345 lines
13 KiB
C#
345 lines
13 KiB
C#
using Core.Web.WebHelper;
|
||
using Core.Web.WebHelper.UserRight;
|
||
using CRM.Core.BLL.Base;
|
||
using CRM.Core.BLL.Util;
|
||
using CRM.Core.Common.WebHelper;
|
||
using CRM.Core.DTO;
|
||
using CRM.Core.Model.Entity;
|
||
using CRM.Core.Model.Enum;
|
||
using CRM.Core.Model.QueryModels;
|
||
using System;
|
||
using System.Collections.Generic;
|
||
using System.Configuration;
|
||
using System.Linq;
|
||
using System.Web;
|
||
using System.Web.Mvc;
|
||
using System.Web.Security;
|
||
using System.Web.Util;
|
||
using WX.CRM.Common;
|
||
using static CRM.Core.Model.QueryModels.SSORequest;
|
||
|
||
namespace Core.Web.Controllers
|
||
{
|
||
public class AccountSSOController : Controller
|
||
{
|
||
CACHE_BL _cacheQ = new CACHE_BL();
|
||
BAS_INNERUSER_BL user_dal = new BAS_INNERUSER_BL();
|
||
// GET: Account
|
||
public ActionResult LogOn()
|
||
{
|
||
|
||
return View();
|
||
}
|
||
|
||
[HttpGet]
|
||
public ActionResult LogOn(string returnUrl)
|
||
{
|
||
|
||
|
||
this.ViewBag.ReturnUrl = returnUrl;
|
||
var ssoUrl = System.Configuration.ConfigurationManager.AppSettings["SSOUrl"];
|
||
if (string.IsNullOrEmpty(ssoUrl))
|
||
{
|
||
int int_error = _cacheQ.GetValue_Parameter(Parameter.Sys_Environment_LogOn).GetInt(1);
|
||
if (Session["LogOnErrorNum"] != null && (int)Session["LogOnErrorNum"] >= int_error)
|
||
{
|
||
ViewBag.ShowSnCode = true;
|
||
}
|
||
return this.RedirectByAuthentication(returnUrl);
|
||
}
|
||
else
|
||
{
|
||
var authority = getAuthorityUrl(HttpContext.Request);
|
||
var reUrl = new Uri($"http://{authority}{returnUrl}");
|
||
var col = Utility.GetQueryString(reUrl.Query);
|
||
if (col == null || col.Count == 0)
|
||
{
|
||
col = Utility.GetQueryString(HttpContext.Request.Url.Query);
|
||
}
|
||
var authToken = col["authToken"];
|
||
var appid = System.Configuration.ConfigurationManager.AppSettings["appid"];
|
||
if (!string.IsNullOrEmpty(authToken))
|
||
{
|
||
var url = $"{ssoUrl}/v1/api/open/sso/token";
|
||
var param = new
|
||
{
|
||
appId = appid,
|
||
grantType = 1,
|
||
token = authToken
|
||
};
|
||
|
||
var result = Utility.PostAjaxData(url, JsonHelper.ObjDivertToJson(param), System.Text.Encoding.UTF8);
|
||
|
||
var response = JsonHelper.JsonDivertToObj<SSORequest.SsoResponse<SsoResponseData>>(result);
|
||
|
||
if (response != null && response.Ret == 0)
|
||
{
|
||
if (response.Data != null && !string.IsNullOrEmpty(response.Data.EmployeeId))
|
||
{
|
||
var user = this.user_dal.GetModelByEid(decimal.Parse(response.Data.EmployeeId));
|
||
if (user != null)
|
||
{
|
||
if (!int.TryParse(response.Data.ExtensionNumber, out int extensionNumber))
|
||
{
|
||
user.map_FJH = null;
|
||
}
|
||
else
|
||
{
|
||
user.map_FJH = extensionNumber;
|
||
}
|
||
|
||
//string appSecret = ConfigurationManager.AppSettings["appSecret"].ToString();
|
||
//mytokenKey = Utility.EncryptMD5(appSecret + "@" + encTicket);//md5
|
||
//RedisString<string> rdb = new RedisString<string>(mytokenKey);
|
||
//TimeSpan span = new TimeSpan(1, 0, 0, 0, 0);//保留1天
|
||
//if (rdb.Set(encTicket, span))
|
||
//{//设置Redis, 可以考虑在加密
|
||
// //mytokenKey = Utility.;
|
||
//}
|
||
|
||
HttpContext.Response.Cookies.Add(new HttpCookie("AuthToken", response.Data.AccessToken));
|
||
HttpContext.Response.Cookies.Add(new HttpCookie("refreshToken", response.Data.refreshToken));//刷新token
|
||
HttpContext.Response.Cookies.Add(new HttpCookie("expireTime", response.Data.ExpireTime));//过期时间
|
||
return RedirectToMain(user.PKID, user.EID, returnUrl, user.PASSWORD, user.map_FJH);
|
||
}
|
||
else
|
||
{
|
||
return UnAuthorized("查无此用户");
|
||
}
|
||
}
|
||
}
|
||
}
|
||
|
||
|
||
return this.RedirectByAuthentication(returnUrl);
|
||
|
||
}
|
||
}
|
||
|
||
|
||
|
||
[HttpPost]
|
||
public ActionResult LogOn(BAS_INNERUSER user, string returnUrl, string RememberMe)
|
||
{
|
||
this.ViewBag.ReturnUrl = returnUrl;
|
||
try
|
||
{
|
||
//ModelState.Clear();
|
||
// ModelState.Remove("map_PASSWORD");
|
||
//user.map_CPASSWORD = user.map_PASSWORD;
|
||
ModelState.Remove("map_PASSWORD3");
|
||
ModelState.Remove("map_PASSWORD2");
|
||
ModelState.Remove("map_PASSWORD");
|
||
ModelState.Remove("map_CPASSWORD");
|
||
ModelState.Remove("map_CPASSWORD2");
|
||
ModelState.Remove("map_SnCode");
|
||
|
||
//if (ModelState.IsValid)
|
||
//{
|
||
if (Session["LogOnErrorNum"] != null && (Session["ValidateCode"] == null || user.map_SnCode == null || user.map_SnCode.ToUpper() != Session["ValidateCode"].ToString()))
|
||
{
|
||
this.ViewBag.LogOnError = "验证码错误!";
|
||
}
|
||
else
|
||
{
|
||
//Bas_inneruserModel getuser = null;
|
||
string error = string.Empty;
|
||
int userId = 0;
|
||
bool success = this.user_dal.ValidateUser(user.EID, user.PASSWORD, out error, out userId);
|
||
|
||
|
||
if (success)
|
||
{
|
||
Session["LogOnErrorNum"] = null;
|
||
//remenberMe(user.EID, user.PASSWORD, RememberMe);
|
||
|
||
return RedirectToMain(userId, user.EID, returnUrl, user.PASSWORD);
|
||
}
|
||
else
|
||
{
|
||
if (Session["LogOnErrorNum"] == null)
|
||
Session["LogOnErrorNum"] = 1;
|
||
else
|
||
{
|
||
Session["LogOnErrorNum"] = (int)Session["LogOnErrorNum"] + 1;
|
||
}
|
||
|
||
this.ViewBag.LogOnError = error;
|
||
}
|
||
}
|
||
int int_error = _cacheQ.GetValue_Parameter(Parameter.Sys_Environment_LogOn).GetInt(1);//出错多少次就 需要验证码
|
||
if (Session["LogOnErrorNum"] != null && (int)Session["LogOnErrorNum"] >= int_error)
|
||
{
|
||
ViewBag.ShowSnCode = true;
|
||
}
|
||
Session["ValidateCode"] = null;
|
||
//}
|
||
//else
|
||
//{
|
||
// this.ViewBag.LogOnError = "验证不通过";
|
||
//}
|
||
|
||
}
|
||
catch (Exception ex)
|
||
{
|
||
this.ViewBag.LogOnError = ex.Message;
|
||
LogHelper.Error("AccountController:" + ex.ToString());
|
||
}
|
||
return View(user);
|
||
}
|
||
|
||
private ActionResult RedirectToMain(int userId, int EID, string returnUrl, string password, int? fjh = null)
|
||
{
|
||
string[] userrights = { };
|
||
LoginHelper login = new LoginHelper();
|
||
decimal logPkId = login.CreateLoginLog(userId, EID, 0);
|
||
string userinfo = login.setUserinfo(userId, EID, fjh, logPkId, ref userrights);//设置登陆这的所有信息
|
||
string encTicket = login.SetCookie(userId.ToString(), false, userinfo);
|
||
|
||
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
|
||
cookie.Expires = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day).AddDays(1);
|
||
|
||
this.Response.Cookies.Add(cookie);
|
||
|
||
|
||
//写入认证信息
|
||
//GenericPrincipal prin = new GenericPrincipal(this.HttpContext.User.Identity, userinfo.userRightId);
|
||
//this.HttpContext.User = prin;
|
||
if (userrights != null && userrights.Count() > 0)
|
||
{
|
||
|
||
//存入缓存
|
||
string userInfoCache = "Cache_UserInfo_" + userId.ToString();
|
||
CacheHelper.Set<string[]>(userInfoCache, userrights);
|
||
int checkpwd = Utility.PasswordStrength(password);
|
||
if (checkpwd > 0)
|
||
{
|
||
return Redirect("/Base/Account/simplePwd?type=" + checkpwd);
|
||
}
|
||
else
|
||
{
|
||
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
|
||
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
|
||
{
|
||
return Redirect(returnUrl);
|
||
}
|
||
else
|
||
{
|
||
return this.RedirectToAction("Index", "Home");
|
||
}
|
||
}
|
||
}
|
||
else
|
||
{
|
||
return this.RedirectToAction("Index", "Home");
|
||
//return this.RedirectToAction("NoRightView", "Error");
|
||
}
|
||
}
|
||
[NonAction]
|
||
private ActionResult RedirectByAuthentication(string returnUrl)
|
||
{
|
||
if (this.HttpContext.Request.IsAuthenticated)
|
||
{
|
||
// 如果已经登录
|
||
|
||
if (!string.IsNullOrEmpty(returnUrl))
|
||
{
|
||
// 跳转到前一个访问的页面
|
||
return this.Redirect(returnUrl);
|
||
}
|
||
else
|
||
{
|
||
// 跳转到首页
|
||
return this.RedirectToAction("Index", "Home");
|
||
}
|
||
}
|
||
else
|
||
{
|
||
BAS_INNERUSER user = null;
|
||
// return View(user);
|
||
// SSO跳转
|
||
var ssoUrl = System.Configuration.ConfigurationManager.AppSettings["SSOUrl"];
|
||
var appid = System.Configuration.ConfigurationManager.AppSettings["appid"];
|
||
if (string.IsNullOrEmpty(ssoUrl))
|
||
{
|
||
LogHelper.Error("请配置SSO地址,未配置地址无法使用功能!");
|
||
return View(user);
|
||
}
|
||
Session["AuthToken"] = null;
|
||
|
||
|
||
var authority = getAuthorityUrl(HttpContext.Request);
|
||
var uri = $"http://{authority}/accountsso/logOn?returnUrl={returnUrl}";
|
||
var url = $"{ssoUrl}/v1/api/open/sso/authorize?appid={appid}&&redirect={HttpUtility.UrlEncode(uri)}";
|
||
return Redirect(url);
|
||
}
|
||
}
|
||
|
||
|
||
|
||
/// <summary>
|
||
/// 随机生成验证码
|
||
/// </summary>
|
||
/// <returns></returns>
|
||
public ActionResult GetValidateCode()
|
||
{
|
||
Session["ValidateCode"] = null;
|
||
SnCodeHelper code = new SnCodeHelper();
|
||
//生成随机数字
|
||
string codeStr = Utility.CreateRandomSatl(5);
|
||
//保存在session 用于验证正确用
|
||
Session["ValidateCode"] = codeStr.ToUpper();
|
||
//生成图片
|
||
byte[] bytes = code.CreateValidateImage(codeStr);
|
||
return File(bytes, @"image/gif");
|
||
}
|
||
|
||
|
||
[HttpGet]
|
||
// [NonAction]
|
||
public ActionResult LogOff()
|
||
{
|
||
|
||
string cacheKey = "Cache_UserInfo_" + this.HttpContext.User.Identity.Name;
|
||
CacheHelper.Remove(cacheKey);
|
||
Session["AuthorizeSession"] = null;
|
||
FormsAuthentication.SignOut();
|
||
return RedirectToAction("LogOn", "Account");
|
||
}
|
||
|
||
|
||
public ActionResult UnAuthorized(string type)
|
||
{
|
||
if (string.IsNullOrEmpty(type))
|
||
{
|
||
return View();
|
||
}
|
||
else
|
||
{
|
||
retMsg ret = new retMsg
|
||
{
|
||
result = false,
|
||
retcode = 500,
|
||
retmsg = "抱歉,您没有权限访问!" + type
|
||
};
|
||
return Json(ret, JsonRequestBehavior.AllowGet);
|
||
|
||
}
|
||
}
|
||
|
||
private String getAuthorityUrl(HttpRequestBase httpRequest)
|
||
{
|
||
if (httpRequest.Url.DnsSafeHost == "hg.soft.dn8188.com")
|
||
{
|
||
return HttpContext.Request.Url.DnsSafeHost;
|
||
}
|
||
String hostHeader = httpRequest.Headers.Get("HOST");
|
||
if(!string.IsNullOrEmpty(hostHeader))
|
||
{
|
||
return hostHeader;
|
||
}
|
||
return httpRequest.Url.Authority;
|
||
}
|
||
}
|
||
|
||
} |