/// <summary>
/// Output file by table name, field name and primary key
/// </summary>
/// <returns>Action result</returns>
public async Task <IActionResult> GetFile(string table, string field, string recordkey)
{
// Get parameters
string sessionId = Get("session");
bool resize = Get <bool>("resize");
int width = Get <int>("width");
int height = Get <int>("height");
bool download = Query.TryGetValue("download", out StringValues d) ? ConvertToBool(d) : true; // Download by default
if (width == 0 && height == 0 && resize)
{
width = Config.ThumbnailDefaultWidth;
height = Config.ThumbnailDefaultHeight;
}
// Get table object
string tableName = "";
dynamic tbl = null;
if (!Empty(table))
{
tbl = CreateTable(table);
tableName = tbl.Name;
}
if (Empty(tableName) || Empty(field) || Empty(recordkey))
{
return(JsonBoolResult.FalseResult);
}
bool validRequest = false;
if (Security == null)
{
Security = new AdvancedSecurity();
}
if (Security.IsLoggedIn)
{
Security.TablePermission_Loading();
}
Security.LoadCurrentUserLevel(Config.ProjectId + tableName);
if (Security.IsLoggedIn)
{
Security.TablePermission_Loaded();
}
validRequest = Security.CanList || Security.CanView || Security.CanDelete; // With permission
if (validRequest)
{
Security.UserID_Loading();
await Security.LoadUserID();
Security.UserID_Loaded();
}
// Reject invalid request
if (!validRequest)
{
return(JsonBoolResult.FalseResult);
}
return(await tbl.GetFileData(field, recordkey, resize, width, height));
}
/// <summary>
/// Output file by file name
/// </summary>
/// <returns>Action result</returns>
public IActionResult GetFile(string fn)
{
// Get parameters
string sessionId = Get("session");
bool resize = Get <bool>("resize");
int width = Get <int>("width");
int height = Get <int>("height");
bool download = Query.TryGetValue("download", out StringValues d) ? ConvertToBool(d) : true; // Download by default
if (width == 0 && height == 0 && resize)
{
width = Config.ThumbnailDefaultWidth;
height = Config.ThumbnailDefaultHeight;
}
if (Security == null)
{
Security = new AdvancedSecurity();
}
bool validRequest = Security.IsLoggedIn; // Logged in
// Reject invalid request
if (!validRequest)
{
return(JsonBoolResult.FalseResult);
}
// If using session (internal request), file path is always encrypted.
// If not (external request), DO NOT support external request for file path.
string key = Config.RandomKey + sessionId;
fn = (UseSession) ? Decrypt(fn, key) : "";
if (FileExists(fn))
{
Response.Clear();
string ext = Path.GetExtension(fn).Replace(".", "").ToLower();
string ct = ContentType(fn);
if (Config.ImageAllowedFileExtensions.Contains(ext, StringComparer.OrdinalIgnoreCase))
{
if (width > 0 || height > 0)
{
return(Controller.File(ResizeFileToBinary(fn, ref width, ref height), ct, Path.GetFileName(fn)));
}
else
{
return(Controller.PhysicalFile(fn, ct, Path.GetFileName(fn)));
}
}
else if (Config.DownloadAllowedFileExtensions.Contains(ext, StringComparer.OrdinalIgnoreCase))
{
return(Controller.PhysicalFile(fn, ct, Path.GetFileName(fn)));
}
}
return(JsonBoolResult.FalseResult);
}
public async Task <IActionResult> Post([FromForm] LoginModel model)
{
// User profile
Profile = new UserProfile();
// Security
Security = new AdvancedSecurity();
// As an example, AuthService.CreateToken can return Jose.JWT.Encode(claims, YourTokenSecretKey, Jose.JwsAlgorithm.HS256);
if (await Security.ValidateUser(model, false))
{
return(Ok(new { JWT = Security.JwtToken }));
}
return(BadRequest("Invalid username or password!"));
}
public async Task <IActionResult> Post([FromForm] LoginModel model)
{
// User profile
Profile = new UserProfile();
// Security
Security = new AdvancedSecurity();
bool validPwd = await Security.ValidateUser(model, false);
// As an example, AuthService.CreateToken can return Jose.JWT.Encode(claims, YourTokenSecretKey, Jose.JwsAlgorithm.HS256);
if (validPwd)
{
return(Ok(new { JWT = BuildToken(model.Username, Security.CurrentUserID, Security.CurrentParentUserID, Security.CurrentUserLevelID) }));
}
else
{
return(BadRequest("Invalid username or password!"));
}
}
