欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

C#实现Check Password和锁定输错密码锁定账户功能

程序员文章站 2022-11-21 16:34:23
银行卡大家都使用,在密码输错超过限制次数之后,就容易被锁死,智能到银行柜台才能解锁,那么这一功能如果实现的呢,今天小编通过实例代码给大家详细讲解,一起跟随小编看看吧。 c#实现的ch...

银行卡大家都使用,在密码输错超过限制次数之后,就容易被锁死,智能到银行柜台才能解锁,那么这一功能如果实现的呢,今天小编通过实例代码给大家详细讲解,一起跟随小编看看吧。

c#实现的check password,并根据输错密码的次数分情况锁定账户:如果输入错误3次,登录账户锁定5分钟并提示x点x分后重试登录。如果5分钟后再次输入,累计输入错误密码累计达到5次。则账户会被永久锁定,需联系系统管理员进行把数据库中的输入错误的次数(errorcount)进行清零解锁才能登陆。实现代码如下:

 public class userinfo1
 {
  public string error_count { get; set; }
  public string error_time { get; set; }
 } 


 public executionresult checkaccountpwd(string account, string password)
  {
   executionresult execres;
   execres = new executionresult();

   string[] strs = account.split(new string[] { "\\" }, stringsplitoptions.removeemptyentries);
   if (strs.length < 2)
   {
    execres.status = false;
    execres.message = "无效的账号。";
   }
   else
   {
    userinfo1 info1 = null;
    execres = calleepmethod.execute(dbname, "sdem2131", "getuserinfo", strs[1].tolower());
    if (execres.status && execres.anything != null)
    {
     info1 = jsonconvert.deserializeobject<userinfo1>(execres.anything.tostring());
     if (info1 != null)
     {
      int errcount = convert.toint32(info1.error_count);
      datetime errtime = convert.todatetime(info1.error_time);
      if (errcount != 5)
      {
       //int errorcount
       datetime dt0 = datetime.now;
       datetime dt1 = errtime.addminutes(5);
       double s = (dt1 - dt0).totalseconds;
       if (errcount == 3 && s > 0)
       {
        execres.status = false;
        execres.message = "密码连续输入错误3次,请于 " + errtime.addminutes(+5).tostring("yyyy-mm-dd hh:mm:ss") + " 之后重试,thanks!";
       }
       else
       {
        if (checkfromldap(strs[1], password, strs[0]))
        {
         cpu.models.userinfo userinfo = checkuser(strs[1]);
         if (userinfo == null)
         {
          execres.status = false;
          execres.message = "您没有权限操作此系统!";
         }
         else
         {
          execres.status = true;
          execres.anything = userinfo;
          //error count 清0
          calleepmethod.execute(dbname, "sdem2131", "updateuserloginerror", strs[1].tolower() + ","+"0" + "," + datetime.now.tostring("yyyy/mm/dd hh:mm:ss"));
          
         }
        }
        else
        {
         execres.status = false;
         // 次数+1
         if (errcount + 1 > 1)
          execres.message = "密码连续输入错误" + (errcount+1).tostring() + "次。密码连续输错5次将锁定!";
         else
          execres.message = "密码输入错误!";
         dt0 = datetime.now;
         calleepmethod.execute(dbname, "sdem2131", "updateuserloginerror", strs[1].tolower() + "," + (errcount + 1).tostring()+"," + datetime.now.tostring("yyyy/mm/dd hh:mm:ss"));
         if (errcount + 1 == 3)
          execres.message = "密码连续输入错误" + (errcount + 1).tostring() + "次,请于 " + dt0.addminutes(5).tostring("yyyy-mm-dd hh:mm:ss") + " 之后重试,thanks!";
         if (errcount + 1 == 5)
          execres.message = "账号密码连续输入错误5次,已锁定!请联系管理员解锁,thanks!";
        }
       }
      }
      else
      {
       execres.status = false;
       execres.message = "账号密码连续输入错误5次,已锁定!请联系管理员解锁,thanks!";
      }
     }
     else
     {
      execres.status = false;
      execres.message = "找不到此账号,请重新输入!";
     }
    }
    else
    {
     execres.status = false;
     execres.message = "找不到此账号,请重新输入!";
    }
   }
   return execres;
  }

根据登录不同的网域进行form验证

 private bool checkfromldap(string ntid, string ntpwd, string domain)//根据登录的不同网域进行form验证
  {
   bool result = false;
   string struser;
   try
   {
    struser = domain + "\\" + ntid;
    if (domain.tolower().equals("gi"))
     domain = "gi.compal.com";
    else if (domain.tolower().equals("cqc_cci"))
     domain = "10.140.1.1";
    else if (domain.tolower().equals("vn"))
     domain = "10.144.2.101";
    else if (domain.tolower().equals("njp_cci"))
     domain = "10.128.50.1";
    else
     domain = "compal.com";
    directoryentry entry = new directoryentry("ldap://" + domain, struser, ntpwd);
    using (directorysearcher searcher = new directorysearcher(entry))
    {
     searcher.filter = string.format("(&(objectclass=user)(samaccountname={0}))", ntid);
     searchresult sr = searcher.findone();
     using (searchresultcollection results = searcher.findall())
     {
      if (results.count > 0)
      {
       //if (results[0].properties.contains("employeeid"))
       // empid = results[0].properties["employeeid"][0].tostring();
       //else
       // empid = results[0].properties["extensionattribute3"][0].tostring();
       result = true;
      }
     }
    }
   }
   catch (exception ex)
   {
    //loghelper.error(ex.message);
   }

   return result;
  }

根据不同的用户登录进行权限管理

public bool checkpermission(string controllername, string actionname,string plant, string userid)
  {
   bool result = false;
   //if (actionname.startswith("_"))
   // actionname = actionname.substring(1);
   userinfo userinfo = checkuser(userid);
   if (userinfo!=null)
   {
    if (controllername == "home")
     result = true;
    else if (userinfo.permissions.contains(controllername))
    {
     if (!string.isnullorempty(plant))
     {
      if (userinfo.plantcode.tolower() == plant.tolower() || userinfo.plantcode == "all")
       result = true;
     }
     else
      result = true;
    }
   }
   return result;
  }

总结

以上所述是小编给大家介绍的c#实现check password和锁定输错密码锁定账户功能,希望对大家有所帮助