public async Task <IActionResult> OnPostAsync()
        {
            (MyUserAdapterModel user, string message) = await myUserService.CheckUser(Username, Password);

            if (user == null)
            {
                Msg = message;
                logger.LogInformation($"使用者 ({Username} / {Password}) 登入失敗");
            }
            else
            {
                string returnUrl = Url.Content("~/");

                #region 加入這個使用者需要用到的 宣告類型 Claim Type
                var claims = new List <Claim>
                {
                    new Claim(ClaimTypes.Role, "User"),
                    new Claim(ClaimTypes.NameIdentifier, user.Account),
                    new Claim(ClaimTypes.Name, user.Name),
                    new Claim(ClaimTypes.Sid, user.Id.ToString()),
                };
                if (user.IsManager == true)
                {
                    claims.Add(new Claim(ClaimTypes.Role, "Administrator"));
                }
                #endregion

                #region 建立 宣告式身分識別
                // ClaimsIdentity類別是宣告式身分識別的具體執行, 也就是宣告集合所描述的身分識別
                var claimsIdentity = new ClaimsIdentity(
                    claims, MagicHelper.CookieAuthenticationScheme);
                #endregion

                #region 建立關於認證階段需要儲存的狀態
                var authProperties = new AuthenticationProperties
                {
                    IsPersistent = true,
                    RedirectUri  = this.Request.Host.Value
                };
                #endregion

                #region 進行使用登入
                try
                {
                    await HttpContext.SignInAsync(
                        MagicHelper.CookieAuthenticationScheme,
                        new ClaimsPrincipal(claimsIdentity),
                        authProperties);
                }
                catch (Exception ex)
                {
                    var msg = ex.Message;
                }
                #endregion

                logger.LogInformation($"使用者 ({Username}) 登入成功");
                return(LocalRedirect(returnUrl));
            }
            return(Page());
        }
Exemplo n.º 2
0
        public async Task <IActionResult> Post(LoginRequestDto loginRequestDTO)
        {
            APIResult apiResult;
            await Task.Yield();

            if (ModelState.IsValid == false)
            {
                apiResult = APIResultFactory.Build(false, StatusCodes.Status200OK,
                                                   ErrorMessageEnum.傳送過來的資料有問題);
                return(Ok(apiResult));
            }

            (MyUserAdapterModel user, string message) = await myUserService.CheckUser(loginRequestDTO.Account, loginRequestDTO.Password);

            if (user == null)
            {
                apiResult = APIResultFactory.Build(false, StatusCodes.Status400BadRequest,
                                                   ErrorMessageEnum.帳號或密碼不正確);
                return(BadRequest(apiResult));
            }

            string token        = GenerateToken(user);
            string refreshToken = GenerateRefreshToken(user);

            LoginResponseDto LoginResponseDTO = new LoginResponseDto()
            {
                Account                = loginRequestDTO.Account,
                Id                     = user.Id,
                Name                   = loginRequestDTO.Account,
                Token                  = token,
                TokenExpireMinutes     = tokenConfiguration.JwtExpireMinutes,
                RefreshToken           = refreshToken,
                RefreshTokenExpireDays = tokenConfiguration.JwtRefreshExpireDays,
            };

            apiResult = APIResultFactory.Build(true, StatusCodes.Status200OK,
                                               ErrorMessageEnum.None, payload: LoginResponseDTO);
            return(Ok(apiResult));
        }
        public async Task <IActionResult> OnPostAsync()
        {
            Version = Assembly.GetEntryAssembly().GetName().Version.ToString();
            bool checkCaptch = true;

            if (string.IsNullOrEmpty(Captcha))
            {
                Msg         = "請輸入驗證碼";
                checkCaptch = false;
            }
            else if (GetCaptchaSHA(Captcha) != CaptchaOrigin)
            {
                Msg         = "驗證碼輸入錯誤";
                checkCaptch = false;
            }

            if (checkCaptch)
            {
                (MyUserAdapterModel user, string message) =
                    await myUserService.CheckUser(Username, Password);

                if (user == null)
                {
                    #region 身分驗證失敗,使用者不存在
                    Msg = $"身分驗證失敗,使用者({Username}不存在 : {message})";
                    await SystemLogHelper.LogAsync(new SystemLogAdapterModel()
                    {
                        Message    = Msg,
                        Category   = LogCategories.User,
                        Content    = "",
                        LogLevel   = LogLevels.Information,
                        Updatetime = DateTime.Now,
                        IP         = HttpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(),
                    });

                    logger.LogInformation($"{Msg}");
                    GetCaptchaImage();
                    return(Page());

                    #endregion
                }

                if (user.Status == false)
                {
                    #region 使用者已經被停用,無法登入
                    Msg = $"使用者 {user.Account} 已經被停用,無法登入";
                    await SystemLogHelper.LogAsync(new SystemLogAdapterModel()
                    {
                        Message    = Msg,
                        Category   = LogCategories.User,
                        Content    = "",
                        LogLevel   = LogLevels.Information,
                        Updatetime = DateTime.Now,
                        IP         = HttpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(),
                    });

                    logger.LogInformation($"{Msg}");
                    GetCaptchaImage();
                    return(Page());

                    #endregion
                }

                string returnUrl = Url.Content("~/");

                #region 加入這個使用者需要用到的 宣告類型 Claim Type
                var claims = new List <Claim>
                {
                    new Claim(ClaimTypes.Role, "User"),
                    new Claim(ClaimTypes.NameIdentifier, user.Account),
                    new Claim(ClaimTypes.Name, user.Name),
                    new Claim(ClaimTypes.Sid, user.Id.ToString()),
                    new Claim(MagicHelper.MenuRoleClaim, user.MenuRoleId.ToString()),
                    new Claim(MagicHelper.MenuRoleNameClaim, user.MenuRole?.Name),
                };

                #region 若為 開發人員,加入 開發人員 專屬的角色
                if (MagicHelper.開發者帳號.ToString() == Username.ToLower())
                {
                    claims.Add(new Claim(ClaimTypes.Role, MagicHelper.開發者的角色聲明));
                }
                #endregion

                #region 加入該使用者需要加入的相關角色
                var menuDatas = user.MenuRole.MenuData
                                .Where(x => x.Enable == true).ToList();

                foreach (var item in menuDatas)
                {
                    if (item.IsGroup == false)
                    {
                        if (item.CodeName.ToLower() != MagicHelper.開發者的角色聲明)
                        {
                            // 避免使用者自己加入一個 開發人員專屬 的角色
                            if (!((item.CodeName.Contains("/") == true ||
                                   item.CodeName.ToLower().Contains("http") == true)))
                            {
                                claims.Add(new Claim(ClaimTypes.Role, item.CodeName));
                            }
                        }
                    }
                }
                #endregion
                #endregion

                #region 建立 宣告式身分識別
                // ClaimsIdentity類別是宣告式身分識別的具體執行, 也就是宣告集合所描述的身分識別
                var claimsIdentity = new ClaimsIdentity(
                    claims, MagicHelper.CookieAuthenticationScheme);
                #endregion

                #region 建立關於認證階段需要儲存的狀態
                var authProperties = new AuthenticationProperties
                {
                    IsPersistent = true,
                    RedirectUri  = this.Request.Host.Value
                };
                #endregion

                #region 進行使用登入
                try
                {
                    await HttpContext.SignInAsync(
                        MagicHelper.CookieAuthenticationScheme,
                        new ClaimsPrincipal(claimsIdentity),
                        authProperties);
                }
                catch (Exception ex)
                {
                    var msg = ex.Message;
                }
                #endregion

                Msg = $"使用者 ({Username}) 登入成功";
                await SystemLogHelper.LogAsync(new SystemLogAdapterModel()
                {
                    Message    = Msg,
                    Category   = LogCategories.User,
                    Content    = "",
                    LogLevel   = LogLevels.Information,
                    Updatetime = DateTime.Now,
                    IP         = HttpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(),
                });

                logger.LogInformation($"{Msg}");
                return(LocalRedirect(returnUrl));
            }
            GetCaptchaImage();
            return(Page());
        }