// POST api/values
/// <summary>
/// p.s the expiration not work
/// </summary>
/// <param name="loginData"></param>
/// <returns></returns>
public object SetToken(LoginData loginData)
{
Token _Token = getToken(loginData.Origin);
var secret = _Token.Secret;
// if ( loginData.Username ==_Token.Username && loginData.Password == _Token.Password )
Login _Login = _loginService.GetByAccount(loginData.Username, loginData.Password);
if (_Login != null)
{
this._commonService.InsetButtonLog(_Login.Id, "Login", "", "Login.html");
//every day has diffrent token
var payload = new JwtAuthObject()
{
Id = _Login.Id,
exp = DateTime.Now.Ticks,
iat = DateTime.Now.AddSeconds(10).Ticks
};
return(new
{
token = Jose.JWT.Encode(payload, Encoding.UTF8.GetBytes(secret), JwsAlgorithm.HS256),
loginId = _Login.Id,
indexPage = _Login.IndexPage
});
}
else
{
throw new UnauthorizedAccessException("IDPASSWORDERROR:ID:" + loginData.Username + " PWD:" + loginData.Password);
}
}
public object Post(LoginData loginData)
{
// TODO: key應該移至config
var secret = "secreteTokenCreator";
var verifyCount = db.users.FirstOrDefault(v => v.email == loginData.account && v.password == loginData.password);
// TODO: 真實世界檢查帳號密碼
if (verifyCount != null)
{
var payload = new JwtAuthObject()
{
accId = verifyCount.email,
};
return(new
{
Result = true,
user_id = verifyCount.id,
token = Jose.JWT.Encode(payload, Encoding.UTF8.GetBytes(secret), JwsAlgorithm.HS256)
});
}
else
{
throw new UnauthorizedAccessException("帳號密碼錯誤");
}
}
public object Post(LoginData model)
{
var secret = WebConfigurationManager.AppSettings["JWTSalt"].ToString();
if (model.UserName == "andy" && model.Password == "abcd")
{
//TODO 可擴充自己要的欄位
var payload = new JwtAuthObject()
{
Id = model.UserName,
Expiration = DateTime.Now.AddHours(3),
Name = model.UserName
};
return(new
{
Result = true,
token = Jose.JWT.Encode(payload, Encoding.UTF8.GetBytes(secret), JwsAlgorithm.HS256)
});
}
else
{
throw new UnauthorizedAccessException("帳密錯誤");
}
}
public object Post([FromBody] JObject value)
{
// TODO: key應該移至config
var secret = "wellwindJtwDemo";
// TODO: 真實世界檢查帳號密碼
var account = value["account"].ToString();
var password = value["password"].ToString();
var q = from p in db.memberdb
where p.mb_employeeAccount == account
select p;
foreach (var items in q)
{
if (items.mb_employeeAccount == account && password == "test")
{
//var payload = new JwtAuthObject()
var payload = new JwtAuthObject()
{
accId = items.mb_employeeAccount,
pswId = "test"
};
return(new
{
Result = true,
token = Jose.JWT.Encode(payload, Encoding.UTF8.GetBytes(secret), JwsAlgorithm.HS256)
});
}
else
{
return(new
{
Result = false,
});
}
}
return(new
{
Result = false,
});
}
public string Login(LoginData loginData)
{
string secret = ConfigurationManager.AppSettings["secret"];
if (loginData.Account == "Igor" && loginData.Password == "123")
{
var payload = new JwtAuthObject()
{
Id = 1,
Name = "account"
};
var token = Jose.JWT.Encode(payload, Encoding.UTF8.GetBytes(secret), JwsAlgorithm.HS256);
return(token);
}
else
{
throw new UnauthorizedAccessException("帳號密碼錯誤");
}
}
public WebAPIReponse SignIn([FromBody] UserAccountRequest userAccount)
{
try
{
AccountInfo mtsAccountInfo = new AccountInfo();
mtsAccountInfo.UserID = userAccount.LoginAccount;
PassWordHelper passWordHelper = new PassWordHelper(userAccount.LoginPassword);
mtsAccountInfo.PassWord = passWordHelper.CrtPassWord();
var userInfo = _usersService.Login(mtsAccountInfo);
if (userInfo != null)
{
// 校验密码,生成 Token
JwtAuthUtil jwtAuthUtil = new JwtAuthUtil();
JwtAuthObject jwtAuthInfo = new JwtAuthObject
{
UserName = userInfo.UserID,
};
switch (userAccount.LoginPlatform)
{
case SoftPlatform.mtsToolCaliburn:
jwtAuthInfo.ExpiryDateTime = DateTime.Now.AddHours(12).ToString(); break;
case SoftPlatform.mtsToolLoggerCenter:
jwtAuthInfo.ExpiryDateTime = DateTime.Now.AddHours(4).ToString(); break;
case SoftPlatform.mtsToolsSchedule:
jwtAuthInfo.ExpiryDateTime = DateTime.Now.AddMinutes(15).ToString(); break;
case SoftPlatform.mtsToolsStudio:
jwtAuthInfo.ExpiryDateTime = DateTime.Now.AddHours(4).ToString(); break;
default: jwtAuthInfo.ExpiryDateTime = DateTime.Now.AddMinutes(5).ToString(); break;
}
string jwtToken = jwtAuthUtil.GenerateToken(jwtAuthInfo);
return(new WebAPIReponse(HttpStatusCode.OK, "OK", jwtToken));
}
return(new WebAPIReponse(HttpStatusCode.NonAuthoritativeInformation, "Access Denied"));
}
catch (Exception exception)
{
return(new WebAPIReponse(HttpStatusCode.PreconditionFailed, "Precondition Failed", exception.ToString()));
}
}
public object PostUser([FromBody] JObject loginData)
{
if (loginData["FormID"].ToObject <string>() == "Allen" && loginData["Password"].ToObject <string>() == "0814")
{
JwtAuthObject payload = new JwtAuthObject();
payload.ID = "Alien";
return(new
{
Result = true,
token = Jose.JWT.Encode(payload, Encoding.UTF8.GetBytes(secret), JwsAlgorithm.HS256)
});
}
else
{
return(new
{
Result = false,
Error = new UnauthorizedAccessException("帳號密碼錯誤")
});
}
}
/// <summary>
/// 帳號驗證並回傳 JWT Token
/// </summary>
/// <param name="model"></param>
/// <returns></returns>
public HttpResponseMessage Post(LoginVM model)
{
string sResult = "";
var result = new HttpResponseMessage(HttpStatusCode.OK);
if (_db.Users.Any(x => x.Account == model.Account && x.Password == model.Password))
{
User user = _db.Users.Single(x => x.Account == model.Account && x.Password == model.Password);
var AuthData = new JwtAuthObject()
{
Account = user.Account,
Name = user.Name,
Roles = user.Roles,
TimeStamp = DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss")
};
//若 Secret 為未經 Base64 編碼過的原始字串
//var secret = Encoding.UTF8.GetBytes(config.JwtPlainSecret);
//若 Secret 為已經 Base64 編碼過的字串
var secret = Convert.FromBase64String(config.JwtBase64Secret);
result = new HttpResponseMessage(HttpStatusCode.OK);
sResult = JWT.Encode(AuthData, secret, JwsAlgorithm.HS256);
result.Content = new StringContent(sResult);
result.Content.Headers.ContentType = new MediaTypeHeaderValue("text/plain");
}
else
{
sResult = "Account or password is invalid.";
result = new HttpResponseMessage(HttpStatusCode.Unauthorized);
result.Content = new StringContent(sResult);
result.Content.Headers.ContentType = new MediaTypeHeaderValue("text/plain");
}
return(result);
}
// POST api/values
public object Post(LoginData loginData)
{
// TODO: key應該移至config
var secret = "wellwindJtwDemo";
// TODO: 真實世界檢查帳號密碼
if (loginData.Username == "wellwind" && loginData.Password == "1234")
{
var payload = new JwtAuthObject()
{
Id = "wellwind"
};
return(new
{
Result = true,
token = Jose.JWT.Encode(payload, Encoding.UTF8.GetBytes(secret), JwsAlgorithm.HS256)
});
}
else
{
throw new UnauthorizedAccessException("帳號密碼錯誤");
}
}
