using System;
using System.Collections.Generic;
using System.Linq;
using System.Transactions;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
using DotNetOpenAuth.AspNet;
using Microsoft.Web.WebPages.OAuth;
using WebMatrix.WebData;
using EMIS.Web.Filters;
using EMIS.Web.Models;
using Bowin.Common;
using Bowin.Common.Utility;
using EMIS.ViewModel.Account;
using EMIS.CommonLogic.SystemServices;
using EMIS.ViewModel.SystemView;
using EMIS.ViewModel;
using EMIS.Web.Controls;
using EMIS.Utility.SSO;
using EMIS.Utility;
using EMIS.ViewModel.Students;
using EMIS.CommonLogic.Students;
using Bowin.Web.Controls.Mvc;
using System.IO;
namespace EMIS.Web.Controllers
{
//[Authorize]
[Authorization]
public class AccountController : Controller
{
public IUserServices UserServices { get; set; }
public IStudentsServices StudentsServices { get; set; }
public IMailVerifyServices MailVerifyServices { get; set; }
public IParameterServices ParameterServices { get; set; }
//
// GET: /Account/Login
[AllowAnonymous]
public ActionResult SSOLogin()
{
try
{
var loginID = UserServices.SSOLogin();
this.LoginSureccessful(new LogOnModel
{
UserName = loginID
}, loginID);
return RedirectToAction("SSOLoginJump", "Account", new { Remote_Login_User = loginID });
//return RedirectToAction("SSOLoginJump", "Account", new { Remote_Login_User = loginID });
}
catch (Exception ex)
{
ViewBag.ErrorMessage = ex.Message;
//filterContext.HttpContext.Response.Redirect(FormsAuthentication.LoginUrl);
}
return View();
}
[AllowAnonymous]
public ActionResult SSOLoginJump()
{
var loginID = Request["Remote_Login_User"];
Session.Add("Remote_Login_User", loginID);
return RedirectToAction("Index", "Home");
}
[AllowAnonymous]
public ActionResult Login(string returnUrl)
{
ViewBag.ReturnUrl = returnUrl;
var model = this.GetUserCookies();
if (model != null)
{
return View(model);
}
return View();
}
[HttpPost]
[AllowAnonymous]
public ActionResult GetLoginTip()
{
var loginTip = ParameterServices.GetParameterValue(CF_ParameterType.LoginTip);
loginTip = Server.HtmlDecode(loginTip);
return Json(loginTip);
}
//
// POST: /Account/Login
[HttpPost]
[AllowAnonymous]
public ActionResult Login(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
try
{
if (model.VerifyCode != Session["code"] as string)
{
ModelState.AddModelError("", "请输入正确的验证码!");
return View(model);
}
bool isLogin;
try
{
isLogin = UserServices.Login(model.UserName, model.Password);
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
return View(model);
}
bool isCanLogin = UserServices.LoginHistory(model.UserName, isLogin);
if (!isCanLogin)
{
throw new Exception("当天登陆失败次数超过5次,请明天再试或联系管理员。");
}
if (isLogin)
{
try
{
this.LoginSureccessful(model, model.UserName);
var referrer = HttpContext.Request.UrlReferrer;
if (referrer != null)
{
var referrerUrl = HttpContext.Request.UrlReferrer.GetQueryStringByPath("targetUrl");
if (!string.IsNullOrEmpty(referrerUrl))
{
return Redirect(HttpContext.Server.UrlDecode(referrerUrl));
}
}
return RedirectToAction("Index", "Home");
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
return View(model);
}
}
else
{
ModelState.AddModelError("", "密码错误或不存在该账户!(注意:如密码连续输入错误5次以上账号将被锁定)");
this.RemoveUserCookies(model);
return View(model);
}
}
catch (Exception ex)
{
return RedirectToAction("MsgShow", "Common", new
{
WindowID = Request["WindowID"],
msg = ex.Message,
url = Url.Action("Login")
});
//this.RemoveUserCookies(model);
//ModelState.AddModelError("", "提供的用户名或密码不正确。");
//throw ex;
}
}
return View(model);
}
///
/// 新增的登录页面
///
///
///
[AllowAnonymous]
public ActionResult NewLogin(string returnUrl)
{
ViewBag.ReturnUrl = returnUrl;
var model = this.GetUserCookies();
Session["FailCount"] = 0;
if (model != null)
{
return View(model);
}
return View();
}
///
/// 新增的登录页面
///
///
///
[HttpPost]
[AllowAnonymous]
public ActionResult NewLogin(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
try
{
int failCount = (int)Session["FailCount"];
if (model.VerifyCode != "NoCode")
{
if (model.VerifyCode != Session["code"] as string)
{
failCount++;
Session["FailCount"] = failCount;
model.Session = Session;
ModelState.AddModelError("", "请输入正确的验证码!");
return View(model);
}
}
bool isLogin;
try
{
isLogin = UserServices.Login(model.UserName, model.Password);
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
return View(model);
}
if (isLogin)
{
try
{
this.LoginSureccessful(model, model.UserName);
var referrer = HttpContext.Request.UrlReferrer;
if (referrer != null)
{
var referrerUrl = HttpContext.Request.UrlReferrer.GetQueryStringByPath("targetUrl");
if (!string.IsNullOrEmpty(referrerUrl))
{
return Redirect(HttpContext.Server.UrlDecode(referrerUrl));
}
}
return RedirectToAction("Index", "Home");
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
return View(model);
}
}
else
{
failCount++;
//ViewBag.FailCount = failCount;
Session["FailCount"] = failCount;
model.Session = Session;
//model.FailCount = failCount;
ModelState.AddModelError("", "用户名或密码不正确请检查后重新输入!");
//this.RemoveUserCookies(model);
return View(model);
}
}
catch (Exception ex)
{
//this.RemoveUserCookies(model);
//ModelState.AddModelError("", "提供的用户名或密码不正确。");
throw ex;
}
}
return View(model);
}
[AllowAnonymous]
public ActionResult GZZYLogin(string returnUrl)
{
ViewBag.ReturnUrl = returnUrl;
var model = this.GetUserCookies();
if (model != null)
{
return View(model);
}
return View();
}
//
// POST: /Account/Login
[HttpPost]
[AllowAnonymous]
public ActionResult GZZYLogin(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
try
{
if (model.VerifyCode != Session["code"] as string)
{
ModelState.AddModelError("", "请输入正确的验证码!");
return View(model);
}
bool isLogin;
try
{
isLogin = UserServices.Login(model.UserName, model.Password);
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
return View(model);
}
if (isLogin)
{
try
{
this.LoginSureccessful(model, model.UserName);
var referrer = HttpContext.Request.UrlReferrer;
if (referrer != null)
{
var referrerUrl = HttpContext.Request.UrlReferrer.GetQueryStringByPath("targetUrl");
if (!string.IsNullOrEmpty(referrerUrl))
{
return Redirect(HttpContext.Server.UrlDecode(referrerUrl));
}
}
return RedirectToAction("Index", "Home");
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
return View(model);
}
}
else
{
ModelState.AddModelError("", "用户名或密码不正确请检查后重新输入!");
this.RemoveUserCookies(model);
return View(model);
}
}
catch (Exception ex)
{
//this.RemoveUserCookies(model);
//ModelState.AddModelError("", "提供的用户名或密码不正确。");
throw ex;
}
}
return View(model);
}
//
// POST: /Account/LogOff
[NoSSO]
public ActionResult LogOff()
{
var cookieName = EMIS.Utility.Const.LOCAL_SETTING_LOGIN_COOKIENAME;
var logoffUrl = Url.Content(EMIS.Utility.Const.LOCAL_SETTING_LOGOFF_PAGE);
HttpCookie cookie = new HttpCookie(cookieName);
cookie.Value = "";
cookie.Expires = DateTime.Now.AddDays(-1);
Response.Clear();
Response.AppendCookie(cookie);
//if (Const.SSO_IS_SSO_LOGIN)
//{
// SSO.SSOLogout();
//}
var url = Request.QueryString["url"];
if (!string.IsNullOrEmpty(url))
{
logoffUrl = logoffUrl += "?url=" + url;
}
return Redirect(logoffUrl);
//return Redirect("http://portal.gdsspt.cn/c/portal/logout?service=http://localhost:2583/Account/Login");
}
[AllowAnonymous]
public ActionResult ForgotPassword(string loginID)
{
Random r = new Random(DateTime.Now.Second);
ViewBag.VKey = r.Next().ToString().MD5();
Session["__VKey"] = ViewBag.VKey;
return View();
}
[AllowAnonymous]
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult ForgotPassword()
{
if (Request.Form["VKey"].ToString() != Session["__VKey"].ToString())
{
throw new Exception("注意,您正从不安全的网站访问当前页面。");
}
if (Request.UrlReferrer.Host != Request.Url.Host)
{
throw new Exception("注意,您正从不安全的网站访问当前页面。");
}
var result = new ReturnMessage { IsSuccess = true, Message = "邮件发送成功,请查收。" };
string loginID = Request.Form["LoginID"];
string failUrl = Url.Content("~/Account/ForgotPassword?LoginID=" + loginID);
string successUrl = Url.Content("~/Account/Login");
var user = UserServices.GetUserByLoginID(loginID);
if (user == null)
{
result.IsSuccess = false;
result.Message = "用户名输入错误。";
return Json(result);
}
var url = HttpContext.Request.Url.Scheme + "://" + HttpContext.Request.Url.Host + ":" + HttpContext.Request.Url.Port + Url.Content("~/").TrimEnd('/');
try
{
var email = UserServices.GetUserEmail(user.UserID);
if (email == null)
{
result.IsSuccess = false;
result.Message = "用户并没有注册电子邮箱信息。";
return Json(result);
}
MailVerifyServices.SendVerifyMail(url, user.UserID, email);
return Json(result);
}
catch (Exception ex)
{
result.IsSuccess = false;
result.Message = ex.Message;
return Json(result);
}
}
///
/// 新增忘记密码页面
///
///
///
[AllowAnonymous]
public ActionResult NewForgotPassword(string loginID)
{
return View();
}
///
/// 新增忘记密码页面
///
///
[AllowAnonymous]
[HttpPost]
public ActionResult NewForgotPassword()
{
var result = new ReturnMessage { IsSuccess = true, Message = "邮件发送成功,请查收。" };
string loginID = Request.Form["LoginID"];
string failUrl = Url.Content("~/Account/NewForgotPassword?LoginID=" + loginID);
string successUrl = Url.Content("~/Account/NewLogin");
var user = UserServices.GetUserByLoginID(loginID);
if (user == null)
{
result.IsSuccess = false;
result.Message = "用户名输入错误。";
return Json(result);
}
var url = HttpContext.Request.Url.Scheme + "://" + HttpContext.Request.Url.Host + ":" + HttpContext.Request.Url.Port + Url.Content("~/").TrimEnd('/');
try
{
var email = UserServices.GetUserEmail(user.UserID);
if (email == null)
{
result.IsSuccess = false;
result.Message = "用户并没有注册电子邮箱信息。";
return Json(result);
}
MailVerifyServices.SendVerifyMail(url, user.UserID, email);
return Json(result);
}
catch (Exception ex)
{
result.IsSuccess = false;
result.Message = ex.Message;
return Json(result);
}
}
public ActionResult ChangePassword()
{
return View();
}
[HttpPost]
public ActionResult ChangePassword(ChangePasswordView changePasswordView)
{
try
{
var principal = ((EMIS.Utility.FormValidate.CustomPrincipal)HttpContext.User);
var loginID = principal.LoginID;
var user = UserServices.GetUserByLoginID(loginID);
if (user.Password.ToLower() != changePasswordView.OldPassword.MD5().ToLower())
{
return Json(new ReturnMessage()
{
IsSuccess = false,
Message = "保存失败:原密码验证失败"
});
}
UserServices.ChangePassword(changePasswordView, user.UserID);
return Json(new ReturnMessage()
{
IsSuccess = true,
Message = "密码已经成功修改!"
});
}
catch (Exception ex)
{
return Json(new ReturnMessage()
{
IsSuccess = false,
Message = "保存失败:" + ex.Message
});
}
}
public ActionResult GetTicket(string url)
{
FormsAuthenticationHelper fa = new FormsAuthenticationHelper();
fa.GetTicket(System.Web.HttpContext.Current, url);
return Json(true);
}
[HttpPost]
[AllowAnonymous]
public ActionResult AuthTicket(string ticket)
{
FormsAuthenticationHelper fa = new FormsAuthenticationHelper();
EMIS.Utility.FormValidate.CustomPrincipal user = (EMIS.Utility.FormValidate.CustomPrincipal)fa.ValidateTitcket(System.Web.HttpContext.Current, ticket);
return Json(user.LoginID);
}
[HttpGet]
[AllowAnonymous]
public ActionResult Regist()
{
Random r = new Random(DateTime.Now.Second);
ViewBag.VKey = r.Next().ToString().MD5();
Session["__VKey"] = ViewBag.VKey;
return View(new RegistView());
}
[HttpPost]
[AllowAnonymous]
public ActionResult GetSchoolAreaWithoutSocial(DropdownListBindType? bindType)
{
List list = DictionaryHelper.GetDictionaryValue(DictionaryItem.CF_SchoolArea)
.Where(x => x.RecordStatus > (int)SYS_STATUS.UNUSABLE && x.Value < 3)
.Select(x => new DropdownListItem { Text = x.Name, Value = x.Value.ToString() }).ToList();
DropdownListBindType dbt = bindType == null ? DropdownListBindType.SelectAll : bindType.Value;
DropdownList.FormatDropdownItemList(dbt, list);
return base.Json(list);
}
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Regist(RegistView registView)
{
if (Request.Form["VKey"].ToString() != Session["__VKey"].ToString())
{
throw new Exception("注意,您正从不安全的网站访问当前页面。");
}
if (Request.UrlReferrer.Host != Request.Url.Host)
{
throw new Exception("注意,您正从不安全的网站访问当前页面。");
}
try
{
var accepts = new List { ".jpg" };
var postedFile = Request.Files["PhotoUrl"];
if (postedFile != null && !string.IsNullOrEmpty(postedFile.FileName) && !accepts.Contains(Path.GetExtension(postedFile.FileName).ToLower()))
{
throw new Exception("只允许上传.jpg格式的文件。");
}
if (postedFile != null && !string.IsNullOrEmpty(postedFile.FileName) && (postedFile.ContentLength > (200 * 1024) || postedFile.ContentLength < (50 * 1024)))
{
throw new Exception("只允许上传50-200k大小的照片。");
}
string photoUrl = FileUploadHelper.UploadFile(postedFile);
if (photoUrl != null)
{
registView.PhotoUrl = photoUrl;
}
var userID = UserServices.StudentRegist(registView);
this.LoginSureccessful(new LogOnModel { UserName = registView.UserName, Password = registView.PCode, RememberMe = false }, registView.UserName, userID);
string scripts = "";
return Content(scripts);
}
catch (Exception ex)
{
return RedirectToAction("MsgShow", "Common", new
{
WindowID = Request["WindowID"],
msg = "注册失败:" + ex.Message
});
}
}
[HttpGet]
public ActionResult FinishInfomation()
{
var user = (EMIS.Utility.FormValidate.CustomPrincipal)HttpContext.User;
var registView = StudentsServices.GetRegistViewByUserID(user.UserID);
return View(registView);
}
[HttpPost]
public ActionResult FinishInfomation(RegistView registView)
{
try
{
var accepts = new List { ".jpg" };
var postedFile = Request.Files["PhotoUrl"];
if (postedFile != null && !string.IsNullOrEmpty(postedFile.FileName) && !accepts.Contains(Path.GetExtension(postedFile.FileName).ToLower()))
{
throw new Exception("只允许上传.jpg格式的文件。");
}
if (postedFile != null && !string.IsNullOrEmpty(postedFile.FileName) && (postedFile.ContentLength > (200 * 1024) || postedFile.ContentLength < (50 * 1024)))
{
throw new Exception("只允许上传50-200k大小的照片。");
}
string photoUrl = FileUploadHelper.UploadFile(postedFile);
if (photoUrl != null)
{
registView.PhotoUrl = photoUrl;
}
UserServices.StudentRegist(registView);
string scripts = "";
return Content(scripts);
}
catch (Exception ex)
{
return RedirectToAction("MsgShow", "Common", new
{
msg = "保存失败:" + ex.Message,
url = Url.Action("FinishInfomation")
});
}
}
}
}