public async Task <IActionResult> PostLogin([FromBody] User cUser) { if (string.IsNullOrEmpty(cUser.UserId) || string.IsNullOrWhiteSpace(cUser.Password)) { return(BadRequest()); } var user = await _context.Users.FirstOrDefaultAsync(x => x.UserId == cUser.UserId); if (user == null) { return(NotFound()); } if (!Common.HashPasswordGenerator.VerifyPassword(cUser.Password, user.Id, user.PasswordHash, user.PasswordSalt)) { return(BadRequest()); } cUser.Password = null; var session = new UserSession() { CreatedAt = DateTime.Now, Expired = DateTime.Now + TimeSpan.FromDays(365), UserId = user.Id, UserName = user.UserId, SessionToken = HashGenerator.GenerateSHA512(user.UserId + ":" + new Random().Next(0, 10101019) .ToString() + ":" + DateTime.Now.ToString(CultureInfo.InvariantCulture)) }; _context.UserSessions.Add(session); await _context.SaveChangesAsync(); // HttpContext.Session.SetString("user", session.SessionToken); HttpContext.Response.Cookies.Append("user_sess", session.SessionToken, new CookieOptions() { Expires = DateTimeOffset.Now + TimeSpan.FromDays(366), HttpOnly = true }); return(Ok(new { SetAuthorization = session.SessionToken, user.UserId, user.SystemAuthority, user.ControllableBoards })); }
public async Task <IActionResult> GetBoardBillBoardPath([FromRoute] string boardKey) { var board = await Context.Boards.Where(x => x.BoardKey == boardKey).FirstOrDefaultAsync(); if (board == null) { return(NotFound()); } var billBoardHash = HashGenerator.GenerateSHA512($"{boardKey}_billboard"); var exceptExt = new[] { "jpeg", "jpg", "png", "gif", "webp" }; foreach (var item in exceptExt) { if (System.IO.File.Exists($"wwwroot/images/{billBoardHash}.{item}".ToLower())) { return(Ok(new { Path = $"/images/{billBoardHash}.{item}".ToLower() })); } } return(NotFound()); }