public TusrmstResultApiViewModel(Tusrmst data)
{
this.CompCd = data.CompCd;
this.StoreCd = data.StoreCd;
if (data.RoleId == "Admin")
{
this.RoleID = RoleType.Admin;
}
else if (data.RoleId == "Admin_Zo")
{
this.RoleID = RoleType.Admin_Zo;
}
else if (data.RoleId == "TeamLeader")
{
this.RoleID = RoleType.TeamLeader;
}
else if (data.RoleId == "CM")
{
this.RoleID = RoleType.CM;
}
else if (data.RoleId == "Store")
{
this.RoleID = RoleType.Store;
}
this.Enable = data.IdSts;
this.Account = data.UserId;
this.Name = data.UserName;
this.RoleIDName = data.TSYSROL.RoleName;
}
public StoreUserApiViewModel(Tusrmst data, Tstrmst store)
{
//this.CompName = store.TZOCODE?.TCMPDAT?.CompName;
this.StoreName = store.StoreName;
this.ZoName = store.ZoName;
this.CompCd = data.CompCd;
this.StoreCd = data.StoreCd;
this.UserName = data.UserName;
this.UserId = data.UserId;
}
public override void OnAuthorization(HttpActionContext actionContext)
{
// var token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3VzZXJkYXRhIjoie1xyXG4gIFwiJGlkXCI6IFwiMVwiLFxyXG4gIFwiQ29tcENkXCI6IG51bGwsXHJcbiAgXCJDb21wU2hvcnRcIjogbnVsbCxcclxuICBcIlVzZXJJZFwiOiBcIkFtb25cIixcclxuICBcIlVzZXJOYW1lXCI6IG51bGwsXHJcbiAgXCJOaWNrbmFtZVwiOiBudWxsLFxyXG4gIFwiUm9sZUlkXCI6IG51bGwsXHJcbiAgXCJab0NkXCI6IG51bGwsXHJcbiAgXCJWZW5kZXJDZFwiOiBudWxsLFxyXG4gIFwiVmVuZGVyTmFtZVwiOiBudWxsLFxyXG4gIFwiU3RvcmVDZFwiOiBudWxsLFxyXG4gIFwiU3RvcmVOYW1lXCI6IG51bGwsXHJcbiAgXCJFbWFpbFwiOiBudWxsLFxyXG4gIFwiUGFzc3dvcmRcIjogXCIxMjg3NjI2NlwiLFxyXG4gIFwiVGVsTm9cIjogbnVsbCxcclxuICBcIkZheE5vXCI6IG51bGwsXHJcbiAgXCJNb2JpbGVUZWxcIjogbnVsbCxcclxuICBcIklkU3RzXCI6IGZhbHNlLFxyXG4gIFwiQ3JlYXRlX1VzZXJcIjogbnVsbCxcclxuICBcIkNyZWF0ZV9EYXRlXCI6IFwiMDAwMS0wMS0wMVQwMDowMDowMFwiLFxyXG4gIFwiVXBkYXRlX1VzZXJcIjogbnVsbCxcclxuICBcIlVwZGF0ZV9EYXRlXCI6IG51bGwsXHJcbiAgXCJUb2tlblwiOiBudWxsLFxyXG4gIFwiRGV2aWNlSURcIjogXCJub25lXCIsXHJcbiAgXCJSZWdpc3RyYXRpb25JRFwiOiBudWxsLFxyXG4gIFwiUGFnZUF1dGhcIjogbnVsbCxcclxuICBcIlJvbGVBdXRoXCI6IG51bGwsXHJcbiAgXCJVc2VyUGFnZUF1dGhcIjoge30sXHJcbiAgXCJEYXRhUmFuZ2VcIjogbnVsbFxyXG59IiwibmJmIjoxNDk2MjQzNTI5LCJleHAiOjE1Mjc3Nzk1MjksImlhdCI6MTQ5NjI0MzUyOSwiaXNzIjoic2VsZiIsImF1ZCI6Imh0dHBzOi8vd3d3Lm15d2Vic2l0ZS5jb20ifQ.1ykpD48w49nVa2zcZnMh-edk-eYHckL1m33miY0Sp24";
var token = HttpUtility.ParseQueryString(actionContext.Request.RequestUri.Query).Get("token");
if (token == null)
{
actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
}
else
{
var tokenHandler = new JwtSecurityTokenHandler();
var securityKey = GetBytes("anyoldrandomtext");
var validationParameters = new TokenValidationParameters()
{
ValidAudience = "https://www.mywebsite.com",
ValidateLifetime = true,
IssuerSigningKeys = new List <SecurityKey> {
new SymmetricSecurityKey(securityKey)
},
ValidAudiences = new List <string> {
"https://www.mywebsite.com"
},
ValidIssuer = "self"
};
try
{
SecurityToken securityToken;
var principal = tokenHandler.ValidateToken(token, validationParameters, out securityToken);
var userData = principal.Claims.FirstOrDefault();
if (userData != null)
{
//解析token
var input = JsonConvert.DeserializeObject <UserBase>(userData.Value);
var con = new Conditions <DataBase.TUSRMST>();
var password = Identity.ClearPassword.GetMd5Hash(input.Password.ToUpper()).ToUpper();
con.And(x => x.User_Id == input.UserId &&
x.TUSRDTL.Pass_Wd == password);
con.Include(x => x.TUSRDTL);
Tusrmst user = _usermstRepo.Get(con);
//查无使用者
if (user == null)
{
throw new Exception($"no find user info");
}
//使用者未審核通過
if (!user.IdSts)
{
throw new Exception($"user info is not IdSts");
}
// 裝置不同
if (user.DeviceID != input.DeviceID)
{
throw new Exception($"different device");
}
// 密碼修改
if (user.TUSRDTL.PassWd != password)
{
throw new Exception($"Password is changed");
}
var identity = new AspnetMvc.Models.PtcIdentity(
System.Threading.Thread.CurrentPrincipal.Identity,
new UserBase()
{
CompCd = user.CompCd, //公司代號
RoleId = user.RoleId, //角色
UserName = user.UserName, //使用者姓名
UserId = user.UserId, //使用者帳號
Password = input.Password, //使用者密碼
},
"phone",
null);
SetPrincipal(new GenericPrincipal(identity, null));
}
else
{
HandleUnauthorizedRequest(actionContext);
}
}
catch (Exception)
{
HandleUnauthorizedRequest(actionContext);
}
}
//base.OnAuthorization(actionContext);
}
/// <summary>
/// [server 更新使用者資訊]
/// </summary>
/// <param name="user"></param>
/// <param name="role"></param>
/// <returns></returns>
public bool Update(UserBase User, RoleAuth Role)
{
#region 找到對應的使用者
var uCon = new Conditions <DataBase.TUSRMST>();
uCon.And(x => x.Comp_Cd == User.CompCd &&
x.User_Id == User.UserId);
//uCon.Include(x => x.TSYSROL);
Tusrmst user = _userRepo.Get(uCon);
if (user == null)
{
throw new NullReferenceException($"[ERROR]=>找不到對應的使用者資訊,公司代號:{User.CompCd},使用者ID:{User.UserId}");
}
#endregion
#region 找到對應權限
var rCon = new Conditions <DataBase.TSYSROL>();
rCon.And(x => x.Comp_Cd == Role.CompCd &&
x.Role_Id == Role.RoleId);
RoleAuth role = _aspRoleRepo.Get(rCon);
if (role == null)
{
throw new NullReferenceException($"[ERROR]=>找不到對應的權限資訊,公司代號:{User.CompCd},權限ID:{User.RoleId}");
}
#endregion
#region 組合物件
List <AuthItem> pageAuth = CulcPageAuth(role.PageAuth, User.PageAuth);
user.RoleId = role.RoleId;
user.PageAuth = pageAuth != null?JsonConvert.SerializeObject(pageAuth) : string.Empty;
#endregion
#region 更新資料
uCon.Allow(x => x.Role_Id,
x => x.PageAuth);
if (!_userRepo.Update(uCon, user))
{
throw new Exception("[ERROR]=>更新使用者資訊失敗");
}
#endregion
return(true);
}