using CRM.Core.DTO; using Ninject; using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Mvc; using System.Web.Security; using WX.CRM.BLL.Util; using WX.CRM.Common; using WX.CRM.IBLL.Base; using WX.CRM.IBLL.Csvr; using WX.CRM.IBLL.Util; using WX.CRM.Model.Entity; using WX.CRM.WebHelper; using WX.CRM.WebHelper.UtilityModel; namespace WX.CRM.WEB.Controllers.Base { public class AccountController : Controller { [Inject] public IBAS_PARAMETER_Q _BAS_PARAMETER_BL { get; set; } [Inject] public ICACHE_Q _cacheQ { get; set; } [Inject] public ICSVR_CALLRECORD_Q _CSVR_CALLRECORD_Q { get; set; } [Inject] public IBAS_LOGINLOG_Q _BAS_LOGINLOG_Q { get; set; } // // GET: /Account/ private IBAS_INNERUSER_Q user_dal; public AccountController(IBAS_INNERUSER_Q _user_dal) { this.user_dal = _user_dal; } [NonAction] private ActionResult RedirectByAuthentication(string returnUrl) { if (this.HttpContext.Request.IsAuthenticated) { // 如果已经登录 if (null != returnUrl) { // 跳转到前一个访问的页面 return this.Redirect(returnUrl); } else { // 跳转到首页 return this.RedirectToAction("Index", "Home"); } } else { BAS_INNERUSER user = null; //if (Request.Cookies["AY_CRM_RememberMe"] != null) //{ // string cookiesValue = Request.Cookies["AY_CRM_RememberMe"].Value; // cookiesValue = Utility.Decrypt(cookiesValue); // string[] user_info = cookiesValue.Split('#'); // user = new BAS_INNERUSER(); // user.EID = Convert.ToDecimal(user_info[0]); // user.map_PASSWORD2 = user_info[1]; //} // SSO跳转 var ssoUrl = System.Configuration.ConfigurationManager.AppSettings["SSOUrl"]; var appid = System.Configuration.ConfigurationManager.AppSettings["appid"]; if (string.IsNullOrEmpty(ssoUrl)) { LogHelper.Error("请配置SSO地址,未配置地址无法使用功能!"); return View(user); } Session["AuthToken"] = null; var authority = HttpContext.Request.Url.Authority; var url = $"{ssoUrl}/v1/api/open/sso/authorize?appid={appid}&&redirect={HttpUtility.UrlEncode($"http://{authority}/account/logOn?returnUrl={HttpUtility.UrlEncode(returnUrl)}")}"; return Redirect(url); } } //[HttpGet] //public ActionResult OutLogon(string eid) //{ // var cti = _CSVR_CALLRECORD_Q.Sys_Environment_CTI_VER(); // if (string.IsNullOrEmpty(cti) || cti != "0") // { // return new RedirectResult("~/Base/Account/LogOn"); // } // decimal peid = 0; // if (string.IsNullOrWhiteSpace(eid) || !decimal.TryParse(eid, out peid)) // { // Response.Redirect(Url.Action("ErrorView", "Error", new { message = "错误提示:参数错误!" })); // } // BAS_INNERUSER model = user_dal.GetModelByEid(peid); // if (model == null) // { // Response.Redirect(Url.Action("ErrorView", "Error", new { message = "错误提示:找不到用户!" })); // } // return RedirectToMain(model.PKID, model.EID, null, "", ""); //} [HttpGet] public ActionResult LogOut(string msg) { ViewBag.ErrorMsg = msg; return View(); } [HttpGet] public ActionResult LogOn(string returnUrl, string authToken) { this.ViewBag.ReturnUrl = returnUrl; var authority = HttpContext.Request.Url.Authority; var reUrl = new Uri($"http://{authority}{returnUrl}"); var col = Utility.GetQueryString(reUrl.Query); if (col == null || col.Count == 0) { col = Utility.GetQueryString(HttpContext.Request.Url.Query); } authToken = string.IsNullOrEmpty(authToken) ? col["authToken"] : authToken; var ssoUrl = System.Configuration.ConfigurationManager.AppSettings["SSOUrl"]; var appid = System.Configuration.ConfigurationManager.AppSettings["appid"]; if (string.IsNullOrEmpty(ssoUrl)) { LogHelper.Error("请配置SSO地址,未配置地址无法使用功能!"); var cti = _CSVR_CALLRECORD_Q.Sys_Environment_CTI_VER(); if (null != cti) { ViewBag.CTI_VER = Convert.ToInt32(cti); } int int_error = _cacheQ.GetValue_Parameter(WX.CRM.Model.Enum.Parameter.Sys_Environment_LogOn).GetInt(1); if (Session["LogOnErrorNum"] != null && (int)Session["LogOnErrorNum"] >= int_error) { ViewBag.NeedCode = 1; } return this.RedirectByAuthentication(returnUrl); } if (!string.IsNullOrEmpty(authToken)) { var url = $"{ssoUrl}/v1/api/open/sso/token"; var param = new { appId = appid, grantType = 1, token = authToken }; var result = Utility.PostAjaxData(url, JsonHelper.ObjDivertToJson(param), System.Text.Encoding.UTF8); var response = JsonHelper.JsonDivertToObj(result); if (response != null && response.Ret == 0) { decimal eid = 0; LogHelper.Info("登录DATA:" + response.Data.ToJson()); var isdecimal = decimal.TryParse(response.Data.EmployeeId, out eid); if (!isdecimal) { var eidErrorMsg = $"工号【{response.Data.EmployeeId}】不合法,请联系管理员"; return JavaScript(eidErrorMsg); } var user = new BAS_INNERUSER { EID = eid, }; if (!int.TryParse(response.Data.ExtensionNumber, out int extensionNumber)) { user.map_FJH = null; } else { user.map_FJH = extensionNumber; } var logOnResultJson = LogOn(user, returnUrl, "", true); LogHelper.Info("logOnResultJson:" + logOnResultJson.ToJson()); var logOnResult = (retMsg)logOnResultJson.Data; HttpContext.Response.Cookies.Add(new HttpCookie("AuthToken", response.Data.AccessToken)); if (logOnResult.result) { if (reUrl.AbsolutePath == "/") { return this.Redirect(reUrl.AbsolutePath); } else { return this.Redirect(returnUrl); } } else { var logoutUrl = $"{reUrl}/Account/LogOut?msg={logOnResult.retmsg}"; return this.Redirect(logoutUrl); } } //var cti = _CSVR_CALLRECORD_Q.Sys_Environment_CTI_VER(); //if (null != cti) //{ // ViewBag.CTI_VER = Convert.ToInt32(cti); //} //int int_error = _cacheQ.GetValue_Parameter(WX.CRM.Model.Enum.Parameter.Sys_Environment_LogOn).GetInt(1); //if (Session["LogOnErrorNum"] != null && (int)Session["LogOnErrorNum"] >= int_error) //{ // ViewBag.ShowSnCode = true; //} //return this.RedirectByAuthentication(returnUrl); } return this.RedirectByAuthentication(returnUrl); } [HttpGet] public ActionResult OutLogOn(decimal eid, string m) { retMsg ret = new retMsg() { result = true, retcode = 200, retmsg = "登陆成功!" }; var param = _cacheQ.GetValue_Parameter(Model.Enum.Parameter.Secret_Free_Login); if (!string.IsNullOrWhiteSpace(param) && param == "1") { var pass = Utility.EncryptMD5(eid + "freelogin"); if (m.ToLower() == pass.ToLower()) { var user = user_dal.getInnerUserByEid(eid); if (user == null) { return JavaScript("用户名或密码错误!"); } Session["LogOnErrorNum"] = null; string msg = ""; var success = RedirectToMain(user.PKID, user.EID, user.map_FJH, "/", user.PASSWORD, ref msg); if (!string.IsNullOrEmpty(msg)) ret.retmsg = msg; ret.result = success; return this.Redirect("/?freelogin=true"); } } var errorMessage = "无法登陆!"; return JavaScript(errorMessage); } private bool RedirectToMain(decimal userId, decimal EID, int? fjh, string returnUrl, string password, ref string msg) { bool result = true; UserRights userrights = new UserRights(); LoginHelper login = new LoginHelper(); decimal logPkId = login.CreateLoginLog(userId, EID, fjh); string userinfo = login.setUserinfo(userId, EID, fjh, logPkId, out userrights); string encTicket = login.SetCookie(userId.ToString(), false, userinfo); //var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket) //{ // Expires = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day).AddDays(1) //}; //LogHelper.Info(cookie.ToJson()); //this.Response.Cookies.Add(cookie); this.Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); //写入认证信息 //GenericPrincipal prin = new GenericPrincipal(this.HttpContext.User.Identity, userinfo.userRightId); //this.HttpContext.User = prin; if (userrights != null && userrights.rights != null && userrights.rights.Count() > 0) { //存入缓存 string userInfoCache = "Cache_UserInfo_" + userId.ToString(); CacheHelper.Set(userInfoCache, userrights); int checkpwd = Utility.PasswordStrength(password); if (checkpwd > 0) { msg = "登陆成功!但您的密码过于简单,请及时修改"; } msg = "登陆成功!"; } else { //return this.RedirectToAction("NoRightView", "Error"); msg = "您没有登陆系统的权限!"; result = false; } return result; } [HttpPost] public JsonResult LogOn(BAS_INNERUSER user, string returnUrl, string RememberMe) { return LogOn(user, returnUrl, RememberMe, false); } public JsonResult LogOn(BAS_INNERUSER user, string returnUrl, string RememberMe, bool isSso = false) { this.ViewBag.ReturnUrl = returnUrl; var cti = _CSVR_CALLRECORD_Q.Sys_Environment_CTI_VER(); retMsg ret = new retMsg() { result = true, retcode = 200, retmsg = "登陆成功!" }; if (null != cti) { ViewBag.CTI_VER = Convert.ToInt32(cti); } try { //ModelState.Clear(); // ModelState.Remove("map_PASSWORD"); //user.map_CPASSWORD = user.map_PASSWORD; ModelState.Remove("map_PASSWORD3"); ModelState.Remove("map_PASSWORD2"); ModelState.Remove("map_PASSWORD"); ModelState.Remove("map_CPASSWORD"); ModelState.Remove("map_CPASSWORD2"); ModelState.Remove("map_SnCode"); //if (ModelState.IsValid) //{ if (!isSso && Session["LogOnErrorNum"] != null && (Session["ValidateCode"] == null || user.map_SnCode == null || user.map_SnCode.ToUpper() != Session["ValidateCode"].ToString())) { return Json(new retMsg() { result = false, retcode = 500, retmsg = "验证码错误!" }, JsonRequestBehavior.AllowGet); } else { //Bas_inneruserModel getuser = null; string error = string.Empty; decimal userId = 0; bool success = this.user_dal.ValidateUser(user.EID, user.PASSWORD, out error, out userId, isSso); if (success && user.map_FJH.HasValue) { var fjhrst = CHKFJHisLogin_BYCTIINTERFACE(user.EID, user.map_FJH); if (fjhrst.Key)//分机被占用 { success = false; error = "分机被" + fjhrst.Value + "占用"; ret = new retMsg() { result = false, retcode = 500, retmsg = error }; return Json(ret, JsonRequestBehavior.AllowGet); } } if (success) { Session["LogOnErrorNum"] = null; //remenberMe(user.EID, user.PASSWORD, RememberMe); string msg = ""; success = RedirectToMain(userId, user.EID, user.map_FJH, returnUrl, user.PASSWORD, ref msg); if (!string.IsNullOrEmpty(msg)) ret.retmsg = msg; ret.result = success; return Json(ret, JsonRequestBehavior.AllowGet); } else { ret = new retMsg() { result = false, retcode = 500, retmsg = error }; if (Session["LogOnErrorNum"] == null) Session["LogOnErrorNum"] = 1; else { Session["LogOnErrorNum"] = (int)Session["LogOnErrorNum"] + 1; } this.ViewBag.LogOnError = error; } } int int_error = _cacheQ.GetValue_Parameter(WX.CRM.Model.Enum.Parameter.Sys_Environment_LogOn).GetInt(1); if (Session["LogOnErrorNum"] != null && (int)Session["LogOnErrorNum"] >= int_error) { ViewBag.ShowSnCode = true; ret.retcode = 10;//需要验证码 } Session["ValidateCode"] = null; //} //else //{ // this.ViewBag.LogOnError = "验证不通过"; //} } catch (Exception ex) { LogHelper.Error("AccountController:" + ex.ToString()); return Json(new retMsg() { result = false, retcode = 500, retmsg = "系统错误:" + ex.Message }, JsonRequestBehavior.AllowGet); } return Json(ret, JsonRequestBehavior.AllowGet); } /// /// 检查分机号是否被占用(检查loginlog表) /// /// /// /// public ActionResult CHKFJHisLogin(decimal? eid, int? fjh) { var FJHisLogin = false; if (eid != null && fjh != null) { FJHisLogin = _BAS_LOGINLOG_Q.GetFJHTodayLoginLogLst(eid.Value, fjh.Value); } return new JsonResult() { Data = FJHisLogin, JsonRequestBehavior = JsonRequestBehavior.AllowGet }; } /// /// 检查分机号是否被占用(通过CTI接口检查) /// /// /// /// public ActionResult CHKFJHisLogin_BYCTI(decimal? eid, int? fjh) { return new JsonResult() { Data = CHKFJHisLogin_BYCTIINTERFACE(eid, fjh), JsonRequestBehavior = JsonRequestBehavior.AllowGet }; } /// /// 检查分机号是否被占用(通过CTI接口检查) /// /// /// /// private KeyValuePair CHKFJHisLogin_BYCTIINTERFACE(decimal? eid, int? fjh) { var needFlag = _BAS_PARAMETER_BL.GetModel_Patameter("Sys_Environment_CTI_NEEDCHK");//是否需要调用CTI接口检查 bool rst = false; string existsEID = ""; try { var arrNeedFlag = needFlag.PARAVALUE.Split(','); if (null != needFlag && arrNeedFlag[0].ToLower() == "true") { var ctiurlcfg = Utility.GetSettingByKey("shj"); if (arrNeedFlag.Length > 1) { ctiurlcfg = arrNeedFlag[1]; } if (!string.IsNullOrEmpty(ctiurlcfg) && fjh.HasValue) { var ctiurl = string.Concat("http://" + ctiurlcfg + "/checkUserExist?ext=", fjh); var rststr = Utility.PostData(ctiurl, System.Text.Encoding.Default); var rstdict = Utility.JSONToObject>(rststr); if (null != rstdict && rstdict.Count > 0 && rstdict.ContainsKey(fjh.ToString())) { if (rstdict[fjh.ToString()] >= 0)//占用 { rst = true; if (rstdict[fjh.ToString()] > 0) existsEID = rstdict[fjh.ToString()].ToString();//被占用工号 } } } } } catch (Exception ex) { LogHelper.Error(ex); } return new KeyValuePair(rst, existsEID); } [HttpGet] public ActionResult LogOff() { var authToken = HttpContext.Request.Cookies.Get("AuthToken")?.Value; if (!string.IsNullOrEmpty(authToken)) { try { var ssoUrl = System.Configuration.ConfigurationManager.AppSettings["SSOUrl"]; var appid = System.Configuration.ConfigurationManager.AppSettings["appid"]; var url = $"{ssoUrl}/v1/api/open/sso/logout"; var headers = new Dictionary(); headers.Add("X-App-ID", appid); headers.Add("X-Token", authToken); if (!string.IsNullOrEmpty(ssoUrl)) { var result = Utility.PostAjaxData(url, headers, System.Text.Encoding.UTF8); if (!string.IsNullOrEmpty(result)) { var response = JsonHelper.JsonDivertToObj(result); if (response.Ret == 0) { HttpContext.Response.Cookies.Remove("AuthToken"); } } } } catch (Exception ex) { LogHelper.Error(ex); } } string cacheKey = "Cache_UserInfo_" + this.HttpContext.User.Identity.Name; CacheHelper.Remove(cacheKey); Session["AuthorizeSession"] = null; FormsAuthentication.SignOut(); return RedirectToAction("LogOn", "Account"); } public ActionResult simplePwd(int type = 0) { string msg = ""; if (type == 1) msg = "你的密码属于纯数字,过于简单,请修改密码"; if (type == 2) msg = "你的密码属于纯字母,过于简单,请修改密码"; if (type == 3) msg = "你的密码小于6位,过于简单,请修改密码"; ViewBag.MSG = msg; return View(); } public ActionResult UnAuthorized(string type) { if (string.IsNullOrEmpty(type)) { return View(); } else { ValidationErrors errors = new ValidationErrors(); errors.Add("你没有权限操作!"); return JsonHandler.ManageMessage(errors, false); } } /// /// 随机生成验证码 /// /// public ActionResult GetValidateCode() { Session["ValidateCode"] = null; SnCodeHelper code = new SnCodeHelper(); //生成随机数字 string codeStr = code.CreateRandomSatl(4).ToUpper(); //保存在session 用于验证正确用 Session["ValidateCode"] = codeStr.ToUpper(); //生成图片 byte[] bytes = code.CreateValidateImage(codeStr); return File(bytes, @"image/gif"); } private void remenberMe(decimal username, string password, string remenberme) { if (remenberme == "1") { string cookiesValue = username.ToString() + "#" + password; cookiesValue = Utility.Encrypt(cookiesValue); if (Request.Cookies["AY_CRM_RememberMe"] != null) { Request.Cookies["AY_CRM_RememberMe"].Value = cookiesValue; } else { HttpCookie UserCookie = new HttpCookie("AY_CRM_RememberMe"); UserCookie.Value = cookiesValue; UserCookie.Expires = DateTime.Now.AddDays(10); Response.Cookies.Add(UserCookie); } } else { if (Request.Cookies["AY_CRM_RememberMe"] != null) { Response.Cookies.Remove("AY_CRM_RememberMe"); } } } //[HttpGet] //public ActionResult test() //{ // SMS_BATCHMSG_BL bl = new SMS_BATCHMSG_BL(); // bl.ImpotDtResCode(); // return View(); //} } public class SsoResponse { public int Ret { get; set; } public string Msg { get; set; } public SsoResponseData Data { get; set; } } public class SsoResponseData { public string AccessToken { get; set; } public string refreshToken { get; set; } public string ExpireTime { get; set; } public string EmployeeId { get; set; } public string ExtensionNumber { get; set; } } }