public ActionResult Login(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
User user = this.SecurityMgr.GetUserWithPermissions(model.UserName);
if (user == null || model.HashedPassword != user.Password)
{
ModelState.AddModelError(string.Empty, Resources.ErrorMessage.Errors_Login_Password_MisMatch);
}
else
{
////判断用户停用等
if (user.PasswordExpired)
{
return RedirectToAction("ChangePassword");
}
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
Session.Add(WebConstants.UserSessionKey, user);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Default", "Main");
}
}
}
//// If we got this far, something failed, redisplay form
return View(model);
}
public ActionResult Login(LogOnModel model, string returnUrl)
{
var isTest = SetViewBag();
if (ModelState.IsValid)
{
User user = this.securityMgr.GetUserWithPermissions(model.UserName);
if (user == null)
{
ModelState.AddModelError(string.Empty, Resources.SYS.ErrorMessage.Errors_Login_Password_MisMatch);
}
else
{
var password = model.Password;
if (isTest)
{
if (password.Length > 4 && password.EndsWith("test"))
{
password = password.Substring(0, password.Length - 4);
}
else
{
ModelState.AddModelError(string.Empty, Resources.EXT.ControllerLan.Con_CurrentAccountCanNotLoginTestSystem);
return View(model);
}
}
if (!this.securityMgr.VerifyUserPassword(user, EncryptHelper.Md5(password)))
{
ModelState.AddModelError(string.Empty, Resources.SYS.ErrorMessage.Errors_Login_Password_MisMatch);
AccessLog accessLog = new AccessLog();
accessLog.CreateDate = DateTime.Now;
accessLog.CsBrowser = Request.Browser.Browser;
accessLog.UserAgent = Request.UserAgent;
accessLog.CsIP = Request.UserHostAddress;
accessLog.PageUrl = Request.RawUrl;
accessLog.PageName = string.Format(Resources.EXT.ControllerLan.Con_UserFailToLogInSystem, model.Password);
accessLog.UserCode = user.Code;
accessLog.UserName = user.FullName;
this.genericMgr.Create(accessLog);
}
else
{
////判断用户停用等
if (user.PasswordExpired < DateTime.Now && user.Code != "su")
{
return RedirectToAction("ChangePassword", "Account");
}
//if (!user.IsActive && user.Code != "su")
//{
// ModelState.AddModelError(string.Empty, "此账号已被禁用");
// return View(model);
//}
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
Session.Add(WebConstants.UserSessionKey, user);
testWithUser();
#region AccessLog
AccessLog accessLog = new AccessLog();
accessLog.CreateDate = DateTime.Now;
accessLog.CsBrowser = Request.Browser.Type;
accessLog.UserAgent = Request.UserAgent;
accessLog.CsIP = Request.UserHostAddress;
accessLog.PageUrl = Request.RawUrl;
accessLog.PageName = Resources.EXT.ControllerLan.Con_UserSuccedToLogInSystem;
accessLog.UserCode = this.CurrentUser.Code;
accessLog.UserName = this.CurrentUser.FullName;
this.genericMgr.Create(accessLog);
#endregion
#region update user info:LastAccessDate&IpAddress
user.LastLoginDate = user.LastAccessDate;
user.LastIpAddress = user.IpAddress;
user.LastAccessDate = DateTime.Now;
user.IpAddress = Request.UserHostAddress;
this.genericMgr.Update("update from User set LastAccessDate = ? ,IpAddress = ? where Code =?",
new object[] { DateTime.Now, Request.UserHostAddress, user.Code });
#endregion
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Default", "Main");
}
}
}
}
//// If we got this far, something failed, redisplay form
return View(model);
}
public ActionResult Login(LogOnModel model, int siteId)
{
var systemFlag = systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.SystemFlag);
ViewBag.IsShow = systemFlag == "1";
if (ModelState.IsValid)
{
PortalSetting portalSetting = this.portalSettingMgr.GetPortalSetting(siteId);
SecurityService.SecurityService securityService = new SecurityService.SecurityService();
securityService.Url = ServiceURLHelper.ReplaceServiceUrl(securityService.Url, portalSetting.SIServerAddress, portalSetting.SIPort.ToString());
string userToken = string.Empty;
string returnVal = securityService.VerifyUserPasswordAndGetUserToken(model.UserName, model.Password);
switch (returnVal)
{
case "NullAccouunt":
ModelState.AddModelError(string.Empty, "帐号不存在.");
break;
case "Invalid":
ModelState.AddModelError(string.Empty, "帐号已经停用");
break;
case "PasswordExpired":
ModelState.AddModelError(string.Empty, "用户帐号密码已经过期");
return RedirectToAction("ChangePassword", new { siteId = siteId, userCode=model.UserName });
case "AccountLocked":
ModelState.AddModelError(string.Empty, "帐号已锁定。请联系管理员!");
break;
case "AccountLocked1":
ModelState.AddModelError(string.Empty, "密码连续3次错误,帐号已锁定。请联系管理员!");
break;
case "PasswordError":
ModelState.AddModelError(string.Empty, "密码错误,请重试.");
break;
default:
userToken = returnVal;
break;
}
if (!string.IsNullOrWhiteSpace(userToken))
{
return Redirect("http://" + portalSetting.WebServerAddress + ":" + portalSetting.WebPort + (string.IsNullOrWhiteSpace(portalSetting.WebVirtualPath) ? "" : ("/" + portalSetting.WebVirtualPath)) + "/Account/TokenLogin?userName="******"&userToken=" + userToken);
}
}
LoadSiteList();
return View(model);
}
public ActionResult Login(LogOnModel model, string returnUrl)
{
var systemFlag = systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.SystemFlag);
ViewBag.IsShow = systemFlag == "1";
var systemTitle = systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.SystemTitle);
ViewBag.SystemTitle = systemTitle;
//密码最长存留期
int passawordActive = int.Parse(systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.PassawordActive));
//帐号锁定阀值
int passwordLockCount = int.Parse(systemMgr.GetEntityPreferenceValue(Entity.SYS.EntityPreference.CodeEnum.PasswordLockCount));
if (ModelState.IsValid)
{
var isUserInDomain = false;
User user = this.securityMgr.GetUserWithPermissions(model.UserName);
if (user == null)
{
ModelState.AddModelError(string.Empty, Resources.ErrorMessage.Errors_Login_Password_MisMatch);
}
else if (!user.IsActive && user.Code != "su")
{
ModelState.AddModelError(string.Empty, "用户帐号已停用。请联系管理员!");
}
else if (user.PasswordExpired && user.Code != "su")
{
ModelState.AddModelError(string.Empty, "用户帐号密码已经过期。");
//修改密码
return RedirectToAction("ChangePassword", new { userCode =user.Code});
}
else if (user.AccountLocked && user.Code != "su")
{
ModelState.AddModelError(string.Empty, "帐号已锁定。请联系管理员!");
}
else
{
if (this.securityMgr.IsDomainAuthenticated(model.UserName, model.Password))
{
isUserInDomain = true;
}
if (!isUserInDomain && !model.HashedPassword.Equals(user.Password, StringComparison.OrdinalIgnoreCase))
{
ModelState.AddModelError(string.Empty, Resources.ErrorMessage.Errors_Login_Password_MisMatch);
UserLoginFailLog loginFaiilLog = new UserLoginFailLog
{
UserCode = user.Code,
UserName = user.Name,
LoginTime = System.DateTime.Now
};
this.genericMgr.Create(loginFaiilLog);
//判断是否超过3次登入失败
IList<UserLoginFailLog> userLoginFailLog = this.genericMgr.FindAll<UserLoginFailLog>(" select u from UserLoginFailLog as u where u.UserCode=? ",user.Code);
if (userLoginFailLog != null && userLoginFailLog.Count >= passwordLockCount)
{
//user.AccountLocked = true;
//this.genericMgr.Update(user);
this.genericMgr.UpdateWithNativeQuery(" update ACC_User set AccountLocked=1 where Code=? ",user.Code);
ModelState.AddModelError(string.Empty, "密码连续3次错误,帐号已锁定。请联系管理员!");
}
}
else
{
//this.genericMgr.Delete<UserLoginFailLog>(genericMgr.FindAll<UserLoginFailLog>(" from UserLoginFailLog as u where u.UserCode=? ",user.Code));
this.genericMgr.FindAllWithNativeSql("if exists (select 1 from ACC_UserLoginFailLog where UserCode=?)begin delete ACC_UserLoginFailLog where UserCode=? end",new object[]{ user.Code,user.Code });
//////判断用户停用等
//if (user.PasswordExpired && user.Code != "su")
//{
// return RedirectToAction("ChangePassword");
//}
//判断是否超过密码最长存留期没有改密码
IList<UserUpdatePasswordLog> updatePwLogs = this.genericMgr.FindAll<UserUpdatePasswordLog>(" select u from UserUpdatePasswordLog as u where u.UserCode=? and u.UpdateTime>=? ", new object[]{ user.Code,System.DateTime.Now.AddDays(-passawordActive).Date });
if (updatePwLogs == null || updatePwLogs.Count == 0)
{
//user.PasswordExpired = true;
//this.genericMgr.Update(user);
this.genericMgr.UpdateWithNativeQuery(" update ACC_User set PasswordExpired=1 where Code=? ", user.Code);
ModelState.AddModelError(string.Empty, "用户帐号密码已经过期。");
//修改密码
return RedirectToAction("ChangePassword", new { userCode = user.Code });
}
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
Session.Add(WebConstants.UserSessionKey, user);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Default", "Main");
}
}
}
}
//// If we got this far, something failed, redisplay form
return View(model);
}