using SysBaseLibs; using SysDataLibs; using SysDataLibs.TableClass; using SysSecLibs; using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Services; using System.Xml.Serialization; namespace GSMarketSys.WS { /// /// WSSubSysLogin 的摘要说明 /// [WebService(Namespace = "http://tempuri.org/")] [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] [System.ComponentModel.ToolboxItem(false)] // 若要允许使用 ASP.NET AJAX 从脚本中调用此 Web 服务,请取消注释以下行。 // [System.Web.Script.Services.ScriptService] public class WSSubSysLogin : System.Web.Services.WebService { public WSSubSysLogin() { //如果使用设计的组件,请取消注释以下行 //InitializeComponent(); } [XmlInclude(typeof(LoginToAppResult))] [WebMethod(EnableSession = true)] public LoginToAppResult LoginToApp(string userNo, string password) { LoginToAppResult result = new LoginToAppResult(); try { userNo = SysBaseLibs.Utils.AreaToSQL(userNo); // 登录到工商子系统时,传入的是加过密的密码,需要解密 password = SysSecurity.Decrypt(password); string lcIP = HttpContext.Current.Request.ServerVariables.GetValues("REMOTE_ADDR")[0]; string lcErrorMsg = string.Empty; bool lbLogin = SysDataLibs.UserSession.UserLogin(userNo, password, ref lcErrorMsg); if (lbLogin) { Sys_Log_info loSysLog = new Sys_Log_info(); loSysLog.LogCommand = "Logion"; loSysLog.LogDate = DateTime.Now.ToString(); loSysLog.LogMessage = "用户 " + userNo + " LoginToApp成功"; loSysLog.LogErrorMessage = ""; loSysLog.SysLogType = ((int)LogType.System).ToString(); loSysLog.UserId = userNo; loSysLog.UserHostAddress = System.Web.HttpContext.Current.Request.UserHostAddress; Sys_Log_info.LogMsg(loSysLog); ThreadLog.LogInfo("用户 " + userNo + " LoginToApp成功,IP:" + lcIP); // 记录GUID + Session string strGuid = System.Guid.NewGuid().ToString("N"); UserSession session = System.Web.HttpContext.Current.Session[Contants.UserInfoId] as UserSession; LoginGUID.Instance.AddOne(strGuid, session); string strUrl = SysDataLibs.AppEnv.SysSetObj.GetString("SUBSYSLOGINREDIRECTURL"); if (strUrl != "") { result.Flag = true; result.Message = ""; strUrl += "?UserNo=" + userNo + "&GUID=" + strGuid; result.AuUrl = strUrl; } else { result.Flag = false; result.Message = "No setting for SUBSYSLOGINREDIRECTURL"; result.AuUrl = ""; } } else { Sys_Log_info loSysLog = new Sys_Log_info(); loSysLog.LogCommand = "Logion"; loSysLog.LogDate = DateTime.Now.ToString(); loSysLog.LogMessage = "用户 " + userNo + " LoginToApp失败!"; loSysLog.LogErrorMessage = lcErrorMsg; loSysLog.SysLogType = ((int)LogType.System).ToString(); loSysLog.UserId = userNo; loSysLog.UserHostAddress = System.Web.HttpContext.Current.Request.UserHostAddress; Sys_Log_info.LogMsg(loSysLog); ThreadLog.LogInfo("用户 " + userNo + " LoginToApp失败,IP:" + lcIP); result.Flag = false; result.Message = lcErrorMsg; result.AuUrl = ""; } } catch (Exception err) { result.Flag = false; string strTemp = "用户 " + userNo + " LoginToApp失败," + err.Message; ThreadLog.LogInfo(strTemp); } return result; } // 查询用户 private Sys_Users_info GetUserInfo(string userid, SysBaseLibs.DBConnSql loConn) { Sys_Users_info loUserInfo = null; string lcSql = "select * from " + Tn.Sys_Users + " where " + Sys_Users_info.cIsLock + "='N' and " + Sys_Users_info.cUserCode + "='" + userid + "' and " + Sys_Users_info.cIsAudit + "='Y' "; SysBaseLibs.rsQuery loQuery = loConn.OpenQuery(lcSql); if (loQuery != null && loQuery.IsOpened && loQuery.RecCount == 1) { loUserInfo = new Sys_Users_info(loQuery.CurrentRow); } return loUserInfo; } [XmlInclude(typeof(LoginToAppResult))] [WebMethod(EnableSession = true)] public LoginToAppResult LoginOutOfApp(string userNo, string password) { LoginToAppResult result = new LoginToAppResult(); result.Flag = false; result.Message = ""; result.AuUrl = ""; // 数据库连接 DBConnSql DbConn = null; try { userNo = SysBaseLibs.Utils.AreaToSQL(userNo); string lcIP = HttpContext.Current.Request.ServerVariables.GetValues("REMOTE_ADDR")[0]; DbConn = new DBConnSql(); if (DbConn.Open()) { Sys_Users_info loUsers = GetUserInfo(userNo, DbConn); if (loUsers != null) { // 登录到工商子系统时,传入的是加过密的密码,需要解密 password = SysSecurity.Decrypt(password); if (loUsers.Password == password) { // 根据用户名称从LoginGUID中删除 LoginGUID.Instance.RemoveUser(userNo); HttpContext.Current.Session.RemoveAll(); // 是否需要? ThreadLog.LogInfo("用户 " + userNo + " LoginOutOfApp成功,IP:" + lcIP); result.Flag = true; result.Message = ""; string strUrl = SysDataLibs.AppEnv.SysSetObj.GetString("SUBSYSLOGOFFREDIRECTURL"); if (strUrl == "") strUrl = "http://jsms.sipac.gov.cn/Default.aspx"; result.AuUrl = strUrl; } else { result.Flag = false; result.Message = "Invalid password"; ThreadLog.LogInfo("用户 " + userNo + " LoginOutOfApp失败,密码错误,IP:" + lcIP); } } else { result.Flag = false; result.Message = "Invalid user"; ThreadLog.LogInfo("用户 " + userNo + " LoginOutOfApp失败,无效用户,IP:" + lcIP); } } } catch (Exception err) { result.Flag = false; string strTemp = "用户 " + userNo + " LoginOutOfApp失败," + err.Message; ThreadLog.LogInfo(strTemp); } finally { if (DbConn != null && DbConn.IsOpened) DbConn.Close(); } return result; } // 明文密码的单点登录接口 [XmlInclude(typeof(LoginToAppForNEResult))] [WebMethod(EnableSession = true)] public LoginToAppForNEResult LoginToAppForNE(string userNo, string password) { LoginToAppForNEResult result = new LoginToAppForNEResult(); try { userNo = SysBaseLibs.Utils.AreaToSQL(userNo); string lcIP = HttpContext.Current.Request.ServerVariables.GetValues("REMOTE_ADDR")[0]; string lcErrorMsg = string.Empty; bool lbLogin = SysDataLibs.UserSession.UserLogin(userNo, password, ref lcErrorMsg); if (lbLogin) { Sys_Log_info loSysLog = new Sys_Log_info(); loSysLog.LogCommand = "Logion"; loSysLog.LogDate = DateTime.Now.ToString(); loSysLog.LogMessage = "用户 " + userNo + " LoginToAppForNE成功"; loSysLog.LogErrorMessage = ""; loSysLog.SysLogType = ((int)LogType.System).ToString(); loSysLog.UserId = userNo; loSysLog.UserHostAddress = System.Web.HttpContext.Current.Request.UserHostAddress; Sys_Log_info.LogMsg(loSysLog); ThreadLog.LogInfo("用户 " + userNo + " LoginToAppForNE成功,IP:" + lcIP); // 记录GUID + Session string strGuid = System.Guid.NewGuid().ToString("N"); UserSession session = System.Web.HttpContext.Current.Session[Contants.UserInfoId] as UserSession; LoginGUID.Instance.AddOne(strGuid, session); string strUrl = SysDataLibs.AppEnv.SysSetObj.GetString("SUBSYSLOGINREDIRECTURL"); if (strUrl != "") { result.Flag = true; result.Message = ""; result.GUID = strGuid; strUrl += "?UserNo=" + userNo + "&GUID=" + strGuid; result.AuUrl = strUrl; } else { result.Flag = false; result.Message = "No setting for SUBSYSLOGINREDIRECTURL"; result.AuUrl = ""; } } else { Sys_Log_info loSysLog = new Sys_Log_info(); loSysLog.LogCommand = "Logion"; loSysLog.LogDate = DateTime.Now.ToString(); loSysLog.LogMessage = "用户 " + userNo + " LoginToAppForNE失败!"; loSysLog.LogErrorMessage = lcErrorMsg; loSysLog.SysLogType = ((int)LogType.System).ToString(); loSysLog.UserId = userNo; loSysLog.UserHostAddress = System.Web.HttpContext.Current.Request.UserHostAddress; Sys_Log_info.LogMsg(loSysLog); ThreadLog.LogInfo("用户 " + userNo + " LoginToAppForNE失败,IP:" + lcIP); result.Flag = false; result.Message = lcErrorMsg; result.AuUrl = ""; } } catch (Exception err) { result.Flag = false; string strTemp = "用户 " + userNo + " LoginToAppForNE失败," + err.Message; ThreadLog.LogInfo(strTemp); } return result; } } // LoginToApp方法返回结果 [Serializable] public class LoginToAppResult { public bool Flag; // 用户帐号是否合法有效 public string Message; // 无法通过验证的原因 public string AuUrl; // 授权访问页面 } // LoginToAppForNE方法返回结果 [Serializable] public class LoginToAppForNEResult { public bool Flag; // 用户帐号是否合法有效 public string Message; // 无法通过验证的原因 public string GUID; // 登录成功后生成用户令牌 public string AuUrl; // 授权访问页面 } }