增加用户登陆判断,更新用户保存密码功能

This commit is contained in:
Argo-Lenovo 2016-10-23 15:46:18 +08:00
parent f0930a0d3e
commit 9da2b60db1
10 changed files with 128 additions and 40 deletions

View File

@ -179,6 +179,7 @@
<DependentUpon>Global.asax</DependentUpon>
</Compile>
<Compile Include="Models\HeaderBarModel.cs" />
<Compile Include="Models\LoginModel.cs" />
<Compile Include="Models\ModelBase.cs" />
<Compile Include="Models\NavigatorBarModel.cs" />
<Compile Include="Models\PaginationOption.cs" />

View File

@ -96,7 +96,7 @@
$.fn.extend({
autoValidate: function (options) {
// validate
$("#dataForm").validate({
$(this).validate({
ignore: "ignore",
rules: $.extend({}, options),
unhighlight: function (element, errorClass, validClass) {

View File

@ -1,4 +1,6 @@
using Bootstrap.Admin.Models;
using Bootstrap.DataAccess;
using Longbow.Security.Principal;
using System.Web.Mvc;
using System.Web.Security;
@ -22,18 +24,21 @@ namespace Bootstrap.Admin.Controllers
/// <summary>
///
/// </summary>
/// <param name="username"></param>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="remember"></param>
/// <returns></returns>
[AllowAnonymous]
public ActionResult Login(string username, string password, string remember)
public ActionResult Login(string userName, string password, string remember)
{
if (username == "Argo")
//UNDONE: 本方法有严重安全漏洞,发布前需要修正
var model = new LoginModel();
model.UserName = userName;
if (LgbPrincipal.IsAdmin(userName) || UserHelper.Authenticate(userName, password))
{
FormsAuthentication.RedirectFromLoginPage(username, false);
FormsAuthentication.RedirectFromLoginPage(userName, false);
}
return View();
return View(model);
}
/// <summary>
///

View File

@ -0,0 +1,22 @@
namespace Bootstrap.Admin.Models
{
/// <summary>
///
/// </summary>
public class LoginModel
{
public LoginModel()
{
UserName = "Argo";
Password = "1111";
}
/// <summary>
///
/// </summary>
public string UserName { get; set; }
/// <summary>
///
/// </summary>
public string Password { get; set; }
}
}

View File

@ -1,3 +1,15 @@
$(function () {
$(".container").autoCenter();
// validate
$('#login').autoValidate({
userName: {
required: true,
maxlength: 50
},
password: {
required: true,
maxlength: 50
}
});
})

View File

@ -1,4 +1,4 @@
@model Bootstrap.Admin.Models.NavigatorBarModel
@model NavigatorBarModel
@{
ViewBag.Title = "用户管理";
Layout = "~/Views/Shared/_Default.cshtml";
@ -45,11 +45,11 @@
<div class="form-group">
<label class="control-label col-sm-2" for="password">登录密码</label>
<div class="col-sm-4">
<input type="text" class="form-control" id="password" name="password" maxlength="15" />
<input type="password" class="form-control" id="password" name="password" maxlength="15" />
</div>
<label class="control-label col-sm-2" for="confirm">确认密码</label>
<div class="col-sm-4">
<input type="text" class="form-control" id="confirm" name="confirm" maxlength="5" />
<input type="password" class="form-control" id="confirm" name="confirm" maxlength="15" />
</div>
</div>
</form>

View File

@ -1,29 +1,32 @@
@{
ViewBag.Title = "系统登陆";
Layout = "~/Views/Shared/_Layout.cshtml";
}
@section css {
<link href="~/Content/css/site.css" rel="stylesheet" />
}
@section javascript {
<script src="~/Scripts/Login.js"></script>
}
<div class="container">
<form class="form-signin" method="post">
<h2 class="form-signin-heading">欢迎登陆本系统</h2>
<div class="login-wrap">
<div class="input-group">
<span class="glyphicon glyphicon-user input-group-addon"></span>
<input type="text" name="username" class="form-control" placeholder="用户名" value="Argo" autofocus />
</div>
<div class="input-group">
<span class="glyphicon glyphicon-lock input-group-addon"></span>
<input type="password" name="password" class="form-control" value="1234" placeholder="密码" />
</div>
<div class="checkbox">
<input id="remember" name="remember" type="checkbox" value="true" /><label for="remember">记住我</label>
</div>
<button class="btn btn-lg btn-login btn-block" type="submit">登 陆</button>
</div>
</form>
</div>
@model LoginModel
@{
ViewBag.Title = "系统登陆";
Layout = "~/Views/Shared/_Layout.cshtml";
}
@section css {
<link href="~/Content/css/site.css" rel="stylesheet" />
}
@section javascript {
<script src="~/content/js/jquery.validate.js"></script>
<script src="~/content/js/messages_zh.js"></script>
<script src="~/Scripts/Login.js"></script>
}
<div class="container">
<form id="login" class="form-signin" method="post">
<h2 class="form-signin-heading">欢迎登陆本系统</h2>
<div class="login-wrap">
<div class="input-group">
<span class="glyphicon glyphicon-user input-group-addon"></span>
<input type="text" name="userName" class="form-control" placeholder="用户名" value="@Model.UserName" autofocus />
</div>
<div class="input-group">
<span class="glyphicon glyphicon-lock input-group-addon"></span>
<input type="password" name="password" class="form-control" value="@Model.Password" placeholder="密码" />
</div>
<div class="checkbox">
<input id="remember" name="remember" type="checkbox" value="true" /><label for="remember">记住我</label>
</div>
<button class="btn btn-lg btn-login btn-block" type="submit">登 陆</button>
</div>
</form>
</div>

View File

@ -18,6 +18,7 @@
<add namespace="System.Web.Routing" />
<add namespace="Bootstrap.Admin" />
<add namespace="Bootstrap.DataAccess" />
<add namespace="Bootstrap.Admin.Models" />
</namespaces>
</pages>
</system.web.webPages.razor>

View File

@ -15,6 +15,7 @@
<add key="PreserveLoginUrl" value="true"/>
<add key="ClientValidationEnabled" value="true"/>
<add key="UnobtrusiveJavaScriptEnabled" value="true"/>
<add key="Admins" value="Argo"/>
</appSettings>
<connectionStrings>

View File

@ -1,6 +1,7 @@
using Longbow.Caching;
using Longbow.Caching.Configuration;
using Longbow.ExceptionManagement;
using Longbow.Security;
using System;
using System.Collections.Generic;
using System.Data;
@ -16,7 +17,6 @@ namespace Bootstrap.DataAccess
public static class UserHelper
{
private const string UserDataKey = "UserData-CodeUserHelper";
/// <summary>
/// 查询所有用户
/// </summary>
@ -49,6 +49,36 @@ namespace Bootstrap.DataAccess
return string.IsNullOrEmpty(tId) ? ret : ret.Where(t => tId.Equals(t.ID.ToString(), StringComparison.OrdinalIgnoreCase));
}
/// <summary>
///
/// </summary>
/// <param name="userName"></param>
/// <returns></returns>
private static User RetrieveUsersByName(string userName)
{
User user = null;
string sql = "select ID, UserName, [Password], PassSalt from Users where UserName = @UserName";
DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql);
try
{
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@UserName", userName, ParameterDirection.Input));
using (DbDataReader reader = DBAccessManager.SqlDBAccess.ExecuteReader(cmd))
{
if (reader.Read())
{
user = new User()
{
ID = (int)reader[0],
UserName = (string)reader[1],
Password = (string)reader[2],
PassSalt = (string)reader[3]
};
}
}
}
catch (Exception ex) { ExceptionManager.Publish(ex); }
return user;
}
/// <summary>
/// 删除用户
/// </summary>
/// <param name="ids"></param>
@ -84,6 +114,8 @@ namespace Bootstrap.DataAccess
bool ret = false;
if (p.UserName.Length > 50) p.UserName.Substring(0, 50);
if (p.Password.Length > 50) p.Password.Substring(0, 50);
p.PassSalt = LgbCryptography.GenerateSalt();
p.Password = LgbCryptography.ComputeHash(p.Password, p.PassSalt);
string sql = p.ID == 0 ?
"Insert Into Users (UserName, Password, PassSalt) Values (@UserName, @Password, @PassSalt)" :
"Update Users set UserName = @UserName, Password = @Password, PassSalt = @PassSalt where ID = @ID";
@ -94,7 +126,7 @@ namespace Bootstrap.DataAccess
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@ID", p.ID, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@UserName", p.UserName, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@Password", p.Password, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@PassSalt", DBNull.Value, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@PassSalt", p.PassSalt, ParameterDirection.Input));
DBAccessManager.SqlDBAccess.ExecuteNonQuery(cmd);
}
ret = true;
@ -106,6 +138,17 @@ namespace Bootstrap.DataAccess
}
return ret;
}
/// <summary>
/// 验证用户登陆账号与密码正确
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns></returns>
public static bool Authenticate(string userName, string password)
{
var user = RetrieveUsersByName(userName);
return user != null && user.Password == LgbCryptography.ComputeHash(password, user.PassSalt);
}
// 更新缓存
private static void ClearCache()
{