From 0fb2346fcde2cadc6a282c54417ca001d38e8113 Mon Sep 17 00:00:00 2001
From: dyy <18335927079@163.com>
Date: Thu, 21 Jan 2021 18:08:54 +0800
Subject: [PATCH] =?UTF-8?q?=E3=80=90=E4=BF=AE=E6=94=B9=E3=80=91=E5=88=9D?=
 =?UTF-8?q?=E5=A7=8B=E5=AF=86=E7=A0=81=E6=8F=90=E7=A4=BA=E5=8A=9F=E8=83=BD?=
 =?UTF-8?q?=EF=BC=9B=E7=99=BB=E5=BD=95=E6=AC=A1=E6=95=B0=E9=99=90=E5=88=B6?=
 =?UTF-8?q?=E5=8A=9F=E8=83=BD=EF=BC=9B=E7=A6=81=E6=AD=A2=E7=99=BB=E5=BD=95?=
 =?UTF-8?q?=E6=97=B6=E9=97=B4=E9=99=90=E5=88=B6=EF=BC=9B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../User/UserBLL.cs                           | 25 +++++++
 .../User/UserIBLL.cs                          |  7 ++
 .../User/UserService.cs                       | 32 +++++++++
 .../Controllers/LoginController.cs            | 65 +++++++++++++++++--
 .../Views/Home/AdminDefault/index.js          | 11 +++-
 .../Views/Login/Default.cshtml                | 52 ++++++++-------
 .../Views/Login/Default/Index.js              | 27 ++++++--
 .../XmlConfig/system.config                   |  4 ++
 8 files changed, 186 insertions(+), 37 deletions(-)

diff --git a/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserBLL.cs b/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserBLL.cs
index d7ee5a89f..28166cfc8 100644
--- a/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserBLL.cs	
+++ b/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserBLL.cs	
@@ -1201,6 +1201,31 @@ namespace Learun.Application.Organization
             }
         }
 
+
+        /// <summary>
+        /// 修改用户的允许登录结束时间
+        /// </summary>
+        /// <param name="keyValue">主键值</param>
+        /// <param name="state">状态：1-赋值；0-重置</param>
+        public void UpdateAllowEndTime(string keyValue, int state)
+        {
+            try
+            {
+                userService.UpdateAllowEndTime(keyValue, state);
+            }
+            catch (Exception ex)
+            {
+                if (ex is ExceptionEx)
+                {
+                    throw;
+                }
+                else
+                {
+                    throw ExceptionEx.ThrowBusinessException(ex);
+                }
+            }
+        }
+
         ///// <summary>
         ///// 获取用户头像
         ///// </summary>
diff --git a/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserIBLL.cs b/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserIBLL.cs
index 105763e06..fe666353f 100644
--- a/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserIBLL.cs	
+++ b/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserIBLL.cs	
@@ -195,5 +195,12 @@ namespace Learun.Application.Organization
         void UpdateIp(string ip, string id);
         void GetImgForDC(string userId);
         UserEntity GetEntityByWeixinOpenIdPC(string openId);
+
+        /// <summary>
+        /// 修改用户的允许登录结束时间
+        /// </summary>
+        /// <param name="keyValue">主键值</param>
+        /// <param name="state">状态：1-赋值；0-重置</param>
+        void UpdateAllowEndTime(string keyValue, int state);
     }
 }
diff --git a/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserService.cs b/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserService.cs
index c3bd4ab11..12f3ce4bc 100644
--- a/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserService.cs	
+++ b/Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserService.cs	
@@ -848,6 +848,38 @@ namespace Learun.Application.Organization
                 }
             }
         }
+
+        /// <summary>
+        /// 修改用户的允许登录结束时间
+        /// </summary>
+        /// <param name="keyValue">主键值</param>
+        /// <param name="state">状态：1-赋值；0-重置</param>
+        public void UpdateAllowEndTime(string keyValue, int state)
+        {
+            try
+            {
+                if (state == 0)
+                {
+                    this.BaseRepository().ExecuteBySql("update LR_Base_User set F_AllowEndTime=null where F_UserId='" + keyValue + "'");
+                }
+                else
+                {
+                    this.BaseRepository().ExecuteBySql("update LR_Base_User set F_AllowEndTime='" + DateTime.Now + "' where F_UserId='" + keyValue + "'");
+                }
+            }
+            catch (Exception ex)
+            {
+                if (ex is ExceptionEx)
+                {
+                    throw;
+                }
+                else
+                {
+                    throw ExceptionEx.ThrowServiceException(ex);
+                }
+            }
+        }
+
     }
 
 }
diff --git a/Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/LoginController.cs b/Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/LoginController.cs
index 58f0e81e4..32fd91b1c 100644
--- a/Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/LoginController.cs	
+++ b/Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/LoginController.cs	
@@ -38,6 +38,7 @@ namespace Learun.Application.Web.Controllers
         private LoginModelIBLL loginModelIbll = new LoginModelBLL();
         private AnnexesFileIBLL annexesFileIbll = new AnnexesFileBLL();
         WeChatDevelopIBLL weChatDevelopIbll = new WeChatDevelopBLL();
+        private Sys_DefaultPwdConfigIBLL sys_DefaultPwdConfigIBLL = new Sys_DefaultPwdConfigBLL();
         #endregion
 
         #region  视图功能
@@ -184,6 +185,15 @@ namespace Learun.Application.Web.Controllers
             }
             //获取错误次数
             ViewBag.errornum = OperatorHelper.Instance.GetCurrentErrorNum();
+            //获取初始密码设置中已启用的密码
+            ViewBag.IsSetDefaultPwd = false;
+            ViewBag.DefaultPwd = "";
+            var defaultPwdEntity = sys_DefaultPwdConfigIBLL.GetEnabledEntity();
+            if (defaultPwdEntity != null)
+            {
+                ViewBag.IsSetDefaultPwd = true;
+                ViewBag.DefaultPwd = defaultPwdEntity.Pwd;
+            }
             //获取高职版跳转地址
             ViewBag.DigitalschoolMisLoginurl = ConfigurationManager.AppSettings["DigitalschoolMisLoginurl"];
             ViewBag.Returnurl = "http://" + Request.Url.Host + ":" + Request.Url.Port;
@@ -499,11 +509,13 @@ namespace Learun.Application.Web.Controllers
         /// <param name="username">用户名</param>
         /// <param name="password">密码</param>
         /// <param name="verifycode">验证码</param>
+        /// <param name="up">密码是否是强密码</param>
+        /// <param name="defaultPwdTip">密码是否是初始密码，是则需要提示（true）</param>
         /// <returns></returns>
         [HttpPost]
         [AjaxOnly]
         [HandlerValidateAntiForgeryToken]
-        public ActionResult CheckLogin(string username, string password, string verifycode, string up)
+        public ActionResult CheckLogin(string username, string password, string verifycode, string up, string defaultPwdTip)
         {
 
             int error = OperatorHelper.Instance.GetCurrentErrorNum();
@@ -521,6 +533,41 @@ namespace Learun.Application.Web.Controllers
             #region  内部账户验证
             UserEntity userEntity = userBll.CheckLogin(username, password);
 
+            #region 登录次数限制，禁止登录时间限制
+            int defaultForbidLoginNum = 5;//默认的禁止登录次数
+            double defaultForbidLoginMinutes = 10;//默认的禁止登录分钟数
+            if (!string.IsNullOrEmpty(Config.GetValue("ForbidLoginNum")))
+            {
+                defaultForbidLoginNum = Config.GetValue("ForbidLoginNum").ToInt();
+            }
+            if (!string.IsNullOrEmpty(Config.GetValue("ForbidLoginMinutes")))
+            {
+                defaultForbidLoginMinutes = Config.GetValue("ForbidLoginMinutes").ToDouble();
+            }
+            //错误次数大于等于5时，判断禁止登录时间是否超过10分钟：若是则修改用户的允许登录结束时间，可以登录；若否，禁止登录；
+            if (error >= defaultForbidLoginNum)
+            {
+                if (userEntity.LoginOk)//登录成功
+                {
+                    if (userEntity.F_AllowEndTime.HasValue)
+                    {
+                        var period = (DateTime.Now - userEntity.F_AllowEndTime.Value).TotalMinutes;
+                        if (period >= defaultForbidLoginMinutes)
+                        {
+                            userBll.UpdateAllowEndTime(userEntity.F_UserId, 0);
+                        }
+                        else
+                        {
+                            return Fail("错误次数超过" + defaultForbidLoginNum + "次，已被禁止登录，请" + defaultForbidLoginMinutes + "分钟后重试！", error);
+                        }
+                    }
+                }
+                else//登录失败
+                {
+                    return Fail(userEntity.LoginMsg, error);
+                }
+            }
+            #endregion
 
             #region  写入日志
             LogEntity logEntity = new LogEntity();
@@ -540,6 +587,11 @@ namespace Learun.Application.Web.Controllers
                 logEntity.F_ExecuteResultJson = "登录失败:" + userEntity.LoginMsg;
                 logEntity.WriteLog();
                 int num = OperatorHelper.Instance.AddCurrentErrorNum();
+                //判断登录错误次数大于等于5，修改用户的允许登录结束时间；
+                if (num >= defaultForbidLoginNum)
+                {
+                    userBll.UpdateAllowEndTime(userEntity.F_UserId, 1);
+                }
                 return Fail(userEntity.LoginMsg, num);
             }
             else
@@ -552,12 +604,15 @@ namespace Learun.Application.Web.Controllers
                 logEntity.F_ExecuteResultJson = "登录成功";
                 logEntity.WriteLog();
                 OperatorHelper.Instance.ClearCurrentErrorNum();
+                //修改用户的允许登录结束时间；
+                userBll.UpdateAllowEndTime(userEntity.F_UserId, 0);
                 //是否强密码验证
                 if (!string.IsNullOrEmpty(ConfigurationManager.AppSettings["verifypwd"]) && ConfigurationManager.AppSettings["verifypwd"] == "true" && up == "false")
                 {
-                    return Success(new { pwd = true });
+                    return Success(new { pwd = true, pwdtip = defaultPwdTip == "true" ? true : false });
                 }
-                return Success("登录成功");
+                //返回成功的数据（pwdtip：初始密码提示弹框；pwd：弱密码修改弹框；）
+                return Success("登录成功", new { pwdtip = defaultPwdTip == "true" ? true : false });
             }
             #endregion
         }
@@ -899,8 +954,8 @@ namespace Learun.Application.Web.Controllers
         {
             string appid = "76d40062-349f-486d-b871-35bed08d2f59";
             string secret = "cgpi";
-            string appkey =Request.QueryString["appkey"];
-            string response = Util.HttpMethods.HttpGet("http://localhost:20472/SSOSystem/authorize?appid=" + appid + "&secret=" + secret + "&appkey="+ appkey);
+            string appkey = Request.QueryString["appkey"];
+            string response = Util.HttpMethods.HttpGet("http://localhost:20472/SSOSystem/authorize?appid=" + appid + "&secret=" + secret + "&appkey=" + appkey);
             return Content(response);
         }
 
diff --git a/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Home/AdminDefault/index.js b/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Home/AdminDefault/index.js
index 928cc635c..303c001e6 100644
--- a/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Home/AdminDefault/index.js	
+++ b/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Home/AdminDefault/index.js	
@@ -6,7 +6,9 @@
  * 描 述：经典风格皮肤	
  */
 var autoopenid = request('autoopen');
-var pwd = request("pwd");
+var pwd = request("pwd");//弱密码修改弹框
+var pwdtip = request("pwdtip");//初始密码提示弹框
+var pwdpwdtip = request("pwdpwdtip");//弱密码修改弹框&初始密码提示弹框
 var bootstrap = function ($, learun) {
     "use strict";
     // 菜单操作
@@ -197,7 +199,8 @@ var bootstrap = function ($, learun) {
             //        area: ['500px', '300px']
             //    });
             //}
-            if (pwd == "true") {
+            //弱密码修改弹框
+            if (pwd == "true" || pwdpwdtip == "true") {
                 top.layer.open({
                     id: 'pwdform',
                     title: '密码修改',
@@ -225,6 +228,10 @@ var bootstrap = function ($, learun) {
                     }
                 });
             }
+            //初始密码提示弹框
+            if (pwdtip == "true" || pwdpwdtip == "true") {
+                learun.layerConfirm('当前登录密码还是初始密码！', function (res) { });
+            }
             //上网认证
             if (ACIp != null && ACIp != "") {
                 //Ip上网
diff --git a/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default.cshtml b/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default.cshtml
index 72179e6e4..88f5c754f 100644
--- a/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default.cshtml	
+++ b/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default.cshtml	
@@ -49,6 +49,8 @@
     <link href="~/Content/css/process.css" rel="stylesheet" />
     <!-- <img src="~/Content/images/Logins/loginBg.jpg" /> -->
     <input id="errornum" type="hidden" value="@ViewBag.errornum" />
+    <input id="DefaultPwd" type="hidden" value="@ViewBag.DefaultPwd" data-IsSetDefaultPwd="@ViewBag.IsSetDefaultPwd"/>
+
     <div class="lr-login-body">
 
         <div class="lr-login-logo">
@@ -59,7 +61,7 @@
         <div class="lr-login-middle">
             @if (ViewBag.WeixinLoginSwitch)
             {
-                <a href="/Login/LoginForWeixin?login=one" class="wxLogin down"  title="使用微信登录">
+                <a href="/Login/LoginForWeixin?login=one" class="wxLogin down" title="使用微信登录">
                     <img src="~/Content/images/LoginPage/icon.png" alt="" /> 使用微信登录
                 </a>
             }
@@ -121,14 +123,14 @@
             </div>
         </div>
     </div>
-    <div class="lr-login-footer" style="font-size: 12px;color: #fff;width: 880px;right:0;margin: auto;"> 
-    	<div class="tips">
-			<img src="~/Content/images/LoginPage/tips3.png" alt=""> <span>建议使用360或谷歌浏览器</span>
-		</div>
-		<div style="position: relative;">
-			Copyright © 2019 数字化智慧校园 版权所有 <span class="OnlineUserNumBox" style="position: absolute;right: 0;top: 0;">在线用户数：<span class="OnlineUserNum">@ViewBag.OnlineUserNum</span>人</span>
-		</div>
-    	
+    <div class="lr-login-footer" style="font-size: 12px;color: #fff;width: 880px;right:0;margin: auto;">
+        <div class="tips">
+            <img src="~/Content/images/LoginPage/tips3.png" alt=""> <span>建议使用360或谷歌浏览器</span>
+        </div>
+        <div style="position: relative;">
+            Copyright © 2019 数字化智慧校园 版权所有 <span class="OnlineUserNumBox" style="position: absolute;right: 0;top: 0;">在线用户数：<span class="OnlineUserNum">@ViewBag.OnlineUserNum</span>人</span>
+        </div>
+
     </div>
     <img id="loginFoot" src="~/Content/images/logins/login1.png" alt="">
     <script src="~/Content/jquery/jquery-1.10.2.min.js"></script>
@@ -173,23 +175,23 @@
     @Html.AppendJsFile("/Views/Login/ACLogon.js")
 
     @*<script>
-        //点击版本号，显示版本号历史进程
-        $('.versionBtn').click(function () {
-            var html = '<div class="process"><div class="proTitle">历史进程</div><div class="pro_sec1">';
-            $.each(@(new HtmlString(ViewBag.VersionList)), function (i, item) {
-                var index = i % 2 == 0 ? 1 : 2;
-                html += '<div class="proBox proBox'+index+'">' + item.Content + '<div class="edition">' + item.VersionNum + '</div><div class="time">' + item.UpdateTime.slice(0,item.UpdateTime.indexOf("T"))+'</div></div>' ;
-            });
-            html += '</div></div>';
+            //点击版本号，显示版本号历史进程
+            $('.versionBtn').click(function () {
+                var html = '<div class="process"><div class="proTitle">历史进程</div><div class="pro_sec1">';
+                $.each(@(new HtmlString(ViewBag.VersionList)), function (i, item) {
+                    var index = i % 2 == 0 ? 1 : 2;
+                    html += '<div class="proBox proBox'+index+'">' + item.Content + '<div class="edition">' + item.VersionNum + '</div><div class="time">' + item.UpdateTime.slice(0,item.UpdateTime.indexOf("T"))+'</div></div>' ;
+                });
+                html += '</div></div>';
 
-            layer.open({
-                type: 1,
-                closeBtn: 2,
-                title: "版本号",
-                area: ['888px', '60%'],
-                content: html
+                layer.open({
+                    type: 1,
+                    closeBtn: 2,
+                    title: "版本号",
+                    area: ['888px', '60%'],
+                    content: html
+                });
             });
-        });
-    </script>*@
+        </script>*@
 </body>
 </html>
\ No newline at end of file
diff --git a/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default/Index.js b/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default/Index.js
index c4433e808..c006ed177 100644
--- a/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default/Index.js	
+++ b/Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default/Index.js	
@@ -69,6 +69,7 @@
                 $("#lr_verifycode_input").val('');
                 $("#lr_verifycode_img").attr("src", $.rootUrl + "/Login/VerifyCode?time=" + Math.random());
             });
+            //错误次数
             var errornum = $('#errornum').val();
             if (errornum >= 3) {
 
@@ -121,6 +122,12 @@
             var $username = $("#lr_username"), $password = $("#lr_password"), $verifycode = $("#lr_verifycode_input");
             var username = $.trim($username.val()), password = $.trim($password.val()), verifycode = $.trim($verifycode.val());
             var up = true;
+            var defaultPwdTip = false;//用户输入的密码不是初始密码，不需要提示；
+            if ($("#DefaultPwd").attr('data-IsSetDefaultPwd').toLowerCase() == "true" || $("#DefaultPwd").attr('data-IsSetDefaultPwd').toLowerCase() == true) {
+                if ($("#DefaultPwd").val() == password) {
+                    defaultPwdTip = true;
+                }
+            }
 
             if (username == "") {
                 lrPage.tip('请输入账户');
@@ -132,6 +139,7 @@
                 $password.focus();
                 return false;
             }
+            //强密码验证
             var reg = /^(?=.*[0-9])(?=.*[A-Z])(?=.*[a-z])(?=.*[!@#$%^&*,\.])[0-9a-zA-Z!@#$%^&*,\.]{8,20}$/;
             if (!reg.test(password)) {
                 up = false;
@@ -154,7 +162,7 @@
             $.ajax({
                 url: $.rootUrl + "/Login/CheckLogin",
                 headers: { __RequestVerificationToken: $.lrToken },
-                data: { username: username, password: password, verifycode: verifycode, up: up },
+                data: { username: username, password: password, verifycode: verifycode, up: up, defaultPwdTip: defaultPwdTip },
                 type: "post",
                 dataType: "json",
                 success: function (res) {
@@ -163,11 +171,20 @@
                             window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/SSOSystem/Index";
                         } else {
                             if (res.data.pwd == true) {
-                                window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index?pwd=true";
+                                if (res.data.pwdtip == true) {
+                                    window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index?pwdpwdtip=true";
+                                } else {
+                                    window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index?pwd=true";
+                                }
+                            }
+                            else {
+                                if (res.data.pwdtip == true) {
+                                    window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index?pwdtip=true";
+                                } else {
+                                    window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index";
+                                }
+                                //window.location.href = "/Home/Index";
                             }
-                            else
-                                window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index";
-                            //window.location.href = "/Home/Index";
                         }
                     }
                     else if (res.code == 400) {
diff --git a/Learun.Framework.Ultimate V7/Learun.Application.Web/XmlConfig/system.config b/Learun.Framework.Ultimate V7/Learun.Application.Web/XmlConfig/system.config
index 0d604a72e..17700d71a 100644
--- a/Learun.Framework.Ultimate V7/Learun.Application.Web/XmlConfig/system.config	
+++ b/Learun.Framework.Ultimate V7/Learun.Application.Web/XmlConfig/system.config	
@@ -163,4 +163,8 @@
   <add key="QJUrl" value="www.qj.com"/>
   <!--系主任角色Id-->
   <add key="DeptDirectorRoleId" value="cccde0ce-ebfe-41f2-9a78-e49aaa21cd5a" />
+  <!-- 登录次数限制：登录连续错误要禁止登录 -->
+  <add key="ForbidLoginNum" value="5"/>
+  <!-- 禁止登录时间（分钟） -->
+  <add key="ForbidLoginMinutes" value="10"/>
 </appSettings>
\ No newline at end of file