删除Authenticate方法，调用Bootstrap.Security的公共方法

Bootstrap.Admin/Controllers/HomeController.cs

@@ -1,5 +1,6 @@
 using Bootstrap.Admin.Models;
 using Bootstrap.DataAccess;
+using Bootstrap.Security;
 using Longbow.Security.Principal;
 using System.Web.Mvc;
 using System.Web.Security;
@@ -49,7 +50,7 @@ namespace Bootstrap.Admin.Controllers
             var model = new LoginModel();
             if (string.IsNullOrEmpty(userName)) return View(model);
             model.UserName = userName;
-            if (LgbPrincipal.IsAdmin(userName, password) || UserHelper.Authenticate(userName, password))
+            if (LgbPrincipal.IsAdmin(userName, password) || BootstrapUser.Authenticate(userName, password))
             {
                 FormsAuthentication.RedirectFromLoginPage(userName, remember == "true");
                 return new EmptyResult();

Bootstrap.Admin/Controllers/LoginController.cs

@@ -1,4 +1,4 @@
-using Bootstrap.DataAccess;
+using Bootstrap.Security;
 using Bootstrap.Security.Mvc;
 using Longbow.Caching;
 using Longbow.Security.Principal;
@@ -34,7 +34,7 @@ namespace Bootstrap.Admin.Controllers
             dynamic user = value;
             string userName = user.userName;
             string password = user.password;
-            if (LgbPrincipal.IsAdmin(userName, password) || UserHelper.Authenticate(userName, password))
+            if (LgbPrincipal.IsAdmin(userName, password) || BootstrapUser.Authenticate(userName, password))
             {
                 var interval = int.Parse(Math.Round(FormsAuthentication.Timeout.TotalSeconds).ToString());
                 var token = CacheManager.AddOrUpdate(string.Format("WebApi-{0}", userName), interval, k => new LoginInfo() { UserName = userName, Token = Guid.NewGuid().ToString() }, (k, info) => info, "WebApi 数据缓存");

Bootstrap.DataAccess/Bootstrap.DataAccess.csproj

@@ -39,6 +39,7 @@
     <DelaySign>true</DelaySign>
   </PropertyGroup>
   <ItemGroup>
+    <Reference Include="Bootstrap.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=c20f2177a7066899, processorArchitecture=MSIL" />
     <Reference Include="Longbow, Version=3.0.0.0, Culture=neutral, PublicKeyToken=c20f2177a7066899, processorArchitecture=MSIL" />
     <Reference Include="Longbow.Data, Version=3.0.0.0, Culture=neutral, PublicKeyToken=c20f2177a7066899, processorArchitecture=MSIL" />
     <Reference Include="Longbow.ExceptionManagement, Version=3.0.0.0, Culture=neutral, PublicKeyToken=c20f2177a7066899, processorArchitecture=MSIL" />

Bootstrap.DataAccess/UserHelper.cs

@@ -1,4 +1,5 @@
-using Longbow;
+using Bootstrap.Security;
+using Longbow;
 using Longbow.Caching;
 using Longbow.Caching.Configuration;
 using Longbow.Data;
@@ -70,7 +71,7 @@ namespace Bootstrap.DataAccess
             return CacheManager.GetOrAdd(key, CacheSection.RetrieveIntervalByKey(RetrieveUsersByNameDataKey), k =>
             {
                 User user = null;
-                string sql = "select u.ID, UserName, [Password], PassSalt, DisplayName, RegisterTime, ApprovedTime, case isnull(d.Code, '') when '' then '~/Content/images/uploader/' else d.Code end + Icon from Users u left join Dicts d on d.Define = '0' and d.Category = N'头像地址' and Name = N'头像路径' where ApprovedTime is not null and UserName = @UserName";
+                string sql = "select u.ID, UserName, DisplayName, RegisterTime, ApprovedTime, case isnull(d.Code, '') when '' then '~/Content/images/uploader/' else d.Code end + Icon from Users u left join Dicts d on d.Define = '0' and d.Category = N'头像地址' and Name = N'头像路径' where ApprovedTime is not null and UserName = @UserName";
                 DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql);
                 try
                 {
@@ -83,12 +84,10 @@ namespace Bootstrap.DataAccess
                             {
                                 ID = (int)reader[0],
                                 UserName = (string)reader[1],
-                                Password = (string)reader[2],
-                                PassSalt = (string)reader[3],
-                                DisplayName = (string)reader[4],
-                                RegisterTime = (DateTime)reader[5],
-                                ApprovedTime = (DateTime)reader[6],
-                                Icon = (string)reader[7]
+                                DisplayName = (string)reader[2],
+                                RegisterTime = (DateTime)reader[3],
+                                ApprovedTime = (DateTime)reader[4],
+                                Icon = (string)reader[5]
                             };
                         }
                     }
@@ -194,17 +193,6 @@ namespace Bootstrap.DataAccess
             return ret;
         }
         /// <summary>
-        /// 验证用户登陆账号与密码正确
-        /// </summary>
-        /// <param name="userName"></param>
-        /// <param name="password"></param>
-        /// <returns></returns>
-        public static bool Authenticate(string userName, string password)
-        {
-            var user = RetrieveUsersByName(userName);
-            return user != null && user.Password == LgbCryptography.ComputeHash(password, user.PassSalt);
-        }
-        /// <summary>
         /// 通过roleId获取所有用户
         /// </summary>
         /// <param name="roleId"></param>
@@ -424,7 +412,7 @@ namespace Bootstrap.DataAccess
             bool ret = false;
             try
             {
-                if (Authenticate(user.UserName, user.Password))
+                if (BootstrapUser.Authenticate(user.UserName, user.Password))
                 {
                     string sql = "Update Users set Password = @Password, PassSalt = @PassSalt where UserName = @userName";
                     user.PassSalt = LgbCryptography.GenerateSalt();