public IActionResult Login([FromBody] LoginQO log) { var user = _userService.Authenticate(log); if (user == null) { return(NotFound(new { msg = "用户名或密码错误" })); } return(Ok(user)); }
public AuthUser Authenticate(LoginQO log) { var username = log.Username; var password = log.Password; var user = (from u in _context.Users where (u.UserName == username || u.Students.Number.ToString() == username) && u.Password == password select u).FirstOrDefault(); if (user == null) { return(null); } var authUser = new AuthUser { UserId = user.UserId, UserType = user.UserType, ImgUrl = user.ImgUrl }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appSettings.Secret)); string[] role = { "Student", "Manager", "Admin" }; var jwt = new JwtSecurityToken( claims: new List <Claim> { new Claim(ClaimTypes.NameIdentifier, user.UserId.ToString()), new Claim(ClaimTypes.Name, user.UserName), new Claim(ClaimTypes.Role, role[user.UserType]) }, notBefore: DateTime.UtcNow, expires: DateTime.UtcNow.AddHours(2), // 两小时后过期 signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256) ); var tokenHandler = new JwtSecurityTokenHandler(); authUser.Token = tokenHandler.WriteToken(jwt); return(authUser); }