2.接口: 接收 验证参数
两边加密字段 顺序都要一致if (Signature == "")
{ throw new ErrException("签名信息不能为空!", "40011"); }if (Signature.ToLower() != TMPublic.strToMd5("SecurityKey=" + GetSecurityKey()+ "&fchrClubMemberPwd=" + fchrClubMemberPwd.ToString() + "&fchrClubMemberPwd1=" + fchrClubMemberPwd1.ToString())) { throw new ErrException("验证签名失败!", "40011"); }
公共方法:
//秘钥
public string GetSecurityKey() { return ConfigurationManager.AppSettings["SecurityKey"].ToString(); } // MD5计算字符串 public static string strToMd5(string str) { MD5 md5 = MD5.Create(); byte[] byts = System.Text.Encoding.UTF8.GetBytes(str); byts = md5.ComputeHash(byts); StringBuilder builder = new StringBuilder(); for (int i = 0; i < byts.Length; i++) { builder.Append(byts[i].ToString("x2")); } return builder.ToString(); } public static string strToMd532(String input) { string cl = input; string pwd = ""; MD5 md5 = MD5.Create();//实例化一个md5对像 // 加密后是一个字节类型的数组,这里要注意编码UTF8/Unicode等的选择 byte[] s = md5.ComputeHash(Encoding.UTF8.GetBytes(cl)); // 通过使用循环,将字节类型的数组转换为字符串,此字符串是常规字符格式化所得 for (int i = 0; i < s.Length; i++) { // 将得到的字符串使用十六进制类型格式。格式后的字符是小写的字母,如果使用大写(X)则格式后的字符是大写字符pwd = pwd + s[i].ToString("X");
}
return pwd; }
完整接口写法:
/// <summary> /// 获取用户登录 /// </summary> /// <param name="context"></param> private void GetClubLogin(HttpContext context) {
string json = "[]";
string msg = "Success"; string errCode = "0"; try { string fchrClubMemberID = PageUtil.Request("fchrClubMemberID"); //id string fchrPhoneNO = Request("fchrPhoneNO"); string fchrClubMemberPwd = Request("fchrClubMemberPwd");string Signature = Request("Signature");
if (Signature == "") { throw new ErrException("签名信息不能为空!", "40011"); }if (Signature.ToLower() != TMPublic.strToMd5("SecurityKey=" + GetSecurityKey() + "&fchrPhoneNO=" + fchrPhoneNO.ToString() + "&fchrClubMemberPwd=" + fchrClubMemberPwd.ToString()))
{ throw new ErrException("验证签名失败!", "40011"); } string strSql = @"SELECT fchrPhoneNO,fchrClubMemberID,fchrClubMemberPwd FROM dbo.ClubMember WHERE fchrPhoneNO=" + TMPublic.FormatField(fchrPhoneNO) + " AND fchrClubMemberPwd=" + TMPublic.FormatField(fchrClubMemberPwd); DataTable dt = DBHelper.GetTable(Util.ConnectionString, strSql);if (dt.Rows.Count == 0)
throw new ErrException("手机号或密码错误!", AppError.InvalidStudent); //将查出来的结果返回到前台 json = TMPublic.DataTable2Json(dt); } catch (Exception ex) { errCode = AppError.Unknown; //未知错误 msg = ex.Message; } json = GetJson(errCode, msg, json); context.Response.Write(json); } 控制器:/// <summary>
/// 登录 /// </summary> /// <param name="fchrPhoneNO"></param> /// <param name="fchrClubMemberPwd"></param> /// <returns></returns> [ValidateInput(false)] [AcceptVerbs(HttpVerbs.Post)] public ActionResult CheckClubLogin(string fchrPhoneNO, string fchrClubMemberPwd) { //Signature加密字符串 string Signature = strToMd5("SecurityKey=" + GetSecurityKey() + "&fchrPhoneNO=" + fchrPhoneNO.ToString() + "&fchrClubMemberPwd=" + fchrClubMemberPwd.ToString()); //获取登录接口 string postdate = "Method=GetClubLogin&fchrPhoneNO=" + fchrPhoneNO + "&fchrClubMemberPwd=" + fchrClubMemberPwd + "&Signature=" + Signature; string res = GetHttpPost(GetAPIURL(), postdate); res = "[" + res.Replace("\"", "'").Replace("[", "\"[").Replace("]", "]\"") + "]"; DataTable dt = JsonConvert.DeserializeObject<DataTable>(res); if (dt.Rows[0]["Flag"].ToString() == "0") { DataTable dt1 = JsonConvert.DeserializeObject<DataTable>(dt.Rows[0]["Data"].ToString()); //将用户id 存到Session 字典类型 id fchrPhoneNO都可以 Dictionary<string, string> dc = new Dictionary<string, string>(); //将会员id 手机号 写入Session dc.Add("fchrClubMemberID", dt1.Rows[0]["fchrClubMemberID"].ToString()); dc.Add("fchrPhoneNO", dt1.Rows[0]["fchrPhoneNO"].ToString()); sessino.AddSession(dc); //判断失效的位置 if (!string.IsNullOrEmpty(sessino.GetSessions("View").ToString()))//回到上次的位置 { return View(sessino.GetSessions("View").ToString()); } //res = "[" + res.Replace("\"", "'").Replace("[", "\"[").Replace("]", "]\"") + "]"; // dt = JsonConvert.DeserializeObject<DataTable>(res); //dt.Rows[0]["Data"].ToString(); } else { //提示错误 return new JsonResult { Data = res }; } return new JsonResult { Data = res }; // return View("ClubMemberAdmin"); //跳转到 个人中心控制器 }#region MD5 方法 // 需要配 在.config里的 不然GetSecurityKey方法不能用 //<appSettings> 加键值 //<!--俱乐部陪练--> //<add key="SecurityKey" value="Pl4c5WAIT6O8TustOZULVOq6CUKpwQSH"/> //</appSettings>
//密钥
public string GetSecurityKey() { return ConfigurationManager.AppSettings["SecurityKey"].ToString(); } // MD5计算字符串 public static string strToMd5(string str) { MD5 md5 = MD5.Create(); byte[] byts = System.Text.Encoding.UTF8.GetBytes(str); byts = md5.ComputeHash(byts); StringBuilder builder = new StringBuilder(); for (int i = 0; i < byts.Length; i++) { builder.Append(byts[i].ToString("x2")); } return builder.ToString(); } //随机数 public static string GetRandom(int length) { Random ran = new Random(); int max = 9; if (length == 1) max = 9; else if (length == 2) max = 99; else if (length == 3) max = 999; else if (length == 4) max = 9999; else if (length == 5) max = 99999; else if (length == 6) max = 999999; else if (length == 7) max = 9999999; else if (length == 8) max = 99999999; else max = 999999;return ran.Next(1, max).ToString().PadLeft(length, '0');
}//密钥
private const string sKey = "qJzGEh6hESZDVJeCnFPGuxzaiB7NLQM3"; public static string GetRandomString(int length) { string str = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";//75个字符 Random r = new Random(); string result = string.Empty;//生成一个8位长的随机字符,具体长度可以自己更改
for (int i = 0; i < length; i++) { int m = r.Next(0, str.Length);//这里下界是0,随机数可以取到,上界应该是75,因为随机数取不到上界,也就是最大74,符合我们的题意 string s = str.Substring(m, 1); result += s; } return result; } public static string strToMd532(String input) { string cl = input; string pwd = ""; MD5 md5 = MD5.Create();//实例化一个md5对像 // 加密后是一个字节类型的数组,这里要注意编码UTF8/Unicode等的选择 byte[] s = md5.ComputeHash(Encoding.UTF8.GetBytes(cl)); // 通过使用循环,将字节类型的数组转换为字符串,此字符串是常规字符格式化所得 for (int i = 0; i < s.Length; i++) { // 将得到的字符串使用十六进制类型格式。格式后的字符是小写的字母,如果使用大写(X)则格式后的字符是大写字符pwd = pwd + s[i].ToString("X");
}
return pwd; } #endregion