public IActionResult Login([FromBody] LoginQO log)
{
var user = _userService.Authenticate(log);
if (user == null)
{
return(NotFound(new { msg = "用户名或密码错误" }));
}
return(Ok(user));
}
public AuthUser Authenticate(LoginQO log)
{
var username = log.Username;
var password = log.Password;
var user = (from u in _context.Users
where (u.UserName == username || u.Students.Number.ToString() == username) && u.Password == password
select u).FirstOrDefault();
if (user == null)
{
return(null);
}
var authUser = new AuthUser {
UserId = user.UserId, UserType = user.UserType, ImgUrl = user.ImgUrl
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appSettings.Secret));
string[] role = { "Student", "Manager", "Admin" };
var jwt = new JwtSecurityToken(
claims: new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.UserId.ToString()),
new Claim(ClaimTypes.Name, user.UserName), new Claim(ClaimTypes.Role, role[user.UserType])
},
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddHours(2), // 两小时后过期
signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256)
);
var tokenHandler = new JwtSecurityTokenHandler();
authUser.Token = tokenHandler.WriteToken(jwt);
return(authUser);
}
