public JsonResult Signin(SigninVM viewModel)
{
var clientResult = new JsonData <MemberSessionVM>()
{
};
var encryptPassword = viewModel.Password.Trim().ToMD5();
var loginLogId = Guid.NewGuid();
services.Command((db) =>
{
db.Insert <LoginLog>(new LoginLog()
{
LogID = loginLogId,
Account = viewModel.Account.Trim(),
Password = StringHelper.EncryptPassword(viewModel.Password),
InTime = DateTime.Now,
Sucessed = false,
IPAddress = RequestHelper.IPAddress,
HttpMethod = Request.HttpMethod,
AjaxRequest = Request.IsAjaxRequest(),
MobileDevice = Request.Browser.IsMobileDevice,
Platform = Request.Browser.Platform,
Browser = Request.Browser.Type,
LogMemberID = default(Guid)
});
var query = db.Queryable <Member>();
Expression <Func <Member, bool> > whereExpr = u => u.Account == viewModel.Account.Trim() && u.Password == encryptPassword;
bool exit = query.Any(whereExpr);
if (exit)
{
var member = query.SingleOrDefault(whereExpr);
if (member.Enable && member.Pass)
{
db.Update <LoginLog>(new { Sucessed = true, member.MemberID }, u => u.LogID == loginLogId);
Mapper.Initialize(c => c.CreateMap <Member, MemberSessionVM>());
var memberVM = Mapper.Map <MemberSessionVM>(member);
memberVM.LogID = loginLogId;
Session[Keys.SessionKey] = memberVM;
clientResult.SetClientData("y", "登录成功", memberVM);
}
if (!member.Enable)
{
clientResult.SetClientData("n", "该账号已被禁用");
}
if (!member.Pass)
{
clientResult.SetClientData("n", "该账号还在审核中");
}
}
else
{
clientResult.SetClientData("n", "账号或密码错误");
}
});
return(Json(clientResult));
}
// GET: User
public ActionResult Signin()
{
SigninVM vm = new SigninVM();
if (TempData["Message"] != null)
{
vm.Message = (string)TempData["Message"];
}
return(View(vm));
}
public async Task <IActionResult> Authenticate([FromBody] SigninVM userParam)
{
if (await userService.ExistsUser(userParam.Email) == false)
{
return(NotFound());
}
var user = await userService.AuthenticateAsync(userParam.Email, userParam.Password);
if (user == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
return(Ok(user));
}
public async Task <IActionResult> Post(SigninVM model)
{
User _user = new User();
#region #1 帳密資訊驗證
if (model.ClientId == null)
{
return(new BadRequestObjectResult("invalid_clientid: Please provide 'Client ID'."));
}
var audience = db.Audiences.Where(x => x.AudienceId == model.ClientId);
if (audience == null)
{
return(new BadRequestObjectResult($"invalid_clientid: Client ID '{model.ClientId}' is isvalid."));
}
//取得 Jwt 過程中的帳號與密碼驗證
if (string.IsNullOrEmpty(model.Account) || string.IsNullOrEmpty(model.Password))
{
return(new BadRequestObjectResult($"invalid_clientid: Account or password is incorrect."));
}
else
{
_user = db.Users.Single(x => x.Account == model.Account && x.Password == model.Password);
//使用者資訊驗證
if (_user == null)
{
return(new BadRequestObjectResult($"invalid_clientid: Account or password is incorrect."));
}
}
#endregion
#region #2 資訊驗證成功,建立 Identity
//取出帳號所屬角色資訊
List <Claim> role_claim = new List <Claim>();
if (_user.Roles != null && _user.Roles.Count() > 0)
{
foreach (var r in _user.Roles)
{
role_claim.Add(new Claim(ClaimTypes.Role, r));
}
}
//建立 Identity.Claim
ClaimsIdentity identity = new ClaimsIdentity(new GenericIdentity(model.Account, "Token"),
new[]
{
//new Claim("IsValidAuthorized", "true"),
new Claim("Uid", _user.Account),
new Claim("Account", _user.Account),
new Claim("Username", _user.Name),
}.Concat(role_claim));
#endregion
#region #3 發放 Token
//設定 Token 記載內容
double unixEpocDate = Math.Round((_jwtOptions.IssueAt.ToUniversalTime() - new DateTimeOffset(1970, 1, 1, 0, 0, 0, TimeSpan.Zero)).TotalSeconds);
var claims = new List <Claim>()
{
new Claim(JwtRegisteredClaimNames.Aud, model.ClientId),
new Claim(JwtRegisteredClaimNames.Sub, model.Account),
new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat, unixEpocDate.ToString(), ClaimValueTypes.Integer64),
};
claims.AddRange(identity.Claims);
//生成 Jwt token, 並進行編碼
var jwt = new JwtSecurityToken(
issuer: _jwtOptions.Issuer,
claims: claims,
notBefore: _jwtOptions.NotBefore,
expires: _jwtOptions.Expiration,
signingCredentials: _jwtOptions.SigningCredentials
);
string encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
//回傳 Token
var response = new { access_token = encodedJwt, token_type = "bearer", expires_in = (int)_jwtOptions.ValidFor.TotalSeconds };
return(new OkObjectResult(response));
#endregion
}
