/// <summary>
/// 验证用户的身份和密码
/// </summary>
/// <param name="Organization">组织结构管理器</param>
/// <param name="UserAlias">用户登录名</param>
/// <param name="Password">用户登录密码</param>
/// <param name="EnableADValidation">是否使用AD认证</param>
/// <param name="ADPathes">AD地址</param>
/// <returns>如果用户验证成功,则返回true,否则返回false</returns>
public static bool Validate(
OThinker.Organization.IOrganization Organization,
string UserAlias,
string Password,
bool EnableADValidation,
string ADPathes)
{
return(ValidateUser(Organization, UserAlias, Password, EnableADValidation, ADPathes) != null);
}
/// <summary>
/// 验证用户的身份和密码
/// </summary>
/// <param name="Organization">组织结构管理器</param>
/// <param name="UserAlias">用户登录名</param>
/// <param name="Password">用户登录密码</param>
/// <param name="EnableADValidation">是否使用AD认证</param>
/// <param name="ADPathes">AD地址</param>
/// <returns>如果用户验证成功,则返回User,否则返回null</returns>
public static OThinker.Organization.User ValidateUser(
OThinker.Organization.IOrganization Organization,
string UserAlias,
string Password,
bool EnableADValidation,
string ADPathes)
{
if (UserAlias == null)
{
return(null);
}
OThinker.Organization.User user = Organization.GetUserByCode(UserAlias);
if (user == null || user.State == State.Inactive ||
user.ServiceState == UserServiceState.Dismissed || user.IsVirtualUser)
{// 虚拟用户、离职、禁用用户不允许登录
return(null);
}
if (EnableADValidation && (!user.IsSystemUser || !user.IsAdministrator))
{
// 使用AD认证
bool success = false;
if (!string.IsNullOrEmpty(ADPathes))
{
string[] ads = ADPathes.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries);
foreach (string ad in ads)
{
success = IsAuthenticated(ad, UserAlias, Password);
if (success)
{
return(user);
}
}
}
}
else if (user.ValidatePassword(Password))
{
// 密码正确
return(user);
}
return(null);
}
