public IActionResult Login([FromBody] AccountForm account)
{
UserData user = _accountService.GetUser(account.account);
// 檢查帳號有沒有存在
if (user == null)
{
return(Json(new ResponseModel(-1, "Account not exists")));
}
string encryptPassword = PasswordTools.GetSHA256Encrypt(account.password + user.Salt);
// 檢查密碼對不對
if (!encryptPassword.Equals(user.Password))
{
return(Json(new ResponseModel(-1, "Password error")));
}
return(Json(new ResponseModel(account)));
}
/// <summary>
/// 新增帳號
/// </summary>
/// <param name="account"></param>
/// <returns></returns>
public int AddUser(AccountForm account)
{
// 取得字尾
string salt = PasswordTools.GetRandomString(10);
// 取得加密字串
string encryptPassword = PasswordTools.GetSHA256Encrypt(account.password + salt);
UserData userData = new UserData()
{
Account = account.account,
Password = encryptPassword,
Salt = salt
};
string sqlStatement = " insert into TB_User (Account, Password, Salt, CreateDate, Status) " +
" values (@Account, @Password, @Salt, now(), 1)";
return(_databaseService.Insert(
new DatabaseObject(_dbConfig.GetLocalDBConnStr(), sqlStatement, userData)));
}