public async Task <IActionResult> PostLogin([FromBody] User cUser)
{
if (string.IsNullOrEmpty(cUser.UserId) || string.IsNullOrWhiteSpace(cUser.Password))
{
return(BadRequest());
}
var user = await _context.Users.FirstOrDefaultAsync(x => x.UserId == cUser.UserId);
if (user == null)
{
return(NotFound());
}
if (!Common.HashPasswordGenerator.VerifyPassword(cUser.Password, user.Id, user.PasswordHash, user.PasswordSalt))
{
return(BadRequest());
}
cUser.Password = null;
var session = new UserSession()
{
CreatedAt = DateTime.Now,
Expired = DateTime.Now + TimeSpan.FromDays(365),
UserId = user.Id,
UserName = user.UserId,
SessionToken =
HashGenerator.GenerateSHA512(user.UserId +
":" +
new Random().Next(0,
10101019)
.ToString() +
":" +
DateTime.Now.ToString(CultureInfo.InvariantCulture))
};
_context.UserSessions.Add(session);
await _context.SaveChangesAsync();
// HttpContext.Session.SetString("user", session.SessionToken);
HttpContext.Response.Cookies.Append("user_sess", session.SessionToken,
new CookieOptions()
{
Expires = DateTimeOffset.Now + TimeSpan.FromDays(366),
HttpOnly = true
});
return(Ok(new { SetAuthorization = session.SessionToken, user.UserId, user.SystemAuthority, user.ControllableBoards }));
}
public async Task <IActionResult> GetBoardBillBoardPath([FromRoute] string boardKey)
{
var board = await Context.Boards.Where(x => x.BoardKey == boardKey).FirstOrDefaultAsync();
if (board == null)
{
return(NotFound());
}
var billBoardHash = HashGenerator.GenerateSHA512($"{boardKey}_billboard");
var exceptExt = new[] { "jpeg", "jpg", "png", "gif", "webp" };
foreach (var item in exceptExt)
{
if (System.IO.File.Exists($"wwwroot/images/{billBoardHash}.{item}".ToLower()))
{
return(Ok(new { Path = $"/images/{billBoardHash}.{item}".ToLower() }));
}
}
return(NotFound());
}
