public JObject Post([FromBody] object value)//更改SubServer的信息,比如自定义名称
{
#region 注销检测
string token = JwtManager.GetRequestTokenString(Request);
var redis = RedisHelper.GetRedisHelper();
if (!redis.SignInCheck(token))
{
return(null);//返回错误信息提示重新登录
}
#endregion
JObject result;
#region 具体逻辑
//待写
JObject regform = (JObject)value;//获取Json
#endregion
ErrorRootobject errorRootobject = new ErrorRootobject()
{
ReturnCode = "11111",
msg = "DeviceInfo Update Successful"
};
string serial = JsonConvert.SerializeObject(errorRootobject);
result = (JObject)JsonConvert.DeserializeObject(serial);
return(result);
}
public async Task <JObject> PostAsync([FromBody] object value)
{
//#region 注销检测
//string token = JwtManager.GetRequestTokenString(Request);
//var redis = RedisHelper.GetRedisHelper();
//if (!redis.SignInCheck(token))
//{
// return null;//返回错误信息提示重新登录
//}
//#endregion
#region 变量声明以及初始化
JObject jObject = (JObject)value;
JObject result;
string acToken;
string subServerId;
string device_Ip;
string username = "******";
bool acTokenDanger = false;
bool subserveripDanger = false;
bool deviceipDanger = false;
bool subserveridAvailable = false;
bool deviceipAvailable = false;
string buser1 = "buser";
string buser2;
ErrorRootobject error = new ErrorRootobject
{
ReturnCode = "0001",
msg = "JSON format error"
};
ControlMsgRootobject controlMsg = new ControlMsgRootobject
{
DeviceIP = "F0-79-59-17-58-B7"
};
string serial = JsonConvert.SerializeObject(error);
result = (JObject)JsonConvert.DeserializeObject(serial);
#endregion
#region 获取JSON内容
try
{
// acToken = jObject["actoken"].ToString();
subServerId = jObject["subserverId"].ToString();
device_Ip = jObject["deviceIP"].ToString();
// acTokenDanger = Regex.IsMatch(acToken, @"[|;|,|\/|||||\}|\{|%|@|\*|!|\']");//排查危险字符
subserveripDanger = Regex.IsMatch(subServerId, @"[|;|,|\/|||||\}|\{|%|@|\*|!|\']");
subserveridAvailable = true;
deviceipDanger = Regex.IsMatch(subServerId, @"[|;|,|\/|||||\}|\{|%|@|\*|!|\']");
deviceipAvailable = Regex.IsMatch(device_Ip, @"((25[0-5]|2[0-4]\d|((1\d{2})|([1-9]?\d)))\.){3}(25[0-5]|2[0-4]\d|((1\d{2})|([1-9]?\d)))");
}
catch (Exception)
{
error.ReturnCode = "2009";
error.msg = "JSON format is incorrect";
serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 检查危险字符
if (acTokenDanger)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "2003",
msg = "Token contains dangerous characters "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
if (subserveripDanger)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "2002",
msg = "subserverid contains dangerous characters "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
if (deviceipDanger)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "2008",
msg = "deviceip contains dangerous characters "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 检查ip是否合格
if (!subserveridAvailable)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "2005",
msg = "subserverid is not available "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
if (!deviceipAvailable)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "2006",
msg = "deviceIP is not available "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
controlMsg.DeviceIP = device_Ip;
//#region 查询Token是否有效
//var conn = anJiaContext.Database.GetDbConnection();
//conn.Open();
//var command = conn.CreateCommand();
//string query = "SELECT Username "
// + "FROM Users "
// + "WHERE AccessToken = '" + acToken + "'";
//command.CommandText = query;
//try
//{
// DbDataReader unameReader = await command.ExecuteReaderAsync();
// unameReader.Read();//Read must be called first
// username = unameReader["Username"].ToString();
// conn.Close();
//}
//catch (Exception)
//{
// conn.Close();
// error = new ErrorRootobject
// {
// ReturnCode = "1004",
// msg = " Invalid access_Token "
// };
// serial = JsonConvert.SerializeObject(error);//将实体类序列化 为JSON字符串
// result = (JObject)JsonConvert.DeserializeObject(serial);//将JSON字符串反序列化为JObject对象
// return result;
//}
//#endregion
//#region 查询子服务器MAC对应的用户名
////查询MAC是否匹配有Username保证了一个MAC只对应一个User
//conn = anJiaContext.Database.GetDbConnection();
//conn.Open();
//command = conn.CreateCommand();
//query = "SELECT Username"
// + " FROM UserToSubserver "
// + "WHERE SubserverID = '" + subServerId + "'";
//command.CommandText = query;
//DbDataReader BindedReader = await command.ExecuteReaderAsync();
//if (BindedReader.HasRows)
//{
// //如果查询到被绑定
// //我担心会查出一个MAC地址绑定了多个用户的情况
// //后期可以设置让MAC地址为主键
// BindedReader.Read();
// buser1 = BindedReader["Username"].ToString();
//}
//conn.Close();
//#endregion
//#region Token对应的用户名
////查询MAC是否匹配有Username保证了一个MAC只对应一个User
//conn = anJiaContext.Database.GetDbConnection();
//conn.Open();
//command = conn.CreateCommand();
//query = "SELECT Username"
// + " FROM Users "
// + "WHERE AccessToken = '" + acToken + "'";
//command.CommandText = query;
//DbDataReader BUserReader = await command.ExecuteReaderAsync();
//if (BUserReader.HasRows)
//{
// //如果查询到被绑定
// //我担心会查出一个MAC地址绑定了多个用户的情况
// //后期可以设置让MAC地址为主键
// BUserReader.Read();
// buser2 = BUserReader["Username"].ToString();
//如果子服务器对应的用户名和token对应的用户名相同
if (true)
{
bool sendSuccess = await WebsocketClient.SendToSubserverAsync(subServerId, controlMsg); //发送给指定MAC信息
if (sendSuccess)
{
error.ReturnCode = "2000";
error.msg = " ControlMsg send success";
serial = JsonConvert.SerializeObject(error);
result = (JObject)JsonConvert.DeserializeObject(serial);
}
else
{
//
error.ReturnCode = "2001";
error.msg = " Subserver offline";
serial = JsonConvert.SerializeObject(error);
result = (JObject)JsonConvert.DeserializeObject(serial);
//接下来对表进行更改
}
// conn.Close();//关闭连接
return(result);
}
else
{
//提示没有对此服务器操作权限
error.ReturnCode = "2007";
error.msg = " You do not have permission to operate this subserver ";
serial = JsonConvert.SerializeObject(error);
result = (JObject)JsonConvert.DeserializeObject(serial);
// conn.Close();//关闭连接
return(result);
}
// }
// conn.Close();
// #endregion
return(result);
}
public async System.Threading.Tasks.Task <JObject> PostAsync([FromBody] object value)
{
#region 变量声明以及初始化
JObject jObject = (JObject)value; //获取为Json对象
JObject result; //返回结果
ErrorRootobject error = new ErrorRootobject();
error.ReturnCode = "00001";
error.msg = "JSON format error";
string serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
string username = "******";
string password = "******";
#endregion
#region 检查表单
try
{
username = jObject["username"].ToString();
password = jObject["password"].ToString();
}
catch
{
error.ReturnCode = "00001";
error.msg = "JSON format error";
serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 用户名以及密码的判空
if (username == "" || password == "")
{
error.ReturnCode = "00009";
error.msg = "Username or password can not be null";
serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 用户名以及密码的危险字符检查
//排查危险字符
bool unameDanger = Regex.IsMatch(username, @"[-|;|,|\/|||||\}|\{|%|@|\*|!|\']");
bool pwdDanger = Regex.IsMatch(password, @"[-|;|,|\/|||||\}|\{|%|@|\*|!|\']");
if (unameDanger)
{
//失败后返回错误原因:
error = new ErrorRootobject();
error.ReturnCode = "0002";
error.msg = "Username contains dangerous characters ";
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
if (pwdDanger)
{
//失败后返回错误原因:
error = new ErrorRootobject();
error.ReturnCode = "0003";
error.msg = "Password contains dangerous characters ";
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 检查用户名是否存在
//将安全的用户名和密码查询数据库
//首先查询用户名是否存在
var conn = anJiaContext.Database.GetDbConnection();
conn.Open();
var command = conn.CreateCommand();
string query = "SELECT Username "
+ "FROM Users "
+ "WHERE Username = '******'";
command.CommandText = query;
DbDataReader unameReader = await command.ExecuteReaderAsync();
//用户名不存在
if (!unameReader.HasRows)
{
conn.Close();
//密码不匹配返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "0004",
msg = "Username does not exist"
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
unameReader.Dispose(); //释放资源
return(result);
}
else
{
conn.Close();
}
#endregion
#region 用户名与密码匹配验证
conn.Open();
query = "SELECT Username, Password "
+ "FROM Users "
+ "WHERE Username = '******'" + " AND password = '******'";
command.CommandText = query;
DbDataReader reader = await command.ExecuteReaderAsync();
if (reader.HasRows)
{
conn.Close(); //关闭连接
var accessToken = JwtManager.GetJwtManager().GenerateToken(username); //生成Token
var redis = RedisHelper.GetRedisHelper();
redis.SetValue(username, accessToken);//在redis中建立用户名和Token的对应关系
LoginSuccessRootobject actoken = new LoginSuccessRootobject
{
AccessToken = accessToken//获取一个Token
};
error = new ErrorRootobject
{
ReturnCode = "0010",
msg = "Token failed to get"
};
serial = JsonConvert.SerializeObject(actoken); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
}
else
{
conn.Close();
//密码不匹配返回错误原因:
error = new ErrorRootobject();
error.ReturnCode = "0005";
error.msg = "Incorrect username or password";
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
}
reader.Dispose(); //释放资源
#endregion
return(result);
}
public async Task <JObject> PostAsync([FromBody] object value)
{
#region 注销检测
string token = JwtManager.GetRequestTokenString(Request);
var redis = RedisHelper.GetRedisHelper();
if (!redis.SignInCheck(token))
{
return(null);//返回错误信息提示重新登录
}
#endregion
#region 变量声明以及初始化
JObject regform = (JObject)value;
JObject result;//返回结果
ErrorRootobject error = new ErrorRootobject
{
ReturnCode = "00001",
msg = "JSON format error"
};
string serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
string acToken = "token";
string email = "email";
string phonenum = "phonenum";
string sex = "sex";
string username = "******";
#endregion
#region 检查表单
try
{
acToken = regform["AccessToken"].ToString();
email = regform["Email"].ToString();
phonenum = regform["Phonenum"].ToString();
sex = regform["Sex"].ToString();
}
catch (Exception)
{
error.ReturnCode = "0009";
error.msg = "JSON format error";
serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 排查危险字符
;
bool emailCheck = Regex.IsMatch(email, @"^[a-zA-Z0-9_-]+@[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+$"); //检查邮箱格式
bool phonnumCheck = Regex.IsMatch(phonenum, @"^1[3|4|5|7|8][0-9]{9}$"); //检查手机号格式
bool sexCheck = Regex.IsMatch(sex, @"[-|;|,|\/|||||\}|\{|%|@|\*|!|\']");
bool tokenCheck = Regex.IsMatch(acToken, @"[|;|,|\/|||||\}|\{|%|@|\*|!|\']");
bool[] check = { emailCheck, phonnumCheck, sexCheck, tokenCheck };
List <KeyValuePair <String, Boolean> > paraList = new List <KeyValuePair <string, bool> >
{
new KeyValuePair <string, bool>("1003", tokenCheck),
new KeyValuePair <string, bool>("0006", emailCheck),
new KeyValuePair <string, bool>("0011", sexCheck),
};
foreach (var i in paraList)
{
if (i.Value)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = i.Key,
msg = " contains dangerous characters "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
}
#endregion
#region 检查Token
var conn = anJiaContext.Database.GetDbConnection();
conn.Open();
var command = conn.CreateCommand();
string query = "SELECT Username "
+ "FROM Users "
+ "WHERE AccessToken = '" + acToken + "'";
//command.CommandText = query;
//try
//{
// DbDataReader unameReader = await command.ExecuteReaderAsync();
// unameReader.Read();
// username = unameReader["Username"].ToString();
// conn.Close();
//}
//catch (Exception)
//{
// error = new ErrorRootobject
// {
// error_code = "1004",
// msg = " Token does not exist "
// };
// serial = JsonConvert.SerializeObject(error);//将实体类序列化 为JSON字符串
// result = (JObject)JsonConvert.DeserializeObject(serial);//将JSON字符串反序列化为JObject对象
conn.Close();
// return result;
//}
var claimsPrincipal = JwtManager.GetPrincipal(acToken);
string name = "null";
if (claimsPrincipal != null)
{
name = claimsPrincipal.Identity.Name.ToString();
}
else
{
error = new ErrorRootobject
{
ReturnCode = "0012",
msg = "Token Expire" //令牌过期
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 更新信息
command = conn.CreateCommand();
conn.Open();
query = "UPDATE Users "
+ " SET email = '" + email + "', "
+ " phonenum = '" + phonenum + "', "
+ " Sex = '" + sex + "' "
+ " WHERE Username = '******'";
command.CommandText = query;
try
{
DbDataReader BindingReader = await command.ExecuteReaderAsync();
error = new ErrorRootobject
{
ReturnCode = "0000",
msg = "Update success"
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
conn.Close();
BindingReader.Dispose(); //释放资源
}
catch (Exception)
{
//绑定失败
error = new ErrorRootobject
{
ReturnCode = "0012",
msg = "Update failed"
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
conn.Close();
}
#endregion
return(result);
}
public async Task <JObject> PostAsync([FromBody] object value)
{
#region 注销检测
string token = JwtManager.GetRequestTokenString(Request);
var redis = RedisHelper.GetRedisHelper();
if (!redis.SignInCheck(token))
{
return(null);//返回错误信息提示重新登录
}
#endregion
#region 变量声明以及初始化
JObject jObject = (JObject)value;
JObject result;
string acToken;
string subServerId;;
string username = "******";
bool acTokenDanger = false;
bool macDanger = false;
bool macAvailable = false;
ErrorRootobject error = new ErrorRootobject
{
ReturnCode = "0001",
msg = "JSON format error"
};
string serial = JsonConvert.SerializeObject(error);
result = (JObject)JsonConvert.DeserializeObject(serial);
#endregion
#region 获取JSON内容
try
{
acToken = jObject["actoken"].ToString();
subServerId = jObject["subserverId"].ToString();
acTokenDanger = Regex.IsMatch(acToken, @"[|;|,|\/|||||\}|\{|%|@|\*|!|\']");//排查危险字符
macDanger = Regex.IsMatch(subServerId, @"[|;|,|\/|||||\}|\{|%|@|\*|!|\']");
macAvailable = true;
}
catch (Exception)
{
error.ReturnCode = "1001";
error.msg = "JSON format is incorrect";
serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 检查危险字符
if (acTokenDanger)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "1003",
msg = "Token contains dangerous characters "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
if (macDanger)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "1002",
msg = "MAC contains dangerous characters "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 检查MAC是否合格
if (!macAvailable)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "1011",
msg = "MAC is not available "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 查询Token是否有效
var conn = anJiaContext.Database.GetDbConnection();
conn.Open();
var command = conn.CreateCommand();
string query = "SELECT Username "
+ "FROM Users "
+ "WHERE AccessToken = '" + acToken + "'";
command.CommandText = query;
try
{
DbDataReader unameReader = await command.ExecuteReaderAsync();
unameReader.Read();//Read must be called first
username = unameReader["Username"].ToString();
conn.Close();
}
catch (Exception)
{
conn.Close();
error = new ErrorRootobject
{
ReturnCode = "1004",
msg = " Invalid access_Token "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 查询MAC是否已经被绑定
//查询MAC是否匹配有Username保证了一个MAC只对应一个User
conn = anJiaContext.Database.GetDbConnection();
conn.Open();
command = conn.CreateCommand();
query = "SELECT Username"
+ " FROM UserToSubserver "
+ "WHERE SubserverID = '" + subServerId + "'";
command.CommandText = query;
DbDataReader BindedReader = await command.ExecuteReaderAsync();
if (BindedReader.HasRows)
{
//如果查询到被绑定
//我担心会查出一个MAC地址绑定了多个用户的情况
//后期可以设置让MAC地址为主键
BindedReader.Read();
string buser = BindedReader["Username"].ToString();
error.ReturnCode = "1005";
error.msg = " This Subserver is owned by " + buser;
serial = JsonConvert.SerializeObject(error);
result = (JObject)JsonConvert.DeserializeObject(serial);
conn.Close();//关闭连接
return(result);
}
conn.Close();
#endregion
#region 绑定MAC
conn.Open();
string UTSBindingTime = DateTime.Now.ToString("yyyy-MM-dd") + " " + DateTime.Now.TimeOfDay.ToString();
query = "INSERT INTO UserToSubserver (SubServerID, UTSBindingTime,Username)"
+ "VALUES( '"
+ subServerId + "', '"
+ UTSBindingTime + "', '"
+ username
+ "' ) ";
command.CommandText = query;
try
{
DbDataReader BindingReader = await command.ExecuteReaderAsync();
error = new ErrorRootobject
{
ReturnCode = "0008",
msg = "SubServer binding success"
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
conn.Close();
BindingReader.Dispose(); //释放资源
}
catch (Exception)
{
//绑定失败
error = new ErrorRootobject
{
ReturnCode = "0009",
msg = "SubServer binding failed"
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
conn.Close();
}
#endregion
return(result);
}
public async Task <JObject> PostAsync([FromBody] object value)
{
#region 变量声明以及初始化
string username = "******";
string password = "******";
string email = "email";
string phonenum = "phonenum";
string sex = "sex";
JObject regform = (JObject)value; //接收注册表单
JObject result; //返回结果
ErrorRootobject error = new ErrorRootobject();
error.ReturnCode = "00001";
error.msg = "JSON format error";
string serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
#endregion
#region 检查表单必填项
try
{
username = regform["username"].ToString();
password = regform["password"].ToString();
email = regform["email"].ToString();
phonenum = regform["phonenum"].ToString();
sex = regform["sex"].ToString();
}
catch (Exception)
{
error.ReturnCode = "0009";
error.msg = "JSON format error";
serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
if (username == "" || password == "")
{
error.ReturnCode = "00009";
error.msg = "Username or password can not be null";
serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 检查危险字符
bool unameDanger = Regex.IsMatch(username, @"[-|;|,|\/|||||\}|\{|%|@|\*|!|\']");
bool pwdDanger = Regex.IsMatch(username, @"[-|;|,|\/|||||\}|\{|%|@|\*|!|\']");
bool emailCheck = Regex.IsMatch(email, @"^[a-zA-Z0-9_-]+@[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+$"); //检查邮箱格式
bool phonnumCheck = Regex.IsMatch(phonenum, @"^1[3|4|5|7|8][0-9]{9}$"); //检查手机号格式
if (unameDanger)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "0002",
msg = "Username contains dangerous characters "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
if (pwdDanger)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "0003",
msg = "Password contains dangerous characters "
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
if (!emailCheck)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "0006",
msg = "The e-mail address format is incorrect"
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
if (!phonnumCheck)
{
//失败后返回错误原因:
error = new ErrorRootobject
{
ReturnCode = "0007",
msg = "The phone number format is incorrect"
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 查询用户名是否存在
var conn = anJiaContext.Database.GetDbConnection();
conn.Open();
var command = conn.CreateCommand();
string query = "SELECT Username "
+ "FROM Users "
+ "WHERE Username = '******'";
command.CommandText = query;
DbDataReader unameReader = await command.ExecuteReaderAsync();
//用户名存在
if (unameReader.HasRows)
{
//用户名已经被注册
error = new ErrorRootobject
{
ReturnCode = "0008",
msg = "Username has been registered"
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
conn.Close();
unameReader.Dispose(); //释放资源
return(result);
}
#endregion
conn.Close();
#region 注册用户
conn.Open();
string registDate = DateTime.Now.ToString("yyyy-MM-dd") + " " + DateTime.Now.TimeOfDay.ToString();
query = "INSERT INTO Users (Email, Password, Phonenum, RegistDate, Sex, Username)"
+ "VALUES( '"
+ email + " ' , '"
+ password + " ' , '"
+ phonenum + " ' , '"
+ registDate + " ' , '"
+ sex + " ' , '"
+ username + " ' ) ";
command.CommandText = query;
try
{
DbDataReader reader = await command.ExecuteReaderAsync();//默认值
error = new ErrorRootobject
{
ReturnCode = "0000",
msg = "Register Successful"
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
conn.Close();
reader.Dispose(); //释放资源
}
catch (Exception)
{
conn.Close();
error = new ErrorRootobject
{
ReturnCode = "0011",
msg = "Registration failed"
};
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
//密码匹配之后返回J
#endregion
return(result);
}
public async Task <JObject> Get(string username)
{
#region 变量声明以及初始化
JObject result;//返回结果
StringValues JwtBearer;
Request.Headers.TryGetValue("Authorization", out JwtBearer);
string JwtBearerString = JwtBearer.ToString();
string[] sArray = JwtBearerString.Split(' ');
string acToken = sArray[1]; //分离出Token
var claimsPrincipal = JwtManager.GetPrincipal(acToken); //对Token
string uname = claimsPrincipal.Identity.Name.ToString(); //获取用户名
ErrorRootobject error = new ErrorRootobject
{
ReturnCode = "00001",
msg = "JSON format error"
};
string serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
username = "******";
if (uname != username)//提交的用户名与Token不匹配
{
ErrorRootobject error1 = new ErrorRootobject
{
ReturnCode = "00001",
msg = "User and Token mismatch"
};
string serial1 = JsonConvert.SerializeObject(error1); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial1); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 检查表单
try
{
}
catch
{
error.ReturnCode = "00001";
error.msg = "JSON format error";
serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 用户名以及密码的判空
if (username == "")
{
error.ReturnCode = "00009";
error.msg = "Username can not be null";
serial = JsonConvert.SerializeObject(error); //将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 用户名以及密码的危险字符检查
//排查危险字符
bool unameDanger = Regex.IsMatch(username, @"[-|;|,|\/|||||\}|\{|%|@|\*|!|\']");
if (unameDanger)
{
//失败后返回错误原因:
error = new ErrorRootobject();
error.ReturnCode = "0002";
error.msg = "Username contains dangerous characters ";
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
return(result);
}
#endregion
#region 查询用户信息
var conn = anJiaContext.Database.GetDbConnection();
conn.Open();
var command = conn.CreateCommand();
string query = "SELECT Username,Email, Phonenum, RegistDate, Sex, Username"
+ "FROM Users "
+ "WHERE Username = '******'";
command.CommandText = query;
DbDataReader reader = await command.ExecuteReaderAsync();
if (reader.HasRows)
{
conn.Close();//关闭连接
reader.Read();
username = reader["Username"].ToString();
string Email = reader["Email"].ToString();
string Phonenum = reader["Phonenum"].ToString();
string RegistDate = reader["RegistDate"].ToString();
var redis = RedisHelper.GetRedisHelper();
error = new ErrorRootobject
{
ReturnCode = "0010",
msg = "Token failed to get"
};
// serial = JsonConvert.SerializeObject(actoken);//将实体类序列化为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial);//将JSON字符串反序列化为JObject对象
}
else
{
conn.Close();
//密码不匹配返回错误原因:
error = new ErrorRootobject();
error.ReturnCode = "0005";
error.msg = "Incorrect username or password";
serial = JsonConvert.SerializeObject(error); //将实体类序列化 为JSON字符串
result = (JObject)JsonConvert.DeserializeObject(serial); //将JSON字符串反序列化为JObject对象
}
reader.Dispose(); //释放资源
#endregion
return(result);
}
