static public SampleDB Create(params object[] parameters)
{
SampleDB query = new SampleDB();
query._args = parameters;
return(query);
}
/// <summary>
/// 登录页面提交登录请求。
/// </summary>
/// <param name="context"></param>
public void HandleLogin(HttpContext context)
{
var account = SampleDB.FindAccount(context.Request["account"], Util.ComputePasswordHash(context.Request["pwd"], context.Request["account"]));
if (account != null)
{
//8 登录成功,创建用户账号对应的token xxx
var token = Util.GetTokenForAccount(account);
//9 把token写到本站cookie;
context.Response.SetCookie(new HttpCookie("baibaomensso", token));
//这个cookie和sso流程无关,是方便SSO的login.html前端页面显示用户名用的。
context.Response.SetCookie(new HttpCookie("username", account.Name));
//9 跳转到returnurl并带上token。此处只输出token,在前端页面回调中执行跳转。
context.Response.Write(token);
context.Response.End();
//context.Response.Redirect(MakeReturnUrl(context.Request["returnurl"],token),true);
}
else
{
//不应该用401,不合理而且会导致浏览器弹出登录框:http://stackoverflow.com/questions/1959947/whats-an-appropriate-http-status-code-to-return-by-a-rest-api-service-for-a-val
//context.Response.StatusCode = 401;
context.Response.StatusCode = 422;
}
}
private void Execute()
{
if (_select == null)
{
throw (new Exception("No select!"));
}
if (_from == null)
{
throw (new Exception("No from!"));
}
StringBuilder sb = new StringBuilder();
sb.Append("SELECT ").Append(_select);
sb.Append(" FROM ").Append(_from);
if (!string.IsNullOrEmpty(_where))
{
sb.Append(" WHERE ").Append(_where);
}
if (!string.IsNullOrEmpty(_order))
{
sb.Append(" ORDER BY ").Append(_order);
}
SqlConnection conn = SampleDB.CreateConnection();
SqlCommand cmd = SampleDB.CreateCommand(conn, sb.ToString(), _args);
string str1 = "NEXT";
if (_start != 0)
{
str1 = "ABSOLUTE " + (_start + 1);
}
cmd.CommandText = string.Format(cursorSQL, cmd.CommandText, str1);
int count = _count;
if (count <= 0)
{
count = int.MaxValue;
}
cmd.Parameters.AddWithValue("@ReturnRowCount", count);
conn.Open();
try
{
_reader = cmd.ExecuteReader(CommandBehavior.CloseConnection);
}
catch
{
_reader = null;
conn.Dispose();
throw;
}
_reader.Read();
_total = Convert.ToInt32(_reader.GetValue(0));
_reader.NextResult();
}
public List <StudentDTO> GetStudentList(int DeptId)
{
List <StudentDTO> _StudentDTOList = new List <StudentDTO>();
using (var context = new SampleDB())
{
var Data = context.M_StudentTable.Where(b => b.DeptId == DeptId).ToList();
Mapper.CreateMap <M_StudentTable, StudentDTO>();
Mapper.Map <List <M_StudentTable>, List <StudentDTO> >(Data, _StudentDTOList);
}
return(_StudentDTOList);
}
public List <DeptDTO> GetDepartment(int DeptId)
{
List <DeptDTO> _DeptList = new List <DeptDTO>();
using (var context = new SampleDB())
{
var Data = context.M_DeptTable.Where(b => b.DeptId == DeptId).ToList();
Mapper.CreateMap <M_DeptTable, DeptDTO>();
Mapper.Map <List <M_DeptTable>, List <DeptDTO> >(Data, _DeptList);
}
return(_DeptList);
}
public List <DeptDTO> GetDeptList()
{
List <DeptDTO> _DeptList = new List <DeptDTO>();
using (var context = new SampleDB())
{
var Data = context.M_DeptTable.ToList();
Mapper.CreateMap <M_DeptTable, DeptDTO>();
Mapper.Map <List <M_DeptTable>, List <DeptDTO> >(Data, _DeptList);
}
return(_DeptList);
}
public long SaveDepartment(DeptDTO ObjDeptDTO)
{
long DeptID = 0;
M_DeptTable ObjDptTable = new M_DeptTable();
Mapper.CreateMap <DeptDTO, M_DeptTable>();
Mapper.Map <DeptDTO, M_DeptTable> (ObjDeptDTO, ObjDptTable);
if (ObjDptTable != null)
{
using (var context = new SampleDB())
{
var result = context.M_DeptTable.SingleOrDefault(b => b.DeptId == ObjDptTable.DeptId);
if (result != null)
{
try
{
using (var context1 = new SampleDB())
{
context1.M_DeptTable.Attach(ObjDptTable);
context1.Entry(ObjDptTable).State = EntityState.Modified;
context1.SaveChanges();
DeptID = ObjDptTable.DeptId;
}
}
catch (Exception ex)
{
throw;
}
}
else
{
DeptID = 0;
}
}
}
return(DeptID);
}
private void HandleValidate(HttpContext context)
{
var theToken = Util.DecryptTokenForValidationRequest(context.Request);
UserInfo theAccount = null;
if (!string.IsNullOrEmpty(theToken))
{
theAccount = Util.FindAccountForToken(theToken);
}
else
{
//todo:要检查账号所在域名是否正确。
string accountStr = null;
if (context.User != null && context.User.Identity != null)
{
accountStr = context.User.Identity.Name.Split('\\')[1].ToLower();
}
if (!string.IsNullOrEmpty(accountStr))
{
theAccount = SampleDB.FindAccount(accountStr);
}
}
if (theAccount != null)
{
//13. 验证通过。
//14. 告知token有效,并附带允许站点获取的用户信息。
//32. 同13。
//33. 同14。
//todo:实际场景中,应该根据请求的server-key,只传递该server能看到的用户信息。
context.Response.Write(Newtonsoft.Json.JsonConvert.SerializeObject(theAccount));
}
context.Response.End();
}
public static SampleDB Create(params object[] parameters)
{
SampleDB query = new SampleDB();
query._args = parameters;
return query;
}
public HomeController(ILogger <HomeController> logger, IWebHostEnvironment environment)
{
_logger = logger;
_hostingEnvironment = environment;
SampleDB.init(Path.Combine(environment.ContentRootPath, @"Models\MOCK_DATA.json"));
}
