public IHttpActionResult Login(author author)
{
try
{
if (author == null || string.IsNullOrWhiteSpace(author.login) || string.IsNullOrWhiteSpace(author.password))
{
return(Json(new { errorMessage = "Nie wprowadzono loginu lub hasła", loginSuccess = false }));
}
if (db.author.Any(x => x.login == author.login))
{
string hashedPassword = db.author.FirstOrDefault(x => x.login == author.login).password;
long authorId = db.author.FirstOrDefault(x => x.login == author.login).author_id;
if (PasswordHelper.VerifyPassword(author.password, hashedPassword))
{
string token = JWTHelper.GenerateToken(author.login);
return(Json(new { loginSuccess = true, token = token, author = author.login, authorId = authorId }));
}
else
{
return(Json(new { errorMessage = "Błędny login lub hasło", loginSuccess = false }));
}
}
else
{
return(Json(new { errorMessage = "Błędny login lub hasło", loginSuccess = false }));
}
}
catch (Exception e)
{
return(Json(new { errorMessage = "Wystąpił błąd. Przepraszamy za kłopoty techniczne", loginSuccess = false }));
}
}
public IActionResult DeleteUser(string tokenValue)
{
DBHelper dBHelper = new DBHelper();
////获取到ID 和用户类型
Users fromTokenUser = JWTHelper.GetUsers(tokenValue);
if (fromTokenUser.UserType == null)
{
return(BadRequest("userType类型错误!"));
}
if (fromTokenUser.UserType == "ADMIN")
{
return(BadRequest("试图删除管理员!"));
}
//创建删除必要元素
string sqlDelete = "DELETE FROM " + fromTokenUser.UserType + " WHERE ID=:ID";
OracleParameter[] parametersDelete =
{ new OracleParameter(":ID", OracleDbType.Long, 10) };
parametersDelete[0].Value = fromTokenUser.UserID;
//执行删除
dBHelper.ExecuteNonQuery(sqlDelete, parametersDelete);
return(Ok("注销成功!"));
}
public LoginResultModel Authenticate(JWTInfoModel loginInfo)
{
var loginResult = new LoginResultModel();
var userlogin = DataTest.UserList.FirstOrDefault(x => x.Username.ToUpper() == loginInfo.Username.ToUpper() && x.Password == loginInfo.Password);
if (userlogin == null)
{
loginResult.Status = LoginStatus.Fail.ToString();
}
else
{
var role = DataTest.RoleList.FirstOrDefault(x => x.Id == userlogin.RoleId);
var listPermission = DataTest.PermissionList.Where(x => x.RoleId == userlogin.RoleId)
.Select(x => x.Function)
.ToList();
loginInfo.RoleId = userlogin.RoleId;
var jwtToken = JWTHelper.BuildToken(loginInfo);
loginResult.Status = LoginStatus.Success.ToString();
loginResult.Username = userlogin.Username;
loginResult.Role = role;
loginResult.Permissions = listPermission;
loginResult.AccessToken = jwtToken;
}
return(loginResult);
}
public AuthController(SignInManager <IdentityUser> SignInManager, UserManager <IdentityUser> UserManager, IOptions <AppSettings> AppSettings)
{
this.SignInManager = SignInManager;
this.UserManager = UserManager;
this.AppSettings = AppSettings.Value;
this.JWTHelper = new JWTHelper(this.UserManager, this.AppSettings);
}
public LoginController(IConfiguration config, PhotoboxDB database)
{
_config = config;
_database = database;
_pwHelper = new PasswordHelper();
_jwtHelper = new JWTHelper(config);
}
public async Task <IActionResult> GetShoppingCart()
{
try
{
string token = Request.Headers.FirstOrDefault(h => h.Key == "Authorization").Value;
Guid userID = new Guid(JWTHelper.GetClaimData(token.Remove(0, token.LastIndexOf(' ') + 1), ClaimsTypeConst.ID));
ShoppingCart cart = await this.cartManager.GetShoppingCartAsync(userID);
if (cart == null)
{
this.responseStatus = new ResponseStatusModel {
Success = true, Message = "Shopping Cart is empty.", Code = 204
};
return(NoContent());
}
this.responseStatus = new ResponseStatusModel {
Success = true
};
return(Ok(new { ResponseStatus = this.responseStatus, Cart = cart }));
}
catch (ArgumentException ex)
{
this.responseStatus = new ResponseStatusModel {
Success = true, Message = ex.Message, Code = 204
};
return(NoContent());
}
}
public override async Task OnActionExecuting(ActionExecutingContext context)
{
try
{
var req = context.HttpContext.Request;
string token = req.GetToken();
if (token.IsNullOrEmpty())
{
context.Result = Error("缺少token", _errorCode, AppId);
return;
}
if (!JWTHelper.CheckToken(token, JwtKey) && !IsQuickDebug)
{
context.Result = Error("token校验失败!", _errorCode, AppId);
return;
}
var payload = JWTHelper.GetPayload <JWTPayload>(token);
if (payload.Expire < DateTime.Now)
{
context.Result = Error("token过期!", _errorCode, AppId);
return;
}
if (AppId != payload.AppId && !IsQuickDebug)
{
context.Result = Error("token访问了错误的的应用", _errorCode, AppId);
return;
}
}
catch (Exception ex)
{
context.Result = Error(ex.Message, _errorCode, AppId);
}
await Task.CompletedTask;
}
public IActionResult Authenticate([FromBody] CredentialsViewModel creds)
{
HttpResponseMessage responseMsg = new HttpResponseMessage();
HttpContext context = HTTPContextHelper.HttpContext;
bool isUsernamePasswordValid = false;
String username = creds.UserName;
String password = creds.Password;
if (username != null && !String.IsNullOrWhiteSpace(username))
{
isUsernamePasswordValid = password == "1" ? true : false;
}
// if credentials are valid
if (isUsernamePasswordValid)
{
string token = JWTHelper.CreateToken(username);
//return the auth
OkObjectResult auth = new OkObjectResult(new
{
auth_token = token
});
return(auth);
}
else
{
// if credentials are not valid send unauthorized status code in response
return(Unauthorized());
}
}
/// <summary>
/// 根据token获取用户
/// </summary>
/// <param name="token"></param>
/// <returns></returns>
public async Task <UserModel> GetUserByToken(string token)
{
try
{
var tokenModel = JWTHelper.SerializeJwt(token);
var userentity = await _dal.QueryAsync(tokenModel.Uid);
var usermodel = new UserModel {
LOGINNAME = userentity.Loginname, DUTY = userentity.Duty, ISSYSADMIN = userentity.Issysadmin, REALNAME = userentity.Realname, UNIT = userentity.Unit, UNITID = userentity.Unitid
};
TB_User_Role usertorole = await _userroledal.FindWhereAsync(u => u.Userid == userentity.Userid);
var role = await _roledal.FindWhereAsync(o => o.Roleid.Equals(usertorole.Roleid));
usermodel.roleName = role.RoleIdentity;
if (usertorole != null)
{
string sqlWher = $"MFlag in (select MFlag from TB_Role_Menu where roleid={usertorole.Roleid}) and Mvisible=1 order by SORT";
var menuList = await _menudal.SqlQueryAsync(sqlWher);
Dictionary <string, string> valuePairs = new Dictionary <string, string>();
foreach (DataRow item in menuList.Rows)
{
valuePairs.Add(item["MFlag"].ObjToString(), item["MNAME"].ObjToString());
}
usermodel.menudic = valuePairs;
}
return(usermodel);
}
catch (Exception ex)
{
throw;
}
}
public IActionResult Login([FromBody] User user)
{
// Checking mandatory fields
if (user == null || string.IsNullOrEmpty(user.Username) || string.IsNullOrEmpty(user.Password))
{
return(Json(new SimpleResponser {
Success = false, Message = "Username and password are mandatory."
}));
}
// Checking the user
user.Password = CryptoHelper.GenerateSHA512String(user.Password);
User fullUser = userRepository.GetUserByCredentials(user.Username, user.Password);
if (fullUser == null)
{
return(Json(new SimpleResponser {
Success = false, Message = "The crediantials are incorrect."
}));
}
// Generating the token
string token = JWTHelper.CreateToken(fullUser.IdUser, authOptions.Value.Secret);
return(Json(new ComplexResponser <string> {
Success = true, Message = "User loged correctly.", Result = token
}));
}
