public JsonReturn GetBlogList([FromQuery] long authorID, [FromQuery] int pageNo, [FromQuery] int pageSize) { if (pageNo < 1) { pageNo = 1; } if (pageSize < 5) { pageSize = 5; } var skipRows = (pageNo - 1) * pageSize; var blogList = from blog in dbc.Blog where blog.BlogAuthorID == authorID orderby blog.BlogID select new { blog.BlogTitle, blog.BlogID, blog.BlogCreateTime }; var blogNum = blogList.Count(); if (blogNum > skipRows || pageNo == 1) { blogList = blogList.Skip(skipRows).Take(pageSize); var blogListStr = JsonConvert.SerializeObject(blogList); var blogListInfo = new JObject() { ["BlogNum"] = blogNum, ["BlogList"] = JArray.Parse(blogListStr) }; return(JsonReturn.ReturnSuccess(blogListInfo)); } else { return(JsonReturn.ReturnFail("页码超出范围!")); } }
public JsonReturn GetBlog([FromQuery] long id) { var blog = dbc.Blog.Find(id); if (blog == null) { return(JsonReturn.ReturnFail("该日志不存在!")); } if ((blog.BlogPrivacy & 0b10) != 0 && Convert.ToInt64(Request.Cookies["id"]) != blog.BlogAuthorID) { return(JsonReturn.ReturnFail("你无权访问该日志!")); }
public JsonReturn Login(string username, string password) { username = HTMLEntity.XSSConvert(username); var domain = new HttpParser(HttpContext).GetDomain(); UserEntity u = (from lu in dbc.User where lu.Name == username select lu).FirstOrDefault(); if (u == null) { return(JsonReturn.ReturnFail(-1, "该用户不存在!")); } string salt = u.Salt; string passHash = HashStr(salt + password + salt + username); if (u.Pass != passHash) { return(JsonReturn.ReturnFail(-2, "密码错误!")); } else { if (u.Token == null) { string token = HashStr(password + DateTime.Now.ToString() + username); u.Token = token; u.ExpireTime = DateTime.Now.AddMonths(1); dbc.SaveChanges(); } string ip = new HttpParser(HttpContext).GetIPAddr(); var loginIpDic = u.LoginIP; if (!loginIpDic.ContainsKey(ip) || loginIpDic[ip] == false) { if (!loginIpDic.ContainsKey(ip)) { loginIpDic.Add(ip, false); u.LoginIP = loginIpDic; dbc.SaveChangesAsync(); } //TODO: 陌生ip登录,进行身份验证 } Response.Cookies.Append("username", username, new CookieOptions { Domain = domain, Expires = DateTime.Now.AddMonths(1) }); Response.Cookies.Append("token", u.Token, new CookieOptions { Domain = domain, Expires = DateTime.Now.AddMonths(1) }); Response.Cookies.Append("id", u.UserID.ToString(), new CookieOptions { Domain = domain, Expires = DateTime.Now.AddMonths(1) }); return(JsonReturn.ReturnSuccess()); } }
public JsonReturn Register([FromForm] string username, [FromForm] string password) { username = XSSConvert(username); string salt = HashStr(username + DateTime.Now.ToString()); string passHash = HashStr(salt + password + salt + username); string ip = new HttpParser(HttpContext).GetIPAddr(); var loginIPDic = new Dictionary <string, bool>(); loginIPDic.Add(ip, true); UserEntity u = new UserEntity { Name = username, Pass = passHash, Salt = salt, LoginIP = loginIPDic }; try { dbc.User.Add(u); dbc.SaveChanges(); } catch (Exception e) { return(JsonReturn.ReturnFail("Username already exists!")); } return(JsonReturn.ReturnSuccess()); }
public ActionResult SaveQuizPic() { const string picBasePath = "/home/duoyi/file/pics"; if (!Directory.Exists(picBasePath)) { Directory.CreateDirectory(picBasePath); } var file = Request.Form.Files.FirstOrDefault(); if (file == null) { return(JsonReturn.ReturnFail("File is not exist!")); } var fileNameSplit = file.FileName.Split("."); var splitCount = fileNameSplit.Count(); var fileExt = fileNameSplit[splitCount - 1]; var fileNameBody = file.FileName.Replace($".{fileExt}", ""); var newBody = fileNameBody; int duplicate = 0; string filePath = $"{picBasePath}/{newBody}.{fileExt}"; if (System.IO.File.Exists(filePath)) { newBody = $"{fileNameBody}{duplicate}"; filePath = $"{picBasePath}/{newBody}.{fileExt}"; duplicate++; } FileStream fs = System.IO.File.Create(filePath); file.CopyTo(fs); fs.Flush(); fs.Dispose(); return(JsonReturn.ReturnSuccess(data: new JObject() { ["src"] = $"/file/pics/{newBody}.{fileExt}", ["title"] = "uploadpic" })); }
public JsonReturn Login([FromForm] string username, [FromForm] string password) { username = XSSConvert(username); var domain = new HttpParser(HttpContext).GetDomain(); UserEntity u = (from lu in dbc.User where lu.Name == username select lu).FirstOrDefault(); if (u == null) { return(JsonReturn.ReturnFail(-1, "Wrong username or password!")); } string salt = u.Salt; string passHash = HashStr(salt + password + salt + username); if (u.Pass != passHash) { return(JsonReturn.ReturnFail(-1, "Wrong username or password!")); } else { if (u.Token == null) { string token = HashStr(password + DateTime.Now.ToString() + username); u.Token = token; u.ExpireTime = DateTime.Now.AddMonths(1); dbc.SaveChanges(); } Response.Cookies.Append("username", username, new CookieOptions { Domain = domain, Expires = DateTime.Now.AddMonths(1) }); Response.Cookies.Append("token", u.Token, new CookieOptions { Domain = domain, Expires = DateTime.Now.AddMonths(1) }); Response.Cookies.Append("id", u.UserID.ToString(), new CookieOptions { Domain = domain, Expires = DateTime.Now.AddMonths(1) }); return(JsonReturn.ReturnSuccess()); } }
protected override void LoginFail(ActionExecutingContext context) { context.Result = JsonReturn.ReturnFail(-3, "Illegal API access!"); }
protected override void LoginFail(ActionExecutingContext context) { context.Result = JsonReturn.ReturnFail(-3, "你没有权限访问此模块!"); }
public IActionResult Api500() => JsonReturn.ReturnFail(500, "该接口出现内部错误,无法访问!");
public IActionResult Api404() => JsonReturn.ReturnFail(404, "该接口不存在!");