//using CRM.Core.DTO; using Ninject; using System; using System.Collections.Generic; using System.Configuration; using System.Linq; using System.Web; using System.Web.Mvc; using System.Web.Security; using WX.CRM.Common; using WX.CRM.DAL.Redis; using WX.CRM.IBLL.Base; using WX.CRM.IBLL.Csvr; using WX.CRM.IBLL.Util; using WX.CRM.Model.Entity; using WX.CRM.WEB.Handler; using WX.CRM.WebHelper; using WX.CRM.WebHelper.UtilityModel; namespace WX.CRM.WEB.Controllers.Base { public class AccountController : Controller { [Inject] public IBAS_PARAMETER_Q _BAS_PARAMETER_BL { get; set; } [Inject] public ICACHE_Q _cacheQ { get; set; } [Inject] public ICSVR_CALLRECORD_Q _CSVR_CALLRECORD_Q { get; set; } [Inject] public IBAS_LOGINLOG_Q _BAS_LOGINLOG_Q { get; set; } // // GET: /Account/ private IBAS_INNERUSER_Q user_dal; public AccountController(IBAS_INNERUSER_Q _user_dal) { this.user_dal = _user_dal; } [NonAction] private ActionResult RedirectByAuthentication(string returnUrl, string mytoken = "") { if (this.HttpContext.Request.IsAuthenticated) { // 如果已经登录 if (string.IsNullOrEmpty(returnUrl)) { // 跳转到前一个访问的页面 return this.Redirect(returnUrl); } else { // 跳转到首页 return this.RedirectToAction("Index", "Home"); } } else { if (this.HttpContext.Request.QueryString["mytoken"] != null) { var mytokenKey = this.HttpContext.Request.QueryString["mytoken"]; RedisString rdb = new RedisString(); var authToken = rdb.Get(mytokenKey); if (!string.IsNullOrEmpty(authToken)) { this.Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, authToken)); return verifyToken(authToken, returnUrl, true); } } else if (!string.IsNullOrEmpty(mytoken)) { RedisString rdb = new RedisString(); var authToken = rdb.Get(mytoken); if (!string.IsNullOrEmpty(authToken)) { this.Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, authToken)); return verifyToken(authToken, returnUrl, true); } } BAS_INNERUSER user = null; //if (Request.Cookies["AY_CRM_RememberMe"] != null) //{ // string cookiesValue = Request.Cookies["AY_CRM_RememberMe"].Value; // cookiesValue = Utility.Decrypt(cookiesValue); // string[] user_info = cookiesValue.Split('#'); // user = new BAS_INNERUSER(); // user.EID = Convert.ToDecimal(user_info[0]); // user.map_PASSWORD2 = user_info[1]; //} // SSO跳转 var ssoUrl = System.Configuration.ConfigurationManager.AppSettings["SSOUrl"]; var appid = System.Configuration.ConfigurationManager.AppSettings["appid"]; if (string.IsNullOrEmpty(ssoUrl)) { LogHelper.Error("请配置SSO地址,未配置地址无法使用功能!"); return View(user); } Session["AuthToken"] = null; var authority = getAuthorityUrl(HttpContext.Request); var redirectUrl = HttpUtility.UrlEncode($"http://{authority}/account/logOn?returnUrl={HttpUtility.UrlEncode(returnUrl)}"); var url = $"{ssoUrl}/v1/api/open/sso/authorize?appid={appid}&redirect={redirectUrl}"; return Redirect(url); } } //[HttpGet] //public ActionResult OutLogon(string eid) //{ // var cti = _CSVR_CALLRECORD_Q.Sys_Environment_CTI_VER(); // if (string.IsNullOrEmpty(cti) || cti != "0") // { // return new RedirectResult("~/Base/Account/LogOn"); // } // decimal peid = 0; // if (string.IsNullOrWhiteSpace(eid) || !decimal.TryParse(eid, out peid)) // { // Response.Redirect(Url.Action("ErrorView", "Error", new { message = "错误提示:参数错误!" })); // } // BAS_INNERUSER model = user_dal.GetModelByEid(peid); // if (model == null) // { // Response.Redirect(Url.Action("ErrorView", "Error", new { message = "错误提示:找不到用户!" })); // } // return RedirectToMain(model.PKID, model.EID, null, "", ""); //} [HttpGet] public ActionResult LogOn(string returnUrl) { this.ViewBag.ReturnUrl = returnUrl; var authority = getAuthorityUrl(HttpContext.Request); var reUrl = new Uri($"http://{authority}{returnUrl}"); var col = Utility.GetQueryString(reUrl.Query); if (col == null || col.Count == 0 || col["authToken"] == null) { col = Utility.GetQueryString(HttpContext.Request.Url.Query); } var authToken = col["authToken"]; var ssoUrl = System.Configuration.ConfigurationManager.AppSettings["SSOUrl"]; if (string.IsNullOrEmpty(ssoUrl)) { LogHelper.Error("请配置SSO地址,未配置地址无法使用功能!"); var cti = _CSVR_CALLRECORD_Q.Sys_Environment_CTI_VER(); if (null != cti) { ViewBag.CTI_VER = Convert.ToInt32(cti); } int int_error = _cacheQ.GetValue_Parameter(WX.CRM.Model.Enum.Parameter.Sys_Environment_LogOn).GetInt(1); if (Session["LogOnErrorNum"] != null && (int)Session["LogOnErrorNum"] >= int_error) { ViewBag.NeedCode = 1; } return this.RedirectByAuthentication(returnUrl); } //判断如果已经登录,将不在做登录验证 if (this.HttpContext.Request.IsAuthenticated) { // 如果已经登录 if (!string.IsNullOrEmpty(returnUrl)) { // 跳转到前一个访问的页面 return this.Redirect(returnUrl); } else { // 跳转到首页 return this.RedirectToAction("Index", "Home"); } } if (!string.IsNullOrEmpty(authToken)) { return verifyToken(authToken, returnUrl); //var cti = _CSVR_CALLRECORD_Q.Sys_Environment_CTI_VER(); //if (null != cti) //{ // ViewBag.CTI_VER = Convert.ToInt32(cti); //} //int int_error = _cacheQ.GetValue_Parameter(WX.CRM.Model.Enum.Parameter.Sys_Environment_LogOn).GetInt(1); //if (Session["LogOnErrorNum"] != null && (int)Session["LogOnErrorNum"] >= int_error) //{ // ViewBag.ShowSnCode = true; //} //return this.RedirectByAuthentication(returnUrl); } return this.RedirectByAuthentication(returnUrl); } private ActionResult verifyToken(string authToken, string returnUrl, bool skip = false) { var ssoUrl = System.Configuration.ConfigurationManager.AppSettings["SSOUrl"]; var appid = System.Configuration.ConfigurationManager.AppSettings["appid"]; var url = $"{ssoUrl}/v1/api/open/sso/token"; var param = new { appId = appid, grantType = 1, token = authToken }; var result = Utility.PostAjaxData(url, JsonHelper.ObjDivertToJson(param), System.Text.Encoding.UTF8); LogHelper.Info("SSO验证结果:" + result); var response = JsonHelper.JsonDivertToObj(result); if (response != null && response.Ret == 0) { decimal eid = 0; var isdecimal = decimal.TryParse(response.Data.EmployeeId, out eid); if (!isdecimal) { var eidErrorMsg = $"工号【{response.Data.EmployeeId}】不合法,请联系管理员"; return JavaScript(eidErrorMsg); } var user = new BAS_INNERUSER { EID = eid, }; if (!int.TryParse(response.Data.ExtensionNumber, out int extensionNumber)) { user.map_FJH = null; } else { user.map_FJH = extensionNumber; } var logOnResultJson = LogOn(user, returnUrl, "", true); var logOnResult = (retLoginMsg)logOnResultJson.Data; if (logOnResult.result) { HttpContext.Response.Cookies.Add(new HttpCookie("AuthToken", response.Data.AccessToken)); if (returnUrl.IndexOf("isOut=1") > -1) { //return this.Redirect(returnUrl); LogHelper.Info("mytoken:" + logOnResult.mytokenKey); if (returnUrl.LastIndexOf("?") > -1) { returnUrl += "&mytoken=" + logOnResult.mytokenKey; } else { returnUrl += "?mytoken=" + logOnResult.mytokenKey; } return skip ? Redirect(returnUrl) : this.RedirectByAuthentication(returnUrl, logOnResult.mytokenKey); } else { return skip ? Redirect(returnUrl) : this.RedirectByAuthentication(returnUrl); //return this.Redirect(reUrl.AbsolutePath); } } else { return JavaScript("layer.msg(" + logOnResult.retmsg + ", { icon: 2 });"); } } return skip ? Redirect(returnUrl) : this.RedirectByAuthentication(returnUrl); } private bool RedirectToMain(decimal userId, decimal EID, int? fjh, string returnUrl, string password, ref string msg, ref string mytokenKey) { bool result = true; UserRights userrights = new UserRights(); LoginHelper login = new LoginHelper(); decimal logPkId = login.CreateLoginLog(userId, EID, fjh); string userinfo = login.setUserinfo(userId, EID, fjh, logPkId, out userrights); string encTicket = login.SetCookie(userId.ToString(), false, userinfo); //var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket) //{ // Expires = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day).AddDays(1) //}; //LogHelper.Info(cookie.ToJson()); //this.Response.Cookies.Add(cookie); //将登录信息存入redis,保留一天 try { string appSecret = ConfigurationManager.AppSettings["appSecret"].ToString(); mytokenKey = Utility.EncryptMD5(appSecret + "@" + encTicket);//md5 RedisString rdb = new RedisString(mytokenKey); TimeSpan span = new TimeSpan(1, 0, 0, 0, 0);//保留1天 userinfo = Utility.Encrypt(userinfo); if (rdb.Set(userinfo, span)) {//设置Redis, 可以考虑在加密 //mytokenKey = Utility.; } } catch (Exception e) { LogHelper.Error("redis写数据错误" + e.ToString()); } this.Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); //ResponseExtend.SetCookie(Response, FormsAuthentication.FormsCookieName, encTicket, SameSiteMode.None,true); //写入认证信息 //GenericPrincipal prin = new GenericPrincipal(this.HttpContext.User.Identity, userinfo.userRightId); //this.HttpContext.User = prin; //if (userrights != null && userrights.rights != null && userrights.rights.Count() > 0) //{ // //存入缓存 // string userInfoCache = "Cache_UserInfo_" + userId.ToString(); // CacheHelper.Set(userInfoCache, userrights); // int checkpwd = Utility.PasswordStrength(password); // if (checkpwd > 0) // { // msg = "登陆成功!但您的密码过于简单,请及时修改"; // } // msg = "登陆成功!"; //} //else //{ // //return this.RedirectToAction("NoRightView", "Error"); // msg = "您没有登陆系统的权限!"; // result = false; //} //存入缓存 string userInfoCache = "Cache_UserInfo_" + userId.ToString(); CacheHelper.Set(userInfoCache, userrights); //int checkpwd = Utility.PasswordStrength(password); //if (checkpwd > 0) //{ // msg = "登陆成功!但您的密码过于简单,请及时修改"; //} msg = "登陆成功!"; return result; } [HttpPost] public JsonResult LogOn(BAS_INNERUSER user, string returnUrl, string RememberMe) { return LogOn(user, returnUrl, RememberMe, false); } public JsonResult LogOn(BAS_INNERUSER user, string returnUrl, string RememberMe, bool isSso = false) { this.ViewBag.ReturnUrl = returnUrl; var cti = _CSVR_CALLRECORD_Q.Sys_Environment_CTI_VER(); retLoginMsg ret = new retLoginMsg() { result = true, retcode = 200, retmsg = "登陆成功!" }; if (null != cti) { ViewBag.CTI_VER = Convert.ToInt32(cti); } try { //ModelState.Clear(); // ModelState.Remove("map_PASSWORD"); //user.map_CPASSWORD = user.map_PASSWORD; ModelState.Remove("map_PASSWORD3"); ModelState.Remove("map_PASSWORD2"); ModelState.Remove("map_PASSWORD"); ModelState.Remove("map_CPASSWORD"); ModelState.Remove("map_CPASSWORD2"); ModelState.Remove("map_SnCode"); //if (ModelState.IsValid) //{ if (Session["LogOnErrorNum"] != null && (Session["ValidateCode"] == null || user.map_SnCode == null || user.map_SnCode.ToUpper() != Session["ValidateCode"].ToString())) { return Json(new retMsg() { result = false, retcode = 500, retmsg = "验证码错误!" }, JsonRequestBehavior.AllowGet); } else { //Bas_inneruserModel getuser = null; string error = string.Empty; decimal userId = 0; bool success = this.user_dal.ValidateUser(user.EID, user.PASSWORD, out error, out userId, isSso); if (success && user.map_FJH.HasValue) { var fjhrst = CHKFJHisLogin_BYCTIINTERFACE(user.EID, user.map_FJH); if (fjhrst.Key)//分机被占用 { success = false; error = "分机被" + fjhrst.Value + "占用"; ret = new retLoginMsg() { result = false, retcode = 500, retmsg = error }; return Json(ret, JsonRequestBehavior.AllowGet); } } if (success) { Session["LogOnErrorNum"] = null; //remenberMe(user.EID, user.PASSWORD, RememberMe); string msg = ""; string mytokenKey = "";//要返回的token success = RedirectToMain(userId, user.EID, user.map_FJH, returnUrl, user.PASSWORD, ref msg, ref mytokenKey); if (!string.IsNullOrEmpty(msg)) ret.retmsg = msg; ret.result = success; ret.mytokenKey = mytokenKey;//返回的tokenkey return Json(ret, JsonRequestBehavior.AllowGet); } else { ret = new retLoginMsg() { result = false, retcode = 500, retmsg = error }; if (Session["LogOnErrorNum"] == null) Session["LogOnErrorNum"] = 1; else { Session["LogOnErrorNum"] = (int)Session["LogOnErrorNum"] + 1; } this.ViewBag.LogOnError = error; } } int int_error = _cacheQ.GetValue_Parameter(WX.CRM.Model.Enum.Parameter.Sys_Environment_LogOn).GetInt(1); if (Session["LogOnErrorNum"] != null && (int)Session["LogOnErrorNum"] >= int_error) { ViewBag.ShowSnCode = true; ret.retcode = 10;//需要验证码 } Session["ValidateCode"] = null; //} //else //{ // this.ViewBag.LogOnError = "验证不通过"; //} } catch (Exception ex) { LogHelper.Error("AccountController:" + ex.ToString()); return Json(new retLoginMsg() { result = false, retcode = 500, retmsg = "系统错误:" + ex.Message }, JsonRequestBehavior.AllowGet); } return Json(ret, JsonRequestBehavior.AllowGet); } /// /// 检查分机号是否被占用(检查loginlog表) /// /// /// /// public ActionResult CHKFJHisLogin(decimal? eid, int? fjh) { var FJHisLogin = false; if (eid != null && fjh != null) { FJHisLogin = _BAS_LOGINLOG_Q.GetFJHTodayLoginLogLst(eid.Value, fjh.Value); } return new JsonResult() { Data = FJHisLogin, JsonRequestBehavior = JsonRequestBehavior.AllowGet }; } /// /// 检查分机号是否被占用(通过CTI接口检查) /// /// /// /// public ActionResult CHKFJHisLogin_BYCTI(decimal? eid, int? fjh) { return new JsonResult() { Data = CHKFJHisLogin_BYCTIINTERFACE(eid, fjh), JsonRequestBehavior = JsonRequestBehavior.AllowGet }; } /// /// 检查分机号是否被占用(通过CTI接口检查) /// /// /// /// private KeyValuePair CHKFJHisLogin_BYCTIINTERFACE(decimal? eid, int? fjh) { var needFlag = _BAS_PARAMETER_BL.GetModel_Patameter("Sys_Environment_CTI_NEEDCHK");//是否需要调用CTI接口检查 bool rst = false; string existsEID = ""; try { var arrNeedFlag = needFlag.PARAVALUE.Split(','); if (null != needFlag && arrNeedFlag[0].ToLower() == "true") { var ctiurlcfg = Utility.GetSettingByKey("shj"); if (arrNeedFlag.Length > 1) { ctiurlcfg = arrNeedFlag[1]; } if (!string.IsNullOrEmpty(ctiurlcfg) && fjh.HasValue) { var ctiurl = string.Concat("http://" + ctiurlcfg + "/checkUserExist?ext=", fjh); var rststr = Utility.PostData(ctiurl, System.Text.Encoding.Default); var rstdict = Utility.JSONToObject>(rststr); if (null != rstdict && rstdict.Count > 0 && rstdict.ContainsKey(fjh.ToString())) { if (rstdict[fjh.ToString()] > 0)//占用,等于0的不作为判定分机被占用 { rst = true; existsEID = rstdict[fjh.ToString()].ToString();//被占用工号 } } } } } catch (Exception ex) { LogHelper.Error(ex); } return new KeyValuePair(rst, existsEID); } [HttpGet] // [NonAction] public ActionResult LogOff() { var authToken = HttpContext.Request.Cookies.Get("AuthToken")?.Value; if (!string.IsNullOrEmpty(authToken)) { try { var ssoUrl = System.Configuration.ConfigurationManager.AppSettings["SSOUrl"]; var appid = System.Configuration.ConfigurationManager.AppSettings["appid"]; var url = $"{ssoUrl}/v1/api/open/sso/logout"; var headers = new Dictionary(); headers.Add("X-App-ID", appid); headers.Add("X-Token", authToken); if (!string.IsNullOrEmpty(ssoUrl)) { var result = Utility.PostAjaxData(url, headers, System.Text.Encoding.UTF8); if (!string.IsNullOrEmpty(result)) { var response = JsonHelper.JsonDivertToObj(result); if (response.Ret == 0) { HttpContext.Response.Cookies.Remove("AuthToken"); } } } } catch (Exception ex) { LogHelper.Error(ex); } } string cacheKey = "Cache_UserInfo_" + this.HttpContext.User.Identity.Name; CacheHelper.Remove(cacheKey); Session["AuthorizeSession"] = null; FormsAuthentication.SignOut(); return RedirectToAction("LogOn", "Account"); } public ActionResult simplePwd(int type = 0) { string msg = ""; if (type == 1) msg = "你的密码属于纯数字,过于简单,请修改密码"; if (type == 2) msg = "你的密码属于纯字母,过于简单,请修改密码"; if (type == 3) msg = "你的密码小于6位,过于简单,请修改密码"; ViewBag.MSG = msg; return View(); } public ActionResult UnAuthorized(string type) { if (string.IsNullOrEmpty(type)) { return View(); } else { ValidationErrors errors = new ValidationErrors(); errors.Add("你没有权限操作!"); return JsonHandler.ManageMessage(errors, false); } } /// /// 随机生成验证码 /// /// public ActionResult GetValidateCode() { Session["ValidateCode"] = null; SnCodeHelper code = new SnCodeHelper(); //生成随机数字 string codeStr = code.CreateRandomSatl(4).ToUpper(); //保存在session 用于验证正确用 Session["ValidateCode"] = codeStr.ToUpper(); //生成图片 byte[] bytes = code.CreateValidateImage(codeStr); return File(bytes, @"image/gif"); } private void remenberMe(decimal username, string password, string remenberme) { if (remenberme == "1") { string cookiesValue = username.ToString() + "#" + password; cookiesValue = Utility.Encrypt(cookiesValue); if (Request.Cookies["AY_CRM_RememberMe"] != null) { Request.Cookies["AY_CRM_RememberMe"].Value = cookiesValue; } else { HttpCookie UserCookie = new HttpCookie("AY_CRM_RememberMe"); UserCookie.Value = cookiesValue; UserCookie.Expires = DateTime.Now.AddDays(10); Response.Cookies.Add(UserCookie); } } else { if (Request.Cookies["AY_CRM_RememberMe"] != null) { Response.Cookies.Remove("AY_CRM_RememberMe"); } } } private String getAuthorityUrl(HttpRequestBase httpRequest) { if (httpRequest.Url.DnsSafeHost == "hegui.crm.tcfortune.com") { return httpRequest.Url.DnsSafeHost + ":8282"; } String hostHeader = httpRequest.Headers.Get("HOST"); if (!string.IsNullOrEmpty(hostHeader)) { return hostHeader; } return httpRequest.Url.Authority; } //[HttpGet] //public ActionResult test() //{ // SMS_BATCHMSG_BL bl = new SMS_BATCHMSG_BL(); // bl.ImpotDtResCode(); // return View(); //} } public class SsoResponse { public int Ret { get; set; } public string Msg { get; set; } public SsoResponseData Data { get; set; } } public class SsoResponseData { public string AccessToken { get; set; } public string refreshToken { get; set; } public string ExpireTime { get; set; } public string EmployeeId { get; set; } public string ExtensionNumber { get; set; } } public class retMsg { public bool result { get; set; } public int retcode { get; set; } public string retmsg { get; set; } } public class retLoginMsg { public bool result { get; set; } public int retcode { get; set; } public string retmsg { get; set; } public string mytokenKey { get; set; } } }