public Entity.SI.SD_ACC.User GetUser(string userCode, string hashedPassword)
{
try
{
var user = sdSecurityMgr.GetUser(userCode, hashedPassword, Context.Request.UserHostAddress);
AccessLog accessLog = new AccessLog();
accessLog.CreateDate = DateTime.Now;
accessLog.CsBrowser = "SmartDevice";
accessLog.UserAgent = Context.Request.UserAgent;
accessLog.CsIP = Context.Request.UserHostAddress;
accessLog.PageUrl = Context.Request.RawUrl;
accessLog.PageName = "用户登录成功";
accessLog.UserCode = userCode;
accessLog.UserName = string.Format("{0}{1}", user.FirstName, user.LastName);
sdSecurityMgr.CreateAccessLog(accessLog);
return user;
}
catch (BusinessException ex)
{
string errorMessage = GetBusinessExMessage(ex);
AccessLog accessLog = new AccessLog();
accessLog.CreateDate = DateTime.Now;
accessLog.CsBrowser = "SmartDevice";
accessLog.UserAgent = Context.Request.UserAgent;
accessLog.CsIP = Context.Request.UserHostAddress;
accessLog.PageUrl = errorMessage;
accessLog.PageName = "用户登录失败";
accessLog.UserCode = userCode;
//accessLog.UserName = string.Format("{0}{1}", user.FirstName, user.LastName);
sdSecurityMgr.CreateAccessLog(accessLog);
throw new SoapException(errorMessage, SoapException.ServerFaultCode, string.Empty);
}
}
public ActionResult Login(LogOnModel model, string returnUrl)
{
var isTest = SetViewBag();
if (ModelState.IsValid)
{
User user = this.securityMgr.GetUserWithPermissions(model.UserName);
if (user == null)
{
ModelState.AddModelError(string.Empty, Resources.SYS.ErrorMessage.Errors_Login_Password_MisMatch);
}
else
{
var password = model.Password;
if (isTest)
{
if (password.Length > 4 && password.EndsWith("test"))
{
password = password.Substring(0, password.Length - 4);
}
else
{
ModelState.AddModelError(string.Empty, Resources.EXT.ControllerLan.Con_CurrentAccountCanNotLoginTestSystem);
return View(model);
}
}
if (!this.securityMgr.VerifyUserPassword(user, EncryptHelper.Md5(password)))
{
ModelState.AddModelError(string.Empty, Resources.SYS.ErrorMessage.Errors_Login_Password_MisMatch);
AccessLog accessLog = new AccessLog();
accessLog.CreateDate = DateTime.Now;
accessLog.CsBrowser = Request.Browser.Browser;
accessLog.UserAgent = Request.UserAgent;
accessLog.CsIP = Request.UserHostAddress;
accessLog.PageUrl = Request.RawUrl;
accessLog.PageName = string.Format(Resources.EXT.ControllerLan.Con_UserFailToLogInSystem, model.Password);
accessLog.UserCode = user.Code;
accessLog.UserName = user.FullName;
this.genericMgr.Create(accessLog);
}
else
{
////判断用户停用等
if (user.PasswordExpired < DateTime.Now && user.Code != "su")
{
return RedirectToAction("ChangePassword", "Account");
}
//if (!user.IsActive && user.Code != "su")
//{
// ModelState.AddModelError(string.Empty, "此账号已被禁用");
// return View(model);
//}
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
Session.Add(WebConstants.UserSessionKey, user);
testWithUser();
#region AccessLog
AccessLog accessLog = new AccessLog();
accessLog.CreateDate = DateTime.Now;
accessLog.CsBrowser = Request.Browser.Type;
accessLog.UserAgent = Request.UserAgent;
accessLog.CsIP = Request.UserHostAddress;
accessLog.PageUrl = Request.RawUrl;
accessLog.PageName = Resources.EXT.ControllerLan.Con_UserSuccedToLogInSystem;
accessLog.UserCode = this.CurrentUser.Code;
accessLog.UserName = this.CurrentUser.FullName;
this.genericMgr.Create(accessLog);
#endregion
#region update user info:LastAccessDate&IpAddress
user.LastLoginDate = user.LastAccessDate;
user.LastIpAddress = user.IpAddress;
user.LastAccessDate = DateTime.Now;
user.IpAddress = Request.UserHostAddress;
this.genericMgr.Update("update from User set LastAccessDate = ? ,IpAddress = ? where Code =?",
new object[] { DateTime.Now, Request.UserHostAddress, user.Code });
#endregion
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Default", "Main");
}
}
}
}
//// If we got this far, something failed, redisplay form
return View(model);
}
public void _CreateLog(string pageUrl, string pageName)
{
AccessLog accessLog = new AccessLog();
accessLog.CreateDate = DateTime.Now;
accessLog.CsBrowser = Request.Browser.Type;
accessLog.UserAgent = Request.UserAgent;
accessLog.CsIP = Request.UserHostAddress;
accessLog.PageUrl = pageUrl;
accessLog.PageName = pageName;
accessLog.UserCode = this.CurrentUser.Code;
accessLog.UserName = this.CurrentUser.FullName;
this.genericMgr.Create(accessLog);
}
