/// <summary>
/// 登陆
/// 成功返回 {Ok: true, Item: token }
/// 失败返回 {Ok: false, Msg: ""}
/// </summary>
/// <param name="email"></param>
/// <param name="pwd"></param>
/// <returns></returns>
//[HttpPost]
public JsonResult Login(string email, string pwd)
{
string tokenStr = "";
User user;
if (AuthService.LoginByPWD(email, pwd, out tokenStr, out user))
{
SetUserIdToSession(user.UserId);
AuthOk authOk = new AuthOk()
{
Ok = true,
Token = tokenStr,
UserId = user.UserId.ToString("x"),
Email = user.Email,
Username = user.Username
};
return(Json(authOk, MyJsonConvert.GetSimpleOptions()));
}
else
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "用户名或密码有误"
};
string json = JsonSerializer.Serialize(apiRe, MyJsonConvert.GetSimpleOptions());
return(Json(apiRe, MyJsonConvert.GetSimpleOptions()));
}
}
public IActionResult GetNotChildrenByNotebookId(string token, string notebookId)
{
var apiRe = new ApiRe();
var user = tokenSerivce.GetUserByToken(token);
if (user != null)
{
//var repository = noteRepositoryService.GetNotesRepository(repositoryId.ToLongByHex());
//var memerRole = noteRepositoryService.GetRepositoryMemberRole(repositoryId.ToLongByHex());
var book = notebookService.GetNotebookById(notebookId.ToLongByHex());
if (book == null)
{
return(LeanoteJson(apiRe));
}
//检查用户是否对仓库具有读权限
if (noteRepositoryService.Verify(book.NotesRepositoryId, user.UserId, RepositoryAuthorityEnum.Read))
{
var notes = noteService.GetNotChildrenByNotebookId(notebookId.ToLongByHex());
apiRe.Ok = true;
apiRe.Data = notes;
}
}
return(LeanoteJson(apiRe));
}
public JsonResult MakeCredentialOptions(string token, string authType)
{
var tokenVerify = tokenSerivce.VerifyToken(token);
if (!tokenVerify)
{
var apiRe = new ApiRe()
{
Ok = false,
Msg = "注册失败,token无效"
};
return(Json(apiRe, MyJsonConvert.GetSimpleOptions()));
}
var user = userService.GetUserByToken(token);
var attachment = AuthenticatorAttachment.Platform;
var ok = Enum.TryParse <AuthenticatorAttachment>(authType, true, out attachment);
//注册选项
var opts = new MakeCredentialParams(user.Username, user.UserId);
if (ok)
{
opts.AuthenticatorSelection.AuthenticatorAttachment = attachment;
}
var credentialCreateOptions = fido2Service.MakeCredentialOptions(user, opts);
return(Json(credentialCreateOptions));
}
public IActionResult UpdateNotebook(string token, string notebookId, string title, string parentNotebookId, int seq, int usn)
{
User user = tokenSerivce.GetUserByToken(token);
if (user == null)
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "NOTLOGIN",
};
return(Json(apiRe, MyJsonConvert.GetLeanoteOptions()));
}
else
{
Notebook notebook;
if (notebookService.UpdateNotebookApi(user.UserId, notebookId.ToLongByHex(), title, parentNotebookId.ToLongByHex(), seq, usn, out notebook))
{
ApiNotebook apiNotebook = fixNotebook(notebook);
return(Json(apiNotebook, MyJsonConvert.GetLeanoteOptions()));
}
else
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "UpdateNotebook is error",
};
return(Json(apiRe, MyJsonConvert.GetLeanoteOptions()));
}
}
}
public async Task <IActionResult> UpdatePwd(string token, string oldPwd, string pwd)
{
ApiRe re = new ApiRe();
User user = tokenSerivce.GetUserByToken(token);
if (user == null)
{
re.Msg = "NOTLOGIN";
return(Json(re, MyJsonConvert.GetLeanoteOptions()));
}
try
{
var result = await userService.UpdatePwd(user.UserId, oldPwd, pwd);
re.Ok = result;
if (!result)
{
re.Msg = "更新密码失败";
}
}
catch (Exception ex)
{
re.Msg = ex.Message;
re.Ok = false;
}
return(LeanoteJson(re));
}
//todo:格式化URL
//todo:得到内容
public IActionResult GetNoteContent(string token, string noteId)
{
ApiRe falseRe = new ApiRe()
{
Ok = false,
Msg = "GetNoteContent_is_error"
};
Note note = NoteService.GetNote(MyConvert.HexToLong(noteId), getUserIdByToken(token));
NoteContent noteContent = NoteContentService.GetNoteContent(MyConvert.HexToLong(noteId), getUserIdByToken(token), false);
if (noteContent == null || note == null)
{
return(Json(falseRe, MyJsonConvert.GetOptions()));
}
if (noteContent != null && !string.IsNullOrEmpty(noteContent.Content))
{
noteContent.Content = NoteService.FixContent(noteContent.Content, note.IsMarkdown);
}
ApiNoteContent apiNote = new ApiNoteContent()
{
NoteId = note.NoteId,
UserId = note.UserId,
Content = noteContent.Content
};
return(Json(apiNote, MyJsonConvert.GetOptions()));
}
public async Task <IActionResult> Register(string email, string pwd)
{
//ex:API当前不使用cookie和session判断用户身份,
//API调用必须显式的提供token字段,以证明身份
//API调用者必须是管理员身份或者超级管理员身份,否则调用无效
//如果用户设置二次验证必须显示提供二次验证码
ApiRe re = new ApiRe();
if (!this.config.SecurityConfig.OpenRegister)
{
re.Msg = "服务器管理员已经禁止用户注册功能";
return(LeanoteJson(re));
}
if (await authService.Register(email, pwd, 0))
{
re = new ApiRe()
{
Ok = true,
Msg = "注册成功"
};
}
else
{
re = new ApiRe()
{
Ok = false,
Msg = "注册失败"
};
}
return(Json(re, MyJsonConvert.GetSimpleOptions()));
}
//todo:删除笔记本
public IActionResult DeleteNotebook(string token, string notebookId, int usn)
{
User user = TokenSerivce.GetUserByToken(token);
if (user == null)
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "Not logged in",
};
return(Json(apiRe, MyJsonConvert.GetOptions()));
}
if (NotebookService.DeleteNotebookForce(user.UserId, MyConvert.HexToLong(notebookId), usn))
{
ApiRe apiRe = new ApiRe()
{
Ok = true,
Msg = "success",
};
return(Json(apiRe, MyJsonConvert.GetOptions()));
}
else
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "conflict",
};
return(Json(apiRe, MyJsonConvert.GetOptions()));
}
}
public IActionResult GetHexId()
{
var re = new ApiRe();
re.Ok = true;
re.Data = this.idGenerator.NextHexId();
return(LeanoteJson(re));
}
public IActionResult GetSecurityConfig()
{
var securityConfig = config.SecurityConfig;
var dto = SecurityConfigDTO.Instance(securityConfig);
var re = new ApiRe();
re.Ok = true;
re.Data = dto;
return(LeanoteJson(re));
}
public async Task <IActionResult> LoginResponse(string data)
{
var clinetResponse = ClientResponse.FromJSON(data);
var challenge = ePass.GetServerChallenge(clinetResponse.Id);
var result = await ePass.VerifyClientResponse(clinetResponse, false);
StringBuilder stringBuilder = new StringBuilder();
foreach (var item in Request.Headers)
{
stringBuilder.Append(item.Key + "=" + item.Value.ToString() + "\r\n");
}
LoggingLogin logg = new LoggingLogin()
{
Id = this.idGenerator.NextId(),
LoginDateTime = DateTime.Now,
LoginMethod = "SmartToken",
Ip = Request.Host.Host,
BrowserRequestHeader = stringBuilder.ToString(),
};
ApiRe apiRe = new ApiRe();
try
{
if (result)
{
var userId = challenge.UserId;
var user = userService.GetUserByUserId(userId);
// var token = tokenSerivce.GenerateToken(user.UserId, user.Email);
//tokenSerivce.SaveToken(token);
//登录日志
logg.UserId = user.UserId;
logg.IsLoginSuccess = true;
apiRe.Ok = true;
this.distributedCache.SetBool("USBKEY" + challenge.RequestNumber, true);
//apiRe.Data = userToken;
return(LeanoteJson(apiRe));
}
else
{
return(LeanoteJson(apiRe));
}
}
finally
{
await logg.AddMac(this.cryptographyProvider);
this.logging.Save(logg);
}
}
public JsonResult GetUserLoginSecurityStrategy(string UserName)
{
var ss = userService.GetGetUserLoginSecurityStrategy(UserName);
ApiRe apiRe = new ApiRe()
{
Ok = (ss != null),
Msg = "",
Data = ss
};
return(Json(apiRe, MyJsonConvert.GetLeanoteOptions()));
}
public async Task <IActionResult> DeleteNote(string token, string noteRepositoryId, string noteId, string dataSignJson)
{
var user = tokenSerivce.GetUserByToken(token);
var re = new ApiRe();
if (user == null)
{
return(LeanoteJson(re));
}
var verify = false;
if (this.config.SecurityConfig.ForceDigitalSignature)
{
//验证签名
var dataSign = DataSignDTO.FromJSON(dataSignJson);
verify = await this.ePassService.VerifyDataSign(dataSign);
if (!verify)
{
return(LeanoteJson(re));
}
verify = dataSign.SignData.Operate.Equals("/api/Note/DeleteNote");
if (!verify)
{
re.Msg = "Operate is not Equals ";
return(LeanoteJson(re));
}
//签名存证
this.dataSignService.AddDataSign(dataSign, "DeleteNote");
}
var note = noteService.GetNoteById(noteId.ToLongByHex());
var repositoryId = note.NotesRepositoryId;
if (repositoryId != noteRepositoryId.ToLongByHex())
{
return(LeanoteJson(re));
}
verify = noteRepositoryService.Verify(repositoryId, user.UserId, RepositoryAuthorityEnum.Write);
if (!verify)
{
return(LeanoteJson(re));
}
var usn = noteRepositoryService.IncrUsn(repositoryId);
var noteDelte = noteService.DeleteNote(noteId.ToLongByHex(), usn);
re.Ok = true;
re.Data = noteDelte;
return(LeanoteJson(re));
}
public IActionResult GetUserInfoByToken(string token)
{
var user = tokenSerivce.GetUserByToken(token);
var re = new ApiRe();
if (user == null)
{
re.Msg = "NOTLOGIN";
}
re.Ok = true;
re.Data = user;
return(LeanoteJson(re));
}
public IActionResult GetUserInfoByEmail(string email)
{
var user = userService.GetUserByEmail(email);
var re = new ApiRe();
if (user == null)
{
re.Msg = "NOTLOGIN";
}
re.Ok = true;
re.Data = user;
return(LeanoteJson(re));
}
//todo:注销函数
public JsonResult Logout()
{
//ex:API当前不使用cookie和session判断用户身份,
//API调用必须显式的提供token字段,以证明身份
ApiRe apiRe = new ApiRe()
{
Ok = true,
Msg = "未提供注销功能"
};
return(Json(apiRe, MyJsonConvert.GetSimpleOptions()));
}
public IActionResult TakeNumber()
{
var re = new ApiRe();
//产生一个序号
var id = idGenerator.NextId();//序号
var random = RandomTool.CreatSafeRandomBase64(16);
var data = SHAEncryptHelper.Hash256Encrypt(id + random);
distributedCache.SetBool("TakeNumber", true);
re.Data = data;
re.Ok = true;
return(LeanoteJson(re));
}
public IActionResult GetUserInfoByUserId(string userId)
{
var user = userService.GetUserByUserId(userId.ToLongByHex());
var re = new ApiRe();
if (user == null)
{
re.Msg = "NOTLOGIN";
}
re.Ok = true;
re.Data = user;
return(LeanoteJson(re));
}
public async Task <IActionResult> GetRealNameInformation(string token, string digitalEnvelopeJson, string dataSignJson)
{
var re = new ApiRe();
DigitalEnvelope digitalEnvelope = null;
var verify = false;
//数字信封
if (this.config.SecurityConfig.ForceDigitalEnvelope)
{
digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson);
}
if (this.config.SecurityConfig.ForceDigitalSignature)
{
//验证签名
var dataSign = DataSignDTO.FromJSON(dataSignJson);
verify = await this.ePassService.VerifyDataSign(dataSign);
if (!verify)
{
return(LeanoteJson(re));
}
verify = dataSign.SignData.Operate.Equals("/api/User/GetRealNameInformation");
if (!verify)
{
re.Msg = "Operate is not Equals ";
return(LeanoteJson(re));
}
//签字签名和数字信封数据
//签名存证
this.dataSignService.AddDataSign(dataSign, "GetRealNameInformation");
}
User user = tokenSerivce.GetUserByToken(token);
if (user == null)
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "NOTLOGIN",
};
return(Json(apiRe, MyJsonConvert.GetLeanoteOptions()));
}
var realName = this.realNameService.GetRealNameInformationByUserId(user.UserId);
re.Ok = true;
re.Data = realName;
return(LeanoteJson(re));
}
//获取用户信息
public JsonResult Info(string token, [ModelBinder(BinderType = typeof(Hex2LongModelBinder))] long userId)
{
// long myUserId =MyConvert.HexToLong(userId);
long myUserId = userId;
if (myUserId != 0)
{
if (!AuthService.IsLogin(myUserId, token))
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "Not logged in",
};
return(Json(apiRe, MyJsonConvert.GetOptions()));
}
User user = UserService.GetUserByUserId(myUserId);
if (user == null)
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "The user does not exist",
};
return(Json(apiRe, MyJsonConvert.GetOptions()));
}
else
{
ApiUser apiUser = new ApiUser()
{
UserId = user.UserId.ToString("x"),
Username = user.Username,
Email = user.Email,
Logo = user.Logo,
Verified = user.Verified
};
return(Json(apiUser, MyJsonConvert.GetOptions()));
}
}
else
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "Invalid user id",
};
return(Json(apiRe, MyJsonConvert.GetOptions()));
}
}
public IActionResult GetLoginChallenge(string email, string requestNumber)
{
ApiRe apiRe = new ApiRe();
var user = userService.GetUserByEmail(email);
if (user == null)
{
return(LeanoteJson(apiRe));
}
var challenge = ePass.GenServerChallenge("LoginChallenge", requestNumber, user.UserId);
apiRe.Ok = true;
apiRe.Data = challenge;
return(LeanoteJson(apiRe));
}
public JsonResult GetSyncTags(string token, int afterUsn, int maxEntry)
{
User user = tokenSerivce.GetUserByToken(token);
if (user == null)
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "NOTLOGIN",
};
return(Json(apiRe, MyJsonConvert.GetLeanoteOptions()));
}
NoteTag[] noteTags = tagService.GeSyncTags(user.UserId, afterUsn, maxEntry);
return(Json(noteTags, MyJsonConvert.GetLeanoteOptions()));
}
public IActionResult Copy(string token, string noteId, string targetParentNotebookId)
{
var user = tokenSerivce.GetUserByToken(token);
var re = new ApiRe();
if (user == null)
{
return(LeanoteJson(re));
}
var note = noteService.GetNoteById(noteId.ToLongByHex());
var repositoryId = note.NotesRepositoryId;
var targetParentNotebook = notebookService.GetNotebookById(targetParentNotebookId.ToLongByHex());
//目标文件夹必必须位于同一个仓库中
if (targetParentNotebook.NotesRepositoryId != repositoryId)
{
return(LeanoteJson(re));
}
//操作者必须拥有写权限
var verify = noteRepositoryService.Verify(repositoryId, user.UserId, RepositoryAuthorityEnum.Write);
if (!verify)
{
return(LeanoteJson(re));
}
//usn
var usn = noteRepositoryService.IncrUsn(repositoryId);
var noteContext = noteContentService.GetValidNoteContent(note.NoteId);
var cloneNoteId = idGenerator.NextId();
var cloneNoteContentId = idGenerator.NextId();
var cloneContent = noteContext.Content;
//添加新文件
this.noteService.AddNote(repositoryId, targetParentNotebook.NotebookId, cloneNoteId, cloneNoteContentId, user.UserId, note.Title, cloneContent, note.IsMarkdown, usn);
var cloneNote = this.noteService.GetNote(cloneNoteId);
re.Ok = true;
re.Data = cloneNote;
return(LeanoteJson(re));
}
public async Task <IActionResult> GetNoteContent(string token, string noteId)
{
ApiRe re = new ApiRe()
{
Ok = false,
Msg = "GetNoteContent_is_error"
};
try
{
var user = GetUserByToken(token);
if (user == null)
{
return(LeanoteJson(re));
}
Note note = noteService.GetNote(noteId.ToLongByHex(), GetUserIdByToken(token));
NoteContent noteContent = noteContentService.GetNoteContent(noteId.ToLongByHex(), GetUserIdByToken(token), false);
if (noteContent == null || note == null)
{
return(Json(re, MyJsonConvert.GetLeanoteOptions()));
}
if (noteContent != null && !string.IsNullOrEmpty(noteContent.Content))
{
noteContent.Content = noteService.FixContent(noteContent.Content, note.IsMarkdown);
}
else
{
noteContent.Content = "<p>Content is IsNullOrEmpty<>";
}
if (noteContent.IsEncryption)
{
var dec = this.cryptographyProvider.SM4Decrypt(noteContent.Content.Base64ToByteArray());
noteContent.Content = Encoding.UTF8.GetString(dec);
}
re.Ok = true;
re.Data = noteContent;
return(LeanoteJson(re));
}
catch (Exception ex)
{
re.Ok = false;
re.Msg = ex.Message;
throw;
}
}
//获取同步的笔记本
//[HttpPost]
public JsonResult GetSyncNotebooks(string token, int afterUsn, int maxEntry)
{
User user = TokenSerivce.GetUserByToken(token);
if (user == null)
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "Not logged in",
};
return(Json(apiRe, MyJsonConvert.GetOptions()));
}
Notebook[] notebook = NotebookService.GeSyncNotebooks(user.UserId, afterUsn, maxEntry);
return(Json(notebook, MyJsonConvert.GetOptions()));
}
public IActionResult GetNoteContent(string noteId)
{
long? noteNumber = noteId.ToLongByHex();
long? userNumber = GetUserIdBySession();
NoteContent noteContent = noteContentService.GetValidNoteContent(noteId.ToLongByHex(), GetUserIdBySession());
ApiRe falseRe = new ApiRe()
{
Ok = false,
Msg = "GetNoteContent_is_error"
};
if (noteContent == null)
{
return(Json(falseRe, MyJsonConvert.GetLeanoteOptions()));
}
return(Json(noteContent, MyJsonConvert.GetLeanoteOptions()));
}
public async Task <IActionResult> GetUserLoginSecurityPolicyLevel(string email)
{
var re = new ApiRe()
{
Ok = false,
Data = null
};
var user = userService.GetUserByEmail(email);
if (user == null)
{
return(LeanoteJson(re));
}
re.Ok = true;
re.Data = user.LoginSecurityPolicyLevel;
return(LeanoteJson(re));
}
public IActionResult TakeToken(string email, string requestNumber)
{
var re = new ApiRe();
var user = userService.GetUserByEmail(email);
if (user == null)
{
return(LeanoteJson(re));
}
var Passwrod_Check = this.distributedCache.GetBool("Password" + requestNumber, false);
var USBKEY_CHECK = this.distributedCache.GetBool("USBKEY" + requestNumber, false);
var result = false;
if (user.LoginSecurityPolicyLevel == LoginSecurityPolicyLevel.compliant)
{
result = Passwrod_Check && USBKEY_CHECK;
}
if (user.LoginSecurityPolicyLevel == LoginSecurityPolicyLevel.unlimited || user.LoginSecurityPolicyLevel == LoginSecurityPolicyLevel.loose)
{
result = Passwrod_Check || USBKEY_CHECK;
}
if (result)
{
var token = tokenSerivce.GenerateToken(user.UserId, user.Email);
tokenSerivce.SaveToken(token);
var userToken = new UserToken()
{
Token = token.TokenStr,
UserId = user.UserId,
Email = user.Email,
Username = user.Username
};
re.Ok = true;
re.Data = userToken;
return(LeanoteJson(re));
}
return(LeanoteJson(re));
}
public async Task <IActionResult> RegisterCredentials(string token, string keyName, string data)
{
try
{
var tokenVerify = tokenSerivce.VerifyToken(token);
if (!tokenVerify)
{
var apiRe = new ApiRe()
{
Ok = false,
Msg = "注册失败,token无效"
};
return(Json(apiRe, MyJsonConvert.GetSimpleOptions()));
}
JsonSerializerOptions options = new System.Text.Json.JsonSerializerOptions
{
Encoder = System.Text.Encodings.Web.JavaScriptEncoder.UnsafeRelaxedJsonEscaping,
Converters =
{
new JsonStringEnumMemberConverter(),
new JsonStringEnumConverter(JsonNamingPolicy.CamelCase)
},
DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull
};
options.PropertyNamingPolicy = JsonNamingPolicy.CamelCase;
options.Converters.Add(new Base64UrlConverter());
var attestationResponse = JsonSerializer.Deserialize <AuthenticatorAttestationRawResponse>(data, options);
var user = userService.GetUserByToken(token);
if (string.IsNullOrEmpty(keyName) || !MyStringUtil.IsNumAndEnCh(keyName))
{
keyName = "key";
}
var success = await fido2Service.RegisterCredentials(user, keyName, attestationResponse);
// 4. return "ok" to the client
return(Json(success));
}
catch (Exception e)
{
return(Json(new CredentialMakeResult(status: "error", errorMessage: FormatException(e), result: null)));
}
}
public async Task <IActionResult> SetUserLoginSecurityPolicyLevel(string token, LoginSecurityPolicyLevel level)
{
var re = new ApiRe()
{
Ok = false,
Data = null
};
var user = tokenSerivce.GetUserByToken(token);
if (user == null)
{
return(LeanoteJson(re));
}
userService.SetUserLoginSecurityPolicyLevel(user.UserId, level);
re.Ok = true;
return(LeanoteJson(re));
}
