public async Task <IActionResult> OnPostAsync()
{
(MyUserAdapterModel user, string message) = await myUserService.CheckUser(Username, Password);
if (user == null)
{
Msg = message;
logger.LogInformation($"使用者 ({Username} / {Password}) 登入失敗");
}
else
{
string returnUrl = Url.Content("~/");
#region 加入這個使用者需要用到的 宣告類型 Claim Type
var claims = new List <Claim>
{
new Claim(ClaimTypes.Role, "User"),
new Claim(ClaimTypes.NameIdentifier, user.Account),
new Claim(ClaimTypes.Name, user.Name),
new Claim(ClaimTypes.Sid, user.Id.ToString()),
};
if (user.IsManager == true)
{
claims.Add(new Claim(ClaimTypes.Role, "Administrator"));
}
#endregion
#region 建立 宣告式身分識別
// ClaimsIdentity類別是宣告式身分識別的具體執行, 也就是宣告集合所描述的身分識別
var claimsIdentity = new ClaimsIdentity(
claims, MagicHelper.CookieAuthenticationScheme);
#endregion
#region 建立關於認證階段需要儲存的狀態
var authProperties = new AuthenticationProperties
{
IsPersistent = true,
RedirectUri = this.Request.Host.Value
};
#endregion
#region 進行使用登入
try
{
await HttpContext.SignInAsync(
MagicHelper.CookieAuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
}
catch (Exception ex)
{
var msg = ex.Message;
}
#endregion
logger.LogInformation($"使用者 ({Username}) 登入成功");
return(LocalRedirect(returnUrl));
}
return(Page());
}
public async Task <IActionResult> Post(LoginRequestDto loginRequestDTO)
{
APIResult apiResult;
await Task.Yield();
if (ModelState.IsValid == false)
{
apiResult = APIResultFactory.Build(false, StatusCodes.Status200OK,
ErrorMessageEnum.傳送過來的資料有問題);
return(Ok(apiResult));
}
(MyUserAdapterModel user, string message) = await myUserService.CheckUser(loginRequestDTO.Account, loginRequestDTO.Password);
if (user == null)
{
apiResult = APIResultFactory.Build(false, StatusCodes.Status400BadRequest,
ErrorMessageEnum.帳號或密碼不正確);
return(BadRequest(apiResult));
}
string token = GenerateToken(user);
string refreshToken = GenerateRefreshToken(user);
LoginResponseDto LoginResponseDTO = new LoginResponseDto()
{
Account = loginRequestDTO.Account,
Id = user.Id,
Name = loginRequestDTO.Account,
Token = token,
TokenExpireMinutes = tokenConfiguration.JwtExpireMinutes,
RefreshToken = refreshToken,
RefreshTokenExpireDays = tokenConfiguration.JwtRefreshExpireDays,
};
apiResult = APIResultFactory.Build(true, StatusCodes.Status200OK,
ErrorMessageEnum.None, payload: LoginResponseDTO);
return(Ok(apiResult));
}
public async Task <IActionResult> OnPostAsync()
{
Version = Assembly.GetEntryAssembly().GetName().Version.ToString();
bool checkCaptch = true;
if (string.IsNullOrEmpty(Captcha))
{
Msg = "請輸入驗證碼";
checkCaptch = false;
}
else if (GetCaptchaSHA(Captcha) != CaptchaOrigin)
{
Msg = "驗證碼輸入錯誤";
checkCaptch = false;
}
if (checkCaptch)
{
(MyUserAdapterModel user, string message) =
await myUserService.CheckUser(Username, Password);
if (user == null)
{
#region 身分驗證失敗,使用者不存在
Msg = $"身分驗證失敗,使用者({Username}不存在 : {message})";
await SystemLogHelper.LogAsync(new SystemLogAdapterModel()
{
Message = Msg,
Category = LogCategories.User,
Content = "",
LogLevel = LogLevels.Information,
Updatetime = DateTime.Now,
IP = HttpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(),
});
logger.LogInformation($"{Msg}");
GetCaptchaImage();
return(Page());
#endregion
}
if (user.Status == false)
{
#region 使用者已經被停用,無法登入
Msg = $"使用者 {user.Account} 已經被停用,無法登入";
await SystemLogHelper.LogAsync(new SystemLogAdapterModel()
{
Message = Msg,
Category = LogCategories.User,
Content = "",
LogLevel = LogLevels.Information,
Updatetime = DateTime.Now,
IP = HttpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(),
});
logger.LogInformation($"{Msg}");
GetCaptchaImage();
return(Page());
#endregion
}
string returnUrl = Url.Content("~/");
#region 加入這個使用者需要用到的 宣告類型 Claim Type
var claims = new List <Claim>
{
new Claim(ClaimTypes.Role, "User"),
new Claim(ClaimTypes.NameIdentifier, user.Account),
new Claim(ClaimTypes.Name, user.Name),
new Claim(ClaimTypes.Sid, user.Id.ToString()),
new Claim(MagicHelper.MenuRoleClaim, user.MenuRoleId.ToString()),
new Claim(MagicHelper.MenuRoleNameClaim, user.MenuRole?.Name),
};
#region 若為 開發人員,加入 開發人員 專屬的角色
if (MagicHelper.開發者帳號.ToString() == Username.ToLower())
{
claims.Add(new Claim(ClaimTypes.Role, MagicHelper.開發者的角色聲明));
}
#endregion
#region 加入該使用者需要加入的相關角色
var menuDatas = user.MenuRole.MenuData
.Where(x => x.Enable == true).ToList();
foreach (var item in menuDatas)
{
if (item.IsGroup == false)
{
if (item.CodeName.ToLower() != MagicHelper.開發者的角色聲明)
{
// 避免使用者自己加入一個 開發人員專屬 的角色
if (!((item.CodeName.Contains("/") == true ||
item.CodeName.ToLower().Contains("http") == true)))
{
claims.Add(new Claim(ClaimTypes.Role, item.CodeName));
}
}
}
}
#endregion
#endregion
#region 建立 宣告式身分識別
// ClaimsIdentity類別是宣告式身分識別的具體執行, 也就是宣告集合所描述的身分識別
var claimsIdentity = new ClaimsIdentity(
claims, MagicHelper.CookieAuthenticationScheme);
#endregion
#region 建立關於認證階段需要儲存的狀態
var authProperties = new AuthenticationProperties
{
IsPersistent = true,
RedirectUri = this.Request.Host.Value
};
#endregion
#region 進行使用登入
try
{
await HttpContext.SignInAsync(
MagicHelper.CookieAuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
}
catch (Exception ex)
{
var msg = ex.Message;
}
#endregion
Msg = $"使用者 ({Username}) 登入成功";
await SystemLogHelper.LogAsync(new SystemLogAdapterModel()
{
Message = Msg,
Category = LogCategories.User,
Content = "",
LogLevel = LogLevels.Information,
Updatetime = DateTime.Now,
IP = HttpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(),
});
logger.LogInformation($"{Msg}");
return(LocalRedirect(returnUrl));
}
GetCaptchaImage();
return(Page());
}
