/// <summary> /// Output file by table name, field name and primary key /// </summary> /// <returns>Action result</returns> public async Task <IActionResult> GetFile(string table, string field, string recordkey) { // Get parameters string sessionId = Get("session"); bool resize = Get <bool>("resize"); int width = Get <int>("width"); int height = Get <int>("height"); bool download = Query.TryGetValue("download", out StringValues d) ? ConvertToBool(d) : true; // Download by default if (width == 0 && height == 0 && resize) { width = Config.ThumbnailDefaultWidth; height = Config.ThumbnailDefaultHeight; } // Get table object string tableName = ""; dynamic tbl = null; if (!Empty(table)) { tbl = CreateTable(table); tableName = tbl.Name; } if (Empty(tableName) || Empty(field) || Empty(recordkey)) { return(JsonBoolResult.FalseResult); } bool validRequest = false; if (Security == null) { Security = new AdvancedSecurity(); } if (Security.IsLoggedIn) { Security.TablePermission_Loading(); } Security.LoadCurrentUserLevel(Config.ProjectId + tableName); if (Security.IsLoggedIn) { Security.TablePermission_Loaded(); } validRequest = Security.CanList || Security.CanView || Security.CanDelete; // With permission if (validRequest) { Security.UserID_Loading(); await Security.LoadUserID(); Security.UserID_Loaded(); } // Reject invalid request if (!validRequest) { return(JsonBoolResult.FalseResult); } return(await tbl.GetFileData(field, recordkey, resize, width, height)); }
/// <summary> /// Output file by file name /// </summary> /// <returns>Action result</returns> public IActionResult GetFile(string fn) { // Get parameters string sessionId = Get("session"); bool resize = Get <bool>("resize"); int width = Get <int>("width"); int height = Get <int>("height"); bool download = Query.TryGetValue("download", out StringValues d) ? ConvertToBool(d) : true; // Download by default if (width == 0 && height == 0 && resize) { width = Config.ThumbnailDefaultWidth; height = Config.ThumbnailDefaultHeight; } if (Security == null) { Security = new AdvancedSecurity(); } bool validRequest = Security.IsLoggedIn; // Logged in // Reject invalid request if (!validRequest) { return(JsonBoolResult.FalseResult); } // If using session (internal request), file path is always encrypted. // If not (external request), DO NOT support external request for file path. string key = Config.RandomKey + sessionId; fn = (UseSession) ? Decrypt(fn, key) : ""; if (FileExists(fn)) { Response.Clear(); string ext = Path.GetExtension(fn).Replace(".", "").ToLower(); string ct = ContentType(fn); if (Config.ImageAllowedFileExtensions.Contains(ext, StringComparer.OrdinalIgnoreCase)) { if (width > 0 || height > 0) { return(Controller.File(ResizeFileToBinary(fn, ref width, ref height), ct, Path.GetFileName(fn))); } else { return(Controller.PhysicalFile(fn, ct, Path.GetFileName(fn))); } } else if (Config.DownloadAllowedFileExtensions.Contains(ext, StringComparer.OrdinalIgnoreCase)) { return(Controller.PhysicalFile(fn, ct, Path.GetFileName(fn))); } } return(JsonBoolResult.FalseResult); }
public async Task <IActionResult> Post([FromForm] LoginModel model) { // User profile Profile = new UserProfile(); // Security Security = new AdvancedSecurity(); // As an example, AuthService.CreateToken can return Jose.JWT.Encode(claims, YourTokenSecretKey, Jose.JwsAlgorithm.HS256); if (await Security.ValidateUser(model, false)) { return(Ok(new { JWT = Security.JwtToken })); } return(BadRequest("Invalid username or password!")); }
public async Task <IActionResult> Post([FromForm] LoginModel model) { // User profile Profile = new UserProfile(); // Security Security = new AdvancedSecurity(); bool validPwd = await Security.ValidateUser(model, false); // As an example, AuthService.CreateToken can return Jose.JWT.Encode(claims, YourTokenSecretKey, Jose.JwsAlgorithm.HS256); if (validPwd) { return(Ok(new { JWT = BuildToken(model.Username, Security.CurrentUserID, Security.CurrentParentUserID, Security.CurrentUserLevelID) })); } else { return(BadRequest("Invalid username or password!")); } }