using BLL; using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; namespace FineUIPro.Web { public partial class loginApi : System.Web.UI.Page { string action = string.Empty; string account = string.Empty; string pwd = string.Empty; protected void Page_Load(object sender, EventArgs e) { this.action = Request.Params[nameof(action)]; this.account = Request.Params[nameof(account)]; this.pwd = Request.Params[nameof(pwd)]; if (this.action == "login") { string url = Login(this.account, this.pwd); Response.Write(url); } } private string Login(string account, string pwd) { string url = ""; string userNameProxyUser = "CN=byc_fcl,ou=Proxy-User,ou=EMEA,o=SERVICES"; string passwordProxyUser = "3gLFbB5E"; string domain = "bgd-ldap-lb.rz-c007-j650.basf-ag.de"; string path = "o=AUTH"; //string serial = ConfigurationManager.AppSettings["Serial"]; string serial = "612d524b000000000002"; bool result = false; try { LdapUser ldapuser = new LdapUser(); result = AuthenticateUser(account, pwd, userNameProxyUser, passwordProxyUser, domain, path, serial, out ldapuser); if (result) { var user = from x in Funs.DB.Sys_User where x.Account == account select x; if (user.Count() == 0) { Model.Sys_User newUser = new Model.Sys_User(); newUser.UserId = SQLHelper.GetNewID(typeof(Model.Sys_User)); newUser.Account = account; //newUser.UserName = txtUserName.Text.Trim(); //newUser.Email = txtEmail.Text.Trim(); newUser.UserName = ldapuser.FullName; newUser.Email = ldapuser.EmailAddress; newUser.RoleId = Const.Role_CommonUsers; newUser.IsPost = true; Funs.DB.Sys_User.InsertOnSubmit(newUser); Funs.DB.SubmitChanges(); //Alert.Show("验证通过! "+ txtUserName.Text+"|"+ txtEmail.Text.Trim(), MessageBoxIcon.Success); } else { // 更新用户名和邮箱 if (string.IsNullOrEmpty(user.First().UserName) || string.IsNullOrEmpty(user.First().Email)) { Model.Sys_User newUser = Funs.DB.Sys_User.FirstOrDefault(x => x.UserId == user.First().UserId); if (newUser != null) { newUser.UserName = ldapuser.FullName; newUser.Email = ldapuser.EmailAddress; //newUser.UserName = txtUserName.Text.Trim(); //newUser.Email = txtEmail.Text.Trim(); Funs.DB.SubmitChanges(); } } } if (BLL.Sys_UserService.ADUserLogOn(account, true, this.Page) == true) { url = "default.htm"; //Response.Redirect("~/default.htm"); } } else { if (BLL.Sys_UserService.UserLogOn(account, pwd, true, this.Page)) { url = "default.htm"; //Response.Redirect("~/default.htm"); } else { Alert.Show("验证未通过", MessageBoxIcon.Success); } } } catch (Exception ex) { Alert.Show(ex.ToString(), MessageBoxIcon.Success); } return url; } public bool AuthenticateUser(string userName, string password, string ldapUserName, string ldapPassword, string ldapDomain, string ldapPath, string ldapSslSerialKey, out LdapUser ldapUser) { bool isVaild = false; ldapUser = null; if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(password)) { // momentan in Testversion //Bis.SK.Ldap.LdapQuery query = new LdapQuery(ldapUserName, ldapPassword, ldapDomain, ldapPath); //return query.CheckPassword(userName, password); LdapUser user = new LdapUser(); LdapAuthentication auth = new LdapAuthentication(); auth.UserNameProxyUser = ldapUserName; auth.PasswordProxyUser = ldapPassword; auth.Domain = ldapDomain; auth.Path = ldapPath; auth.UseSecureSocketLayer = true; auth.VerifyCertificateLocally = true; auth.AllowAnyCertificates = true; auth.LocallyVerificationCertificate = null; auth.LocallyVerificationCertificateSerialNumber = ldapSslSerialKey; if (userName.IndexOf('\\') > 0) { userName = userName.Split('\\')[1]; } try { isVaild = auth.CheckPassword(userName, password, out user); ldapUser = user; //txtUserName.Text = user.FullName; //txtEmail.Text = user.EmailAddress; } catch (Exception ex) { isVaild = false; } } return isVaild; } } }