JLH/JLHHJSvr/Excutor/ModPasswordExcutor.cs

using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Text;
using JLHHJSvr.BLL;
using JLHHJSvr.Com;
using JLHHJSvr.Com.Model;
using JLHHJSvr.DBA.DBModle;
using LJLib.DAL.SQL;
using LJLib.Net.SPI.Server;
using LJLib.Tools.DEncrypt;

namespace JLHHJSvr.Excutor
{
    internal sealed class ModPasswordExcutor : ExcutorBase<ModPasswordRequest, ModPasswordResponse>
    {
        protected override void ExcuteInternal(ModPasswordRequest request, object state, ModPasswordResponse rslt)
        {
            TokenData tokendata = null;
            if (string.IsNullOrEmpty(request.usercode))
            {
                rslt.ErrMsg = "未填写用户名";
                return;
            }
            if (request.oldpsw == null)
            {
                rslt.ErrMsg = "入参异常，旧密码为空";
                return;
            }
            if (request.newpsw == null)
            {
                //重置
                tokendata = BllHelper.GetToken(request.token);
                if (tokendata == null)
                {
                    rslt.ErrMsg = "会话已经中断，请重新登录";
                    return;
                }
            }
            else if (request.newpsw.Equals(""))
            {
                rslt.ErrMsg = "新密码不能为空";
                return;
            }



            using (var con = new SqlConnection(GlobalVar.ConnectionString))
            using (var cmd = con.CreateCommand())
            {
                con.Open();

                var user = new st_user(){usercode = request.usercode};
                cmd.CommandText = "SELECT userid, psw FROM st_user WHERE usercode = @usercode";
                cmd.Parameters.Clear();
                cmd.Parameters.AddWithValue("@usercode", user.usercode);
                
                using (var reader = cmd.ExecuteReader())
                {
                    if (reader.Read())
                    {
                        user.userid = Convert.ToInt32(reader["userid"]);
                        user.psw = Convert.ToString(reader["psw"]);
                    }
                    else
                    {
                        rslt.ErrMsg = string.Format("没有用户名为[{0}]的用户");
                        return;
                    }
                }
                using (cmd.Transaction = con.BeginTransaction())
                {
                    try
                    {
                        if (request.newpsw == null)
                        {
                            //重置
                            var havePower = new Power().CheckPower(cmd, tokendata.userid, 26);
                            if (!havePower)
                            {
                                rslt.ErrMsg = "您没有恢复密码的权限";
                                return;
                            }
                            //重置后密码与用户名一样
                            user.psw = DESEncrypt.Encrypt(request.usercode, "BC493812B6664BECBF44C21C3BB043C4");

                        }
                        else
                        {
                            //修改
                            if (DESEncrypt.Encrypt(request.oldpsw, "BC493812B6664BECBF44C21C3BB043C4") != user.psw)
                            {
                                rslt.ErrMsg = "密码错误";
                                return;
                            }
                            user.psw = DESEncrypt.Encrypt(request.newpsw, "BC493812B6664BECBF44C21C3BB043C4");
                        }
                        DbSqlHelper.Update(cmd, user, "psw");
                        cmd.Transaction.Commit();
                    }
                    catch (Exception e)
                    {
                        cmd.Transaction.Rollback();
                        rslt.ErrMsg = e.ToString();
                    }
                }


            }
        }
    }
}