Просмотр исходного кода

【修改】初始密码提示功能;登录次数限制功能;禁止登录时间限制;

master
dyy 3 лет назад
Родитель
Сommit
0fb2346fcd
8 измененных файлов: 186 добавлений и 37 удалений
  1. +25
    -0
      Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserBLL.cs
  2. +7
    -0
      Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserIBLL.cs
  3. +32
    -0
      Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserService.cs
  4. +60
    -5
      Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/LoginController.cs
  5. +9
    -2
      Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Home/AdminDefault/index.js
  6. +27
    -25
      Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default.cshtml
  7. +22
    -5
      Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default/Index.js
  8. +4
    -0
      Learun.Framework.Ultimate V7/Learun.Application.Web/XmlConfig/system.config

+ 25
- 0
Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserBLL.cs Просмотреть файл

@@ -1201,6 +1201,31 @@ namespace Learun.Application.Organization
}
}


/// <summary>
/// 修改用户的允许登录结束时间
/// </summary>
/// <param name="keyValue">主键值</param>
/// <param name="state">状态:1-赋值;0-重置</param>
public void UpdateAllowEndTime(string keyValue, int state)
{
try
{
userService.UpdateAllowEndTime(keyValue, state);
}
catch (Exception ex)
{
if (ex is ExceptionEx)
{
throw;
}
else
{
throw ExceptionEx.ThrowBusinessException(ex);
}
}
}

///// <summary>
///// 获取用户头像
///// </summary>


+ 7
- 0
Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserIBLL.cs Просмотреть файл

@@ -195,5 +195,12 @@ namespace Learun.Application.Organization
void UpdateIp(string ip, string id);
void GetImgForDC(string userId);
UserEntity GetEntityByWeixinOpenIdPC(string openId);

/// <summary>
/// 修改用户的允许登录结束时间
/// </summary>
/// <param name="keyValue">主键值</param>
/// <param name="state">状态:1-赋值;0-重置</param>
void UpdateAllowEndTime(string keyValue, int state);
}
}

+ 32
- 0
Learun.Framework.Ultimate V7/Learun.Application.Organization/User/UserService.cs Просмотреть файл

@@ -848,6 +848,38 @@ namespace Learun.Application.Organization
}
}
}

/// <summary>
/// 修改用户的允许登录结束时间
/// </summary>
/// <param name="keyValue">主键值</param>
/// <param name="state">状态:1-赋值;0-重置</param>
public void UpdateAllowEndTime(string keyValue, int state)
{
try
{
if (state == 0)
{
this.BaseRepository().ExecuteBySql("update LR_Base_User set F_AllowEndTime=null where F_UserId='" + keyValue + "'");
}
else
{
this.BaseRepository().ExecuteBySql("update LR_Base_User set F_AllowEndTime='" + DateTime.Now + "' where F_UserId='" + keyValue + "'");
}
}
catch (Exception ex)
{
if (ex is ExceptionEx)
{
throw;
}
else
{
throw ExceptionEx.ThrowServiceException(ex);
}
}
}

}

}

+ 60
- 5
Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/LoginController.cs Просмотреть файл

@@ -38,6 +38,7 @@ namespace Learun.Application.Web.Controllers
private LoginModelIBLL loginModelIbll = new LoginModelBLL();
private AnnexesFileIBLL annexesFileIbll = new AnnexesFileBLL();
WeChatDevelopIBLL weChatDevelopIbll = new WeChatDevelopBLL();
private Sys_DefaultPwdConfigIBLL sys_DefaultPwdConfigIBLL = new Sys_DefaultPwdConfigBLL();
#endregion

#region 视图功能
@@ -184,6 +185,15 @@ namespace Learun.Application.Web.Controllers
}
//获取错误次数
ViewBag.errornum = OperatorHelper.Instance.GetCurrentErrorNum();
//获取初始密码设置中已启用的密码
ViewBag.IsSetDefaultPwd = false;
ViewBag.DefaultPwd = "";
var defaultPwdEntity = sys_DefaultPwdConfigIBLL.GetEnabledEntity();
if (defaultPwdEntity != null)
{
ViewBag.IsSetDefaultPwd = true;
ViewBag.DefaultPwd = defaultPwdEntity.Pwd;
}
//获取高职版跳转地址
ViewBag.DigitalschoolMisLoginurl = ConfigurationManager.AppSettings["DigitalschoolMisLoginurl"];
ViewBag.Returnurl = "http://" + Request.Url.Host + ":" + Request.Url.Port;
@@ -499,11 +509,13 @@ namespace Learun.Application.Web.Controllers
/// <param name="username">用户名</param>
/// <param name="password">密码</param>
/// <param name="verifycode">验证码</param>
/// <param name="up">密码是否是强密码</param>
/// <param name="defaultPwdTip">密码是否是初始密码,是则需要提示(true)</param>
/// <returns></returns>
[HttpPost]
[AjaxOnly]
[HandlerValidateAntiForgeryToken]
public ActionResult CheckLogin(string username, string password, string verifycode, string up)
public ActionResult CheckLogin(string username, string password, string verifycode, string up, string defaultPwdTip)
{

int error = OperatorHelper.Instance.GetCurrentErrorNum();
@@ -521,6 +533,41 @@ namespace Learun.Application.Web.Controllers
#region 内部账户验证
UserEntity userEntity = userBll.CheckLogin(username, password);

#region 登录次数限制,禁止登录时间限制
int defaultForbidLoginNum = 5;//默认的禁止登录次数
double defaultForbidLoginMinutes = 10;//默认的禁止登录分钟数
if (!string.IsNullOrEmpty(Config.GetValue("ForbidLoginNum")))
{
defaultForbidLoginNum = Config.GetValue("ForbidLoginNum").ToInt();
}
if (!string.IsNullOrEmpty(Config.GetValue("ForbidLoginMinutes")))
{
defaultForbidLoginMinutes = Config.GetValue("ForbidLoginMinutes").ToDouble();
}
//错误次数大于等于5时,判断禁止登录时间是否超过10分钟:若是则修改用户的允许登录结束时间,可以登录;若否,禁止登录;
if (error >= defaultForbidLoginNum)
{
if (userEntity.LoginOk)//登录成功
{
if (userEntity.F_AllowEndTime.HasValue)
{
var period = (DateTime.Now - userEntity.F_AllowEndTime.Value).TotalMinutes;
if (period >= defaultForbidLoginMinutes)
{
userBll.UpdateAllowEndTime(userEntity.F_UserId, 0);
}
else
{
return Fail("错误次数超过" + defaultForbidLoginNum + "次,已被禁止登录,请" + defaultForbidLoginMinutes + "分钟后重试!", error);
}
}
}
else//登录失败
{
return Fail(userEntity.LoginMsg, error);
}
}
#endregion

#region 写入日志
LogEntity logEntity = new LogEntity();
@@ -540,6 +587,11 @@ namespace Learun.Application.Web.Controllers
logEntity.F_ExecuteResultJson = "登录失败:" + userEntity.LoginMsg;
logEntity.WriteLog();
int num = OperatorHelper.Instance.AddCurrentErrorNum();
//判断登录错误次数大于等于5,修改用户的允许登录结束时间;
if (num >= defaultForbidLoginNum)
{
userBll.UpdateAllowEndTime(userEntity.F_UserId, 1);
}
return Fail(userEntity.LoginMsg, num);
}
else
@@ -552,12 +604,15 @@ namespace Learun.Application.Web.Controllers
logEntity.F_ExecuteResultJson = "登录成功";
logEntity.WriteLog();
OperatorHelper.Instance.ClearCurrentErrorNum();
//修改用户的允许登录结束时间;
userBll.UpdateAllowEndTime(userEntity.F_UserId, 0);
//是否强密码验证
if (!string.IsNullOrEmpty(ConfigurationManager.AppSettings["verifypwd"]) && ConfigurationManager.AppSettings["verifypwd"] == "true" && up == "false")
{
return Success(new { pwd = true });
return Success(new { pwd = true, pwdtip = defaultPwdTip == "true" ? true : false });
}
return Success("登录成功");
//返回成功的数据(pwdtip:初始密码提示弹框;pwd:弱密码修改弹框;)
return Success("登录成功", new { pwdtip = defaultPwdTip == "true" ? true : false });
}
#endregion
}
@@ -899,8 +954,8 @@ namespace Learun.Application.Web.Controllers
{
string appid = "76d40062-349f-486d-b871-35bed08d2f59";
string secret = "cgpi";
string appkey =Request.QueryString["appkey"];
string response = Util.HttpMethods.HttpGet("http://localhost:20472/SSOSystem/authorize?appid=" + appid + "&secret=" + secret + "&appkey="+ appkey);
string appkey = Request.QueryString["appkey"];
string response = Util.HttpMethods.HttpGet("http://localhost:20472/SSOSystem/authorize?appid=" + appid + "&secret=" + secret + "&appkey=" + appkey);
return Content(response);
}



+ 9
- 2
Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Home/AdminDefault/index.js Просмотреть файл

@@ -6,7 +6,9 @@
* 描 述:经典风格皮肤
*/
var autoopenid = request('autoopen');
var pwd = request("pwd");
var pwd = request("pwd");//弱密码修改弹框
var pwdtip = request("pwdtip");//初始密码提示弹框
var pwdpwdtip = request("pwdpwdtip");//弱密码修改弹框&初始密码提示弹框
var bootstrap = function ($, learun) {
"use strict";
// 菜单操作
@@ -197,7 +199,8 @@ var bootstrap = function ($, learun) {
// area: ['500px', '300px']
// });
//}
if (pwd == "true") {
//弱密码修改弹框
if (pwd == "true" || pwdpwdtip == "true") {
top.layer.open({
id: 'pwdform',
title: '密码修改',
@@ -225,6 +228,10 @@ var bootstrap = function ($, learun) {
}
});
}
//初始密码提示弹框
if (pwdtip == "true" || pwdpwdtip == "true") {
learun.layerConfirm('当前登录密码还是初始密码!', function (res) { });
}
//上网认证
if (ACIp != null && ACIp != "") {
//Ip上网


+ 27
- 25
Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default.cshtml Просмотреть файл

@@ -49,6 +49,8 @@
<link href="~/Content/css/process.css" rel="stylesheet" />
<!-- <img src="~/Content/images/Logins/loginBg.jpg" /> -->
<input id="errornum" type="hidden" value="@ViewBag.errornum" />
<input id="DefaultPwd" type="hidden" value="@ViewBag.DefaultPwd" data-IsSetDefaultPwd="@ViewBag.IsSetDefaultPwd"/>

<div class="lr-login-body">

<div class="lr-login-logo">
@@ -59,7 +61,7 @@
<div class="lr-login-middle">
@if (ViewBag.WeixinLoginSwitch)
{
<a href="/Login/LoginForWeixin?login=one" class="wxLogin down" title="使用微信登录">
<a href="/Login/LoginForWeixin?login=one" class="wxLogin down" title="使用微信登录">
<img src="~/Content/images/LoginPage/icon.png" alt="" /> 使用微信登录
</a>
}
@@ -121,14 +123,14 @@
</div>
</div>
</div>
<div class="lr-login-footer" style="font-size: 12px;color: #fff;width: 880px;right:0;margin: auto;">
<div class="tips">
<img src="~/Content/images/LoginPage/tips3.png" alt=""> <span>建议使用360或谷歌浏览器</span>
</div>
<div style="position: relative;">
Copyright © 2019 数字化智慧校园 版权所有 <span class="OnlineUserNumBox" style="position: absolute;right: 0;top: 0;">在线用户数:<span class="OnlineUserNum">@ViewBag.OnlineUserNum</span>人</span>
</div>
<div class="lr-login-footer" style="font-size: 12px;color: #fff;width: 880px;right:0;margin: auto;">
<div class="tips">
<img src="~/Content/images/LoginPage/tips3.png" alt=""> <span>建议使用360或谷歌浏览器</span>
</div>
<div style="position: relative;">
Copyright © 2019 数字化智慧校园 版权所有 <span class="OnlineUserNumBox" style="position: absolute;right: 0;top: 0;">在线用户数:<span class="OnlineUserNum">@ViewBag.OnlineUserNum</span>人</span>
</div>
</div>
<img id="loginFoot" src="~/Content/images/logins/login1.png" alt="">
<script src="~/Content/jquery/jquery-1.10.2.min.js"></script>
@@ -173,23 +175,23 @@
@Html.AppendJsFile("/Views/Login/ACLogon.js")

@*<script>
//点击版本号,显示版本号历史进程
$('.versionBtn').click(function () {
var html = '<div class="process"><div class="proTitle">历史进程</div><div class="pro_sec1">';
$.each(@(new HtmlString(ViewBag.VersionList)), function (i, item) {
var index = i % 2 == 0 ? 1 : 2;
html += '<div class="proBox proBox'+index+'">' + item.Content + '<div class="edition">' + item.VersionNum + '</div><div class="time">' + item.UpdateTime.slice(0,item.UpdateTime.indexOf("T"))+'</div></div>' ;
});
html += '</div></div>';
//点击版本号,显示版本号历史进程
$('.versionBtn').click(function () {
var html = '<div class="process"><div class="proTitle">历史进程</div><div class="pro_sec1">';
$.each(@(new HtmlString(ViewBag.VersionList)), function (i, item) {
var index = i % 2 == 0 ? 1 : 2;
html += '<div class="proBox proBox'+index+'">' + item.Content + '<div class="edition">' + item.VersionNum + '</div><div class="time">' + item.UpdateTime.slice(0,item.UpdateTime.indexOf("T"))+'</div></div>' ;
});
html += '</div></div>';

layer.open({
type: 1,
closeBtn: 2,
title: "版本号",
area: ['888px', '60%'],
content: html
layer.open({
type: 1,
closeBtn: 2,
title: "版本号",
area: ['888px', '60%'],
content: html
});
});
});
</script>*@
</script>*@
</body>
</html>

+ 22
- 5
Learun.Framework.Ultimate V7/Learun.Application.Web/Views/Login/Default/Index.js Просмотреть файл

@@ -69,6 +69,7 @@
$("#lr_verifycode_input").val('');
$("#lr_verifycode_img").attr("src", $.rootUrl + "/Login/VerifyCode?time=" + Math.random());
});
//错误次数
var errornum = $('#errornum').val();
if (errornum >= 3) {

@@ -121,6 +122,12 @@
var $username = $("#lr_username"), $password = $("#lr_password"), $verifycode = $("#lr_verifycode_input");
var username = $.trim($username.val()), password = $.trim($password.val()), verifycode = $.trim($verifycode.val());
var up = true;
var defaultPwdTip = false;//用户输入的密码不是初始密码,不需要提示;
if ($("#DefaultPwd").attr('data-IsSetDefaultPwd').toLowerCase() == "true" || $("#DefaultPwd").attr('data-IsSetDefaultPwd').toLowerCase() == true) {
if ($("#DefaultPwd").val() == password) {
defaultPwdTip = true;
}
}

if (username == "") {
lrPage.tip('请输入账户');
@@ -132,6 +139,7 @@
$password.focus();
return false;
}
//强密码验证
var reg = /^(?=.*[0-9])(?=.*[A-Z])(?=.*[a-z])(?=.*[!@#$%^&*,\.])[0-9a-zA-Z!@#$%^&*,\.]{8,20}$/;
if (!reg.test(password)) {
up = false;
@@ -154,7 +162,7 @@
$.ajax({
url: $.rootUrl + "/Login/CheckLogin",
headers: { __RequestVerificationToken: $.lrToken },
data: { username: username, password: password, verifycode: verifycode, up: up },
data: { username: username, password: password, verifycode: verifycode, up: up, defaultPwdTip: defaultPwdTip },
type: "post",
dataType: "json",
success: function (res) {
@@ -163,11 +171,20 @@
window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/SSOSystem/Index";
} else {
if (res.data.pwd == true) {
window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index?pwd=true";
if (res.data.pwdtip == true) {
window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index?pwdpwdtip=true";
} else {
window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index?pwd=true";
}
}
else {
if (res.data.pwdtip == true) {
window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index?pwdtip=true";
} else {
window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index";
}
//window.location.href = "/Home/Index";
}
else
window.location.href = DigitalschoolMisLoginurl + "?F_Account=" + username + "&returnurl=" + Returnurl + "/Home/Index";
//window.location.href = "/Home/Index";
}
}
else if (res.code == 400) {


+ 4
- 0
Learun.Framework.Ultimate V7/Learun.Application.Web/XmlConfig/system.config Просмотреть файл

@@ -163,4 +163,8 @@
<add key="QJUrl" value="www.qj.com"/>
<!--系主任角色Id-->
<add key="DeptDirectorRoleId" value="cccde0ce-ebfe-41f2-9a78-e49aaa21cd5a" />
<!-- 登录次数限制:登录连续错误要禁止登录 -->
<add key="ForbidLoginNum" value="5"/>
<!-- 禁止登录时间(分钟) -->
<add key="ForbidLoginMinutes" value="10"/>
</appSettings>

Загрузка…
Отмена
Сохранить