Tickets票据验证

  1 using System;
  2 using System.Collections.Generic;
  3 using System.Linq;
  4 using System.Text;
  5 using System.Web.Security;
  6 using System.Web;
  7 using System.Configuration;
  8 using Secom.EMS.Web.Common.Helper;
  9 using Secom.EMS.Web.Common.Models;
 10 
 11 namespace Secom.EMS.Web.Common.Helper
 12 {
 13     public class UserHelper
 14     {
 15         /// <summary>
 16         /// 退出，清除cookie
 17         /// </summary>
 18         public static void Logout()
 19         {
 20             FormsAuthentication.SignOut();
 21             HttpContext.Current.Session.Abandon();
 22             HttpContext.Current.Session.RemoveAll();
 23             HttpContext.Current.Response.Cookies.Clear();
 24 
 25             CurrentUser user = new CurrentUser
 26             {
 27                 UserID = 0,
 28                 Username = "Guest",
 29                 AccountID = string.Empty,
 30                 UserTypeID = 0,
 31                 AreaID = string.Empty,
 32                 Rights = new string[0]
 33             };
 34             WriteCurrentUserCookie(user);
 35         }
 36 
 37         /// <summary>
 38         /// 获取当前用户信息，从cookie中获取
 39         /// </summary>
 40         /// <returns></returns>
 41         public static CurrentUser GetCurrentUser()
 42         {
 43             HttpContext cnt = HttpContext.Current;
 44             CurrentUser user = new CurrentUser();
 45             FormsAuthenticationTicket ticket;
 46             string[] str;
 47             if (cnt.Request.IsAuthenticated)
 48             {
 49                 ticket = ((FormsIdentity)cnt.User.Identity).Ticket;
 50                 str = ticket.UserData.Split('|');
 51                 user.AccountID = str[0];
 52                 user.UserID = decimal.Parse(str[1]);
 53                 user.Username = ticket.Name;
 54                 user.AreaID = str[2];
 55                 user.UserTypeID = short.Parse( str[3]);
 56                 user.Rights = str[4].Split(',');
 57                 user.VerifyCode = str.Length > 5 ? str[5] : string.Empty;
 58             }
 59             else
 60             {
 61                 user.Username = "游客";
 62                 user.UserID = 0;
 63                 user.AccountID = string.Empty;
 64                 user.UserTypeID = 0;
 65                 user.AreaID = string.Empty;
 66                 user.Rights = new string[0];
 67             }
 68             return user;
 69         }
 70 
 71         /// <summary>
 72         /// 把当前用户信息写到cookie
 73         /// </summary>
 74         /// <param name="user"></param>
 75         public static void WriteCurrentUserCookie(CurrentUser user)
 76         {
 77             HttpContext cnt = HttpContext.Current;
 78             HttpCookie cookie;
 79             System.Web.Security.FormsAuthenticationTicket ticket;
 80 
 81             ticket = new System.Web.Security.FormsAuthenticationTicket(1,
 82                  user.Username,
 83                  DateTime.Now,
 84                  DateTime.Now.AddMinutes(FormsAuthentication.Timeout.Minutes),
 85                  false,
 86                  string.Format("{0}|{1}|{2}|{3}|{4}|{5}", user.AccountID, user.UserID, user.AreaID, user.UserTypeID, string.Join(",", user.Rights), user.VerifyCode));
 87 
 88             cookie = new HttpCookie(System.Web.Security.FormsAuthentication.FormsCookieName);
 89             cookie.Value = System.Web.Security.FormsAuthentication.Encrypt(ticket);
 90             cookie.Expires = DateTime.Now.AddMinutes(FormsAuthentication.Timeout.Minutes);
 91             cnt.Response.Cookies.Add(cookie);
 92         }
 93 
 94         /// <summary>
 95         /// 把当前用户信息写到cookie
 96         /// </summary>
 97         /// <param name="userID"></param>
 98         /// <param name="username"></param>
 99         /// <param name="roleID"></param>
100         /// <param name="deptID"></param>
101         /// <param name="verifyCode"></param>
102         public static void WriteCurrentUserCookie(string accountID, decimal userID, string username, short userTypeID, string areaID, string[] rights, string verifyCode)
103         {
104             CurrentUser user = new CurrentUser
105             {
106                 AccountID = accountID,
107                 UserID = userID,
108                 Username = username,
109                 VerifyCode = verifyCode,
110                 Rights = rights,
111                 AreaID = areaID,
112                 UserTypeID = userTypeID
113             };
114 
115             WriteCurrentUserCookie(user);
116         }
117     }
118 }

 1 using System;
 2 using System.Collections.Generic;
 3 using System.Linq;
 4 using System.Web;
 5 using System.Web.Mvc;
 6 using Secom.EMS.Web.Common;
 7 using Secom.EMS.Web.Common.Models;
 8 using Secom.EMS.Web.Common.Helper;
 9 using System.Web.Helpers;
10 using Secom.EMS.Entities;
11 using Secom.EMS.Common.Utilities;
12 
13 namespace Secom.EMS.Web.Areas.Site.Controllers
14 {
15     public class UserController : BaseController
16     {
17         #region login
18         public ActionResult Login()
19         {
20             ActionName = "登录";
21             return View();
22         }
23 
24         [HttpPost]
25         public ActionResult Login(LoginInfo login)
26         {
27             ActionName = "登录";
28             if (!ModelState.IsValid) return View();
29             /// 检查验证码
30             if (!login.VC.Equals(CurrentUser.VerifyCode, StringComparison.OrdinalIgnoreCase))
31             {
32                 ModelState.AddModelError("VC", "验证码输入错误");
33                 return View();
34             }
35 
36             /// 检查用户名与密码
37             TUser user = null;
38             ServiceHelper.Use<ITUserServiceChannel>(proxy =>
39             {
40                 user = proxy.GetTUser("F_Accountid=@0 and F_Password=@1", new List<object> { login.Username, StringHelper.MD5(login.Password) });
41             });
42             if (user == null)
43             {
44                 ModelState.AddModelError("LoginResult", "用户名与密码不符");
45                 return View();
46             }
47 
48             /// 登录成功
49             CurrentUser.AccountID = user.FAccountid;
50             CurrentUser.AreaID = user.FAreaid;
51             CurrentUser.UserID = user.FUserid ?? 0;
52             CurrentUser.Username = user.FName;
53             CurrentUser.UserTypeID = user.FUsertypeid ?? 0;
54             UserHelper.WriteCurrentUserCookie(CurrentUser);
55 
56             return Redirect("~/home");
57         }
58         #endregion
59 
60         #region logout
61         public ActionResult Logout()
62         {
63             UserHelper.Logout();
64             ModelState.AddModelError("LoginResult", "您已成功退出系统");
65             return View("login");
66         }
67         #endregion
68 
69     }
70 }