欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

C#实现的Check Password和锁定输错密码锁定账户

程序员文章站 2022-03-25 17:18:26
C#实现的Check Password,并根据输错密码的次数分情况锁定账户:如果输入错误3次,登录账户锁定5分钟并提示X点X分后重试登录。如果5分钟后再次输入,累计输入错误密码累计达到5次。则账户会被永久锁定,需联系系统管理员进行把数据库中的输入错误的次数(errorcount)进行清零解锁才能登陆 ......

c#实现的check password,并根据输错密码的次数分情况锁定账户:如果输入错误3次,登录账户锁定5分钟并提示x点x分后重试登录。如果5分钟后再次输入,累计输入错误密码累计达到5次。则账户会被永久锁定,需联系系统管理员进行把数据库中的输入错误的次数(errorcount)进行清零解锁才能登陆。实现代码如下:

 public  class userinfo1
    {
        public string error_count { get; set; }
        public string error_time { get; set; }
    } 

public executionresult checkaccountpwd(string account, string password) { executionresult execres; execres = new executionresult(); string[] strs = account.split(new string[] { "\\" }, stringsplitoptions.removeemptyentries); if (strs.length < 2) { execres.status = false; execres.message = "无效的账号。"; } else { userinfo1 info1 = null; execres = calleepmethod.execute(dbname, "sdem2131", "getuserinfo", strs[1].tolower()); if (execres.status && execres.anything != null) { info1 = jsonconvert.deserializeobject<userinfo1>(execres.anything.tostring()); if (info1 != null) { int errcount = convert.toint32(info1.error_count); datetime errtime = convert.todatetime(info1.error_time); if (errcount != 5) { //int errorcount datetime dt0 = datetime.now; datetime dt1 = errtime.addminutes(5); double s = (dt1 - dt0).totalseconds; if (errcount == 3 && s > 0) { execres.status = false; execres.message = "密码连续输入错误3次,请于 " + errtime.addminutes(+5).tostring("yyyy-mm-dd hh:mm:ss") + " 之后重试,thanks!"; } else { if (checkfromldap(strs[1], password, strs[0])) { cpu.models.userinfo userinfo = checkuser(strs[1]); if (userinfo == null) { execres.status = false; execres.message = "您没有权限操作此系统!"; } else { execres.status = true; execres.anything = userinfo; //error count 清0 calleepmethod.execute(dbname, "sdem2131", "updateuserloginerror", strs[1].tolower() + ","+"0" + "," + datetime.now.tostring("yyyy/mm/dd hh:mm:ss")); } } else { execres.status = false; // 次数+1 if (errcount + 1 > 1) execres.message = "密码连续输入错误" + (errcount+1).tostring() + "次。密码连续输错5次将锁定!"; else execres.message = "密码输入错误!"; dt0 = datetime.now; calleepmethod.execute(dbname, "sdem2131", "updateuserloginerror", strs[1].tolower() + "," + (errcount + 1).tostring()+"," + datetime.now.tostring("yyyy/mm/dd hh:mm:ss")); if (errcount + 1 == 3) execres.message = "密码连续输入错误" + (errcount + 1).tostring() + "次,请于 " + dt0.addminutes(5).tostring("yyyy-mm-dd hh:mm:ss") + " 之后重试,thanks!"; if (errcount + 1 == 5) execres.message = "账号密码连续输入错误5次,已锁定!请联系管理员解锁,thanks!"; } } } else { execres.status = false; execres.message = "账号密码连续输入错误5次,已锁定!请联系管理员解锁,thanks!"; } } else { execres.status = false; execres.message = "找不到此账号,请重新输入!"; } } else { execres.status = false; execres.message = "找不到此账号,请重新输入!"; } } return execres; }

根据登录不同的网域进行form验证

 private bool checkfromldap(string ntid, string ntpwd, string domain)//根据登录的不同网域进行form验证
        {
            bool result = false;
            string struser;
            try
            {
                struser = domain + "\\" + ntid;
                if (domain.tolower().equals("gi"))
                    domain = "gi.compal.com";
                else if (domain.tolower().equals("cqc_cci"))
                    domain = "10.140.1.1";
                else if (domain.tolower().equals("vn"))
                    domain = "10.144.2.101";
                else if (domain.tolower().equals("njp_cci"))
                    domain = "10.128.50.1";
                else
                    domain = "compal.com";
                directoryentry entry = new directoryentry("ldap://" + domain, struser, ntpwd);
                using (directorysearcher searcher = new directorysearcher(entry))
                {
                    searcher.filter = string.format("(&(objectclass=user)(samaccountname={0}))", ntid);
                    searchresult sr = searcher.findone();
                    using (searchresultcollection results = searcher.findall())
                    {
                        if (results.count > 0)
                        {
                            //if (results[0].properties.contains("employeeid"))
                            //    empid = results[0].properties["employeeid"][0].tostring();
                            //else
                            //    empid = results[0].properties["extensionattribute3"][0].tostring();
                            result = true;
                        }
                    }
                }
            }
            catch (exception ex)
            {
                //loghelper.error(ex.message);
            }

            return result;
        }

根据不同的用户登录进行权限管理

 public bool checkpermission(string controllername, string actionname,string plant, string userid)
        {
            bool result = false;
            //if (actionname.startswith("_"))
            //    actionname = actionname.substring(1);
            userinfo userinfo = checkuser(userid);
            if (userinfo!=null)
            {
                if (controllername == "home")
                    result = true;
                else if (userinfo.permissions.contains(controllername))
                {
                    if (!string.isnullorempty(plant))
                    {
                        if (userinfo.plantcode.tolower() == plant.tolower() || userinfo.plantcode == "all")
                            result = true;
                    }
                    else
                        result = true;
                }
            }
            return result;
        }