false); dba.AddParam(DBConst.AUDC010A, 1); dba.AddParam(DBConst.AUDC010B, 1); dba.AddWhere(DBConst.AUDC0102, IUser.AMON_CODE); dba.AddBackupBatch(DBConst.AUDC0100, DBConst.AUDC0100); dba.ExecuteBatch(); #endregion }