人事管理系统登录界面--WPF

登录界面要求如下：

1、如何保证密码的安全性。

2、如何进行密码验证。

3、如何当密码输错三次，用户自动锁定。

4、如何提示用户。

问题解决方案：

1、采用MD5加密,再进行加盐处理。

2、输入的密码加密，与数据库中的密码相匹配。

3、设置全局变量进行计算密码输入错误次数。

4、密码错误与用户名不存在时，在界面上显示错误信息，而不是弹出窗口。

登录前台代码XAML：

<Window x:Class="HRMS.UI.LoginWindow"        xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"        xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"        Title="人事管理系统" Height="250" Width="300"        ResizeMode="NoResize"        WindowStartupLocation="CenterScreen" Loaded="Window_Loaded_1"        WindowStyle="None"        AllowsTransparency="True"        Background="Transparent"        >        <Grid >        <Grid.Background>            <ImageBrush ImageSource="Images/Login.png"></ImageBrush>        </Grid.Background>                <TextBox x:Name="txtUserName" HorizontalAlignment="Left" Height="23" Margin="116,73,0,0" TextWrapping="Wrap" VerticalAlignment="Top" Width="140" Text="admin"/>        <PasswordBox x:Name="pwdPassword" HorizontalAlignment="Left" Height="23" Margin="116,125,0,0"  VerticalAlignment="Top" Width="140" Password="123"/>        <TextBlock HorizontalAlignment="Left" Margin="36,73,0,0" TextWrapping="Wrap" Text="用户账号" Foreground="AliceBlue" FontSize="16" VerticalAlignment="Top"/>        <TextBlock HorizontalAlignment="Left" Margin="36,127,0,0" TextWrapping="Wrap" Text="用户密码" Foreground="AliceBlue" FontSize="16" VerticalAlignment="Top" RenderTransformOrigin="1.281,0.333"/>        <Button x:Name="btnLogin"  Content="登 录" Foreground="BurlyWood" FontSize="16" FontWeight="Black" HorizontalAlignment="Left" Margin="36,191,0,0" VerticalAlignment="Top" Width="75" Click="btnLogin_Click">            <Button.Background>                <ImageBrush ></ImageBrush>            </Button.Background>        </Button>        <Button x:Name="btnCancel" Content="取消" Foreground="DarkOrange"  FontSize="16" HorizontalAlignment="Left" Margin="181,191,0,0" VerticalAlignment="Top" Width="75" RenderTransformOrigin="0.923,0.498" Click="btnCancel_Click">            <Button.Background>                <ImageBrush ></ImageBrush>            </Button.Background>        </Button>        <Label x:Name="labUserName" Content="*" HorizontalAlignment="Left" Margin="36,153,0,0" VerticalAlignment="Top" RenderTransformOrigin="-2.067,0.5" Visibility="Hidden"/>        <Label x:Name="labPassword" Content="*" HorizontalAlignment="Left" Margin="160,153,0,0" VerticalAlignment="Top" RenderTransformOrigin="0.55,-0.038" Visibility="Hidden"/>            </Grid></Window>

登录后台代码：

  <span style="white-space:pre"></span>private int num = 0;<span style="white-space:pre"></span>//密码输入错误次数        private void btnLogin_Click(object sender, RoutedEventArgs e)        {            #region 检查文本框            if (txtUserName.Text.Trim().Length <= 0 || pwdPassword.Password.Trim().Length <= 0)  //为了解决用户名和密码都不填写的时候，不能同时显示两个提示            {                if (txtUserName.Text.Length <= 0)                {                    //显示Label                    labUserName.Visibility = Visibility.Visible;                    //添加背景颜色                    labUserName.Foreground = Brushes.Red;                    //验证信息                    labUserName.Content = "账号不能为空";                                 }                else                {                    //内容不为空，就隐藏                    labUserName.Visibility = Visibility.Hidden;                }                if (pwdPassword.Password.Length <= 0)                {                    labPassword.Visibility = Visibility.Visible;                    labPassword.Foreground = Brushes.Red;                    labPassword.Content = "密码不能为空";                                 }                else                {                    labPassword.Visibility = Visibility.Hidden;                }                return;            }            labUserName.Visibility = Visibility.Hidden;            labPassword.Visibility = Visibility.Hidden;                       #endregion            //获取窗体用户名和密码            string userName = txtUserName.Text;            string password = pwdPassword.Password;            //密码加密,并在进行加盐            password = CommonHelper.GetMD5(password + CommonHelper.GetPaawordSalt());            OperatorBLL bll = new OperatorBLL();                       Operator op = new Operator();            string msg; //返回信息            bool state = bll.Login(userName, password, out msg, out op);            if (op.IsLocked == true)    //是否锁定            {                MessageBox.Show("用户已锁定，请联系管理员");                return;            }            if (state)            {                //登录成功,可进入主界面                #region 操作日志 登录成功                new OperationLogBLL().Insert(op.Id, "登录系统");                //相当于Session                Application.Current.Properties["OperatorId"] = op.Id;                #endregion                               DialogResult = true;                            }            else            {                #region 操作日志 登录失败                new OperationLogBLL().Insert(op.Id, "尝试登录，登录失败");                #endregion                num++;                if (num >= 3)                {                                        bll.LockById(op.Id);                    MessageBox.Show("管理员" + op.UserName + "已输错三次密码，请联系开发人员");                }                else                {                                        MessageBox.Show(msg+"还有"+(3-num)+"次机会");                }            }        }        private void btnCancel_Click(object sender, RoutedEventArgs e)        {            DialogResult = false;        }

密码加密代码（CommonHelper）类：

<span style="white-space:pre"></span>/// <summary>        /// MD5加密算法        /// </summary>        /// <param name="sDataIn">用户输入的密码</param>        /// <returns>已加密的密码值</returns>        public static string GetMD5(string sDataIn)        {            //把字符串转换成字节数组            MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();            byte[] bytValue, bytHash;            bytValue = System.Text.Encoding.UTF8.GetBytes(sDataIn);            //加密            bytHash = md5.ComputeHash(bytValue);            md5.Clear();            string sTemp = "";            //把每一个字节0-255.转换成两位16进制的数            for (int i = 0; i < bytHash.Length; i++)            {                sTemp += bytHash[i].ToString("X").PadLeft(2, '0');                //X2,生成两个16进制，2为了成为2位（补0）                //'X'是代表16进制.当1的时候，不是两位，就是要补0            }            return sTemp.ToLower();        }        /// <summary>        /// 密码加盐，防止用户密码过于简单        /// </summary>        /// <returns></returns>        public static string GetPaawordSalt()        {            //可以在配置文件AppSettings,添加key来增加值.            string salt = ConfigurationManager.AppSettings["passwordSalt"];            return salt;        }

密码加盐 存放于根文件下App.Config文件中，方便用户修改:

App.Config

<?xml version="1.0"?><configuration>    <startup>         <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>    </startup>  <appSettings>    <add key="passwordSalt" value="lzj@2015."/>  </appSettings>    <startup useLegacyV2RuntimeActivationPolicy="true">    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>  </startup></configuration>