public JsonReturn GetBlogList([FromQuery] long authorID, [FromQuery] int pageNo, [FromQuery] int pageSize)
{
if (pageNo < 1)
{
pageNo = 1;
}
if (pageSize < 5)
{
pageSize = 5;
}
var skipRows = (pageNo - 1) * pageSize;
var blogList = from blog in dbc.Blog where blog.BlogAuthorID == authorID
orderby blog.BlogID select new { blog.BlogTitle, blog.BlogID, blog.BlogCreateTime };
var blogNum = blogList.Count();
if (blogNum > skipRows || pageNo == 1)
{
blogList = blogList.Skip(skipRows).Take(pageSize);
var blogListStr = JsonConvert.SerializeObject(blogList);
var blogListInfo = new JObject()
{
["BlogNum"] = blogNum, ["BlogList"] = JArray.Parse(blogListStr)
};
return(JsonReturn.ReturnSuccess(blogListInfo));
}
else
{
return(JsonReturn.ReturnFail("页码超出范围!"));
}
}
public JsonReturn GetBlog([FromQuery] long id)
{
var blog = dbc.Blog.Find(id);
if (blog == null)
{
return(JsonReturn.ReturnFail("该日志不存在!"));
}
if ((blog.BlogPrivacy & 0b10) != 0 && Convert.ToInt64(Request.Cookies["id"]) != blog.BlogAuthorID)
{
return(JsonReturn.ReturnFail("你无权访问该日志!"));
}
public JsonReturn Login(string username, string password)
{
username = HTMLEntity.XSSConvert(username);
var domain = new HttpParser(HttpContext).GetDomain();
UserEntity u = (from lu in dbc.User where lu.Name == username select lu).FirstOrDefault();
if (u == null)
{
return(JsonReturn.ReturnFail(-1, "该用户不存在!"));
}
string salt = u.Salt;
string passHash = HashStr(salt + password + salt + username);
if (u.Pass != passHash)
{
return(JsonReturn.ReturnFail(-2, "密码错误!"));
}
else
{
if (u.Token == null)
{
string token = HashStr(password + DateTime.Now.ToString() + username);
u.Token = token;
u.ExpireTime = DateTime.Now.AddMonths(1);
dbc.SaveChanges();
}
string ip = new HttpParser(HttpContext).GetIPAddr();
var loginIpDic = u.LoginIP;
if (!loginIpDic.ContainsKey(ip) || loginIpDic[ip] == false)
{
if (!loginIpDic.ContainsKey(ip))
{
loginIpDic.Add(ip, false);
u.LoginIP = loginIpDic;
dbc.SaveChangesAsync();
}
//TODO: 陌生ip登录,进行身份验证
}
Response.Cookies.Append("username", username, new CookieOptions {
Domain = domain, Expires = DateTime.Now.AddMonths(1)
});
Response.Cookies.Append("token", u.Token, new CookieOptions {
Domain = domain, Expires = DateTime.Now.AddMonths(1)
});
Response.Cookies.Append("id", u.UserID.ToString(), new CookieOptions {
Domain = domain, Expires = DateTime.Now.AddMonths(1)
});
return(JsonReturn.ReturnSuccess());
}
}
public JsonReturn Register([FromForm] string username, [FromForm] string password)
{
username = XSSConvert(username);
string salt = HashStr(username + DateTime.Now.ToString());
string passHash = HashStr(salt + password + salt + username);
string ip = new HttpParser(HttpContext).GetIPAddr();
var loginIPDic = new Dictionary <string, bool>();
loginIPDic.Add(ip, true);
UserEntity u = new UserEntity {
Name = username, Pass = passHash, Salt = salt, LoginIP = loginIPDic
};
try
{
dbc.User.Add(u);
dbc.SaveChanges();
}
catch (Exception e) { return(JsonReturn.ReturnFail("Username already exists!")); }
return(JsonReturn.ReturnSuccess());
}
public ActionResult SaveQuizPic()
{
const string picBasePath = "/home/duoyi/file/pics";
if (!Directory.Exists(picBasePath))
{
Directory.CreateDirectory(picBasePath);
}
var file = Request.Form.Files.FirstOrDefault();
if (file == null)
{
return(JsonReturn.ReturnFail("File is not exist!"));
}
var fileNameSplit = file.FileName.Split(".");
var splitCount = fileNameSplit.Count();
var fileExt = fileNameSplit[splitCount - 1];
var fileNameBody = file.FileName.Replace($".{fileExt}", "");
var newBody = fileNameBody;
int duplicate = 0;
string filePath = $"{picBasePath}/{newBody}.{fileExt}";
if (System.IO.File.Exists(filePath))
{
newBody = $"{fileNameBody}{duplicate}";
filePath = $"{picBasePath}/{newBody}.{fileExt}";
duplicate++;
}
FileStream fs = System.IO.File.Create(filePath);
file.CopyTo(fs);
fs.Flush();
fs.Dispose();
return(JsonReturn.ReturnSuccess(data: new JObject()
{
["src"] = $"/file/pics/{newBody}.{fileExt}", ["title"] = "uploadpic"
}));
}
public JsonReturn Login([FromForm] string username, [FromForm] string password)
{
username = XSSConvert(username);
var domain = new HttpParser(HttpContext).GetDomain();
UserEntity u = (from lu in dbc.User where lu.Name == username select lu).FirstOrDefault();
if (u == null)
{
return(JsonReturn.ReturnFail(-1, "Wrong username or password!"));
}
string salt = u.Salt;
string passHash = HashStr(salt + password + salt + username);
if (u.Pass != passHash)
{
return(JsonReturn.ReturnFail(-1, "Wrong username or password!"));
}
else
{
if (u.Token == null)
{
string token = HashStr(password + DateTime.Now.ToString() + username);
u.Token = token;
u.ExpireTime = DateTime.Now.AddMonths(1);
dbc.SaveChanges();
}
Response.Cookies.Append("username", username, new CookieOptions {
Domain = domain, Expires = DateTime.Now.AddMonths(1)
});
Response.Cookies.Append("token", u.Token, new CookieOptions {
Domain = domain, Expires = DateTime.Now.AddMonths(1)
});
Response.Cookies.Append("id", u.UserID.ToString(), new CookieOptions {
Domain = domain, Expires = DateTime.Now.AddMonths(1)
});
return(JsonReturn.ReturnSuccess());
}
}
protected override void LoginFail(ActionExecutingContext context)
{
context.Result = JsonReturn.ReturnFail(-3, "Illegal API access!");
}
protected override void LoginFail(ActionExecutingContext context)
{
context.Result = JsonReturn.ReturnFail(-3, "你没有权限访问此模块!");
}
public IActionResult Api500() => JsonReturn.ReturnFail(500, "该接口出现内部错误,无法访问!");
public IActionResult Api404() => JsonReturn.ReturnFail(404, "该接口不存在!");
