diff --git a/FrontendWebApi/ApiControllers/LoginController.cs b/FrontendWebApi/ApiControllers/LoginController.cs new file mode 100644 index 0000000..f15efea --- /dev/null +++ b/FrontendWebApi/ApiControllers/LoginController.cs @@ -0,0 +1,139 @@ +using FrontendWebApi.Jwt; +using FrontendWebApi.Models; +using iTextSharp.text; +using iTextSharp.text.pdf; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.Mvc; +using Microsoft.Extensions.Logging; +using Newtonsoft.Json; +using NPOI.SS.UserModel; +using NPOI.XSSF.UserModel; +using Repository.BackendRepository.Interface; +using Repository.FrontendRepository.Interface; +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Net; +using System.Threading.Tasks; + +namespace FrontendWebApi.ApiControllers +{ + public class LoginController : Controller + { + private readonly ILogger logger; + private readonly IBackendRepository backendRepository; + private readonly IFrontendRepository frontendRepository; + private readonly IJwtHelpers jwt; + //string jwt_str = "login"; + protected MyUserInfo myUserInfo = null; + protected JwtGet myUser; + protected string jwt_str = null; + protected bool jwtlife = true; + + public LoginController + ( + ILogger logger, + IBackendRepository backendRepository, + IFrontendRepository frontendRepository, + IJwtHelpers jwt + ) + { + this.logger = logger; + this.jwt = jwt; + this.backendRepository = backendRepository; + this.frontendRepository = frontendRepository; + } + + [HttpPost] + [Route("api/Login")] + public async Task>> Login([FromBody] Login login) + { + ApiResult apiResult = new ApiResult(null); + ErrorCode errorCode = new ErrorCode(); + try + { + ControllerContext.HttpContext.Response.Headers.Add("Access-Control-Allow-Origin", "*"); + EDFunction eDFunction = new EDFunction(); + + //string SHA256Pwd = eDFunction.GetSHA256Encryption(login.password); + var User = await backendRepository.GetOneAsync("userinfo", @$"account = '{login.account}' and deleted = 0"); + if (User == null) + { + apiResult.Code = "9998"; + apiResult.Msg = "查無此帳戶"; + return Ok(apiResult); + } + JwtLogin jwtLoing = new JwtLogin() + { + account = User.account, + email = User.email, + full_name = User.full_name, + userinfo_guid = User.userinfo_guid + }; + apiResult.Code = "0000"; + apiResult.Msg = "登入成功"; + apiResult.Data = jwt.GenerateToken(jwtLoing); + } + catch + { + apiResult.Code = "9999"; + return BadRequest(apiResult); + } + return Ok(apiResult); + } + + + [HttpPost] + public async Task>> CheckJwt() + { + ApiResult apiResult = new ApiResult(null); + ErrorCode errorCode = new ErrorCode(); + try + { + var ctx = ControllerContext.HttpContext; + ctx.Response.Headers.Add("Access-Control-Allow-Origin", "*"); + ctx.Response.Headers.Add("Access-Control-Allow-Headers", "*"); + ctx.Response.Headers.Add("Access-Control-Allow-Credentials", "true"); + var a = User.Claims.Select(p => new { Type = p.Type, Value = p.Value }).ToList(); + myUser = new JwtGet() + { + account = User.Claims.Where(a => a.Type == "account").Select(e => e.Value).FirstOrDefault(), + email = User.Claims.Where(a => a.Type == "email").Select(e => e.Value).FirstOrDefault(), + full_name = User.Claims.Where(a => a.Type == "full_name").Select(e => e.Value).FirstOrDefault(), + exp = User.Claims.Where(a => a.Type == "exp").Select(e => Convert.ToInt32(e.Value)).FirstOrDefault(), + nbf = User.Claims.Where(a => a.Type == "nbf").Select(e => Convert.ToInt32(e.Value)).FirstOrDefault(), + userinfo_guid = User.Claims.Where(a => a.Type == "userinfo_guid").Select(e => e.Value).FirstOrDefault(), + }; + + if (myUser.exp == 0) + { + jwt_str = "Jwt Token不合法"; + jwtlife = false; + } + else + { + //if (myUser.exp <= DateTime.Now.AddHours(-8).AddMinutes(10).Subtract(new DateTime(1970, 1, 1)).TotalSeconds) + //{ + //取得當前登入使用者資訊 + EDFunction edFunction = new EDFunction(); + HttpContext.Session.SetString("MyApiAccount", edFunction.AESEncrypt(myUser.account)); //將帳號透過AES加密 + //} + } + + apiResult.Code = "0000"; + } + catch (Exception exception) + { + apiResult.Code = "9999"; + string json = System.Text.Json.JsonSerializer.Serialize(myUser.account); + logger.LogError("【Login/Index - 登入資訊】" + json); + logger.LogError("【Login/Index】" + exception.Message); + + return Ok(apiResult); + } + + return Ok(apiResult); + } + } +} diff --git a/FrontendWebApi/ApiControllers/UserController.cs b/FrontendWebApi/ApiControllers/UserController.cs index 5dd475d..67811c5 100644 --- a/FrontendWebApi/ApiControllers/UserController.cs +++ b/FrontendWebApi/ApiControllers/UserController.cs @@ -118,11 +118,11 @@ namespace FrontendWebApi.ApiControllers { ApiResult apiResult = new ApiResult(); - UserInfo userInfo = null; + UserInfos userInfo = null; try { - userInfo = await backendRepository.GetOneAsync("userinfo", $"userinfo_guid='{post.Id.ToString()}'"); + userInfo = await backendRepository.GetOneAsync("userinfo", $"userinfo_guid='{post.Id.ToString()}'"); if (userInfo == null) { @@ -449,7 +449,7 @@ namespace FrontendWebApi.ApiControllers //檢查是否有使用者為該角色 var sWhere = $@"deleted = 0 AND role_guid = @Guid"; - var userInfos = await backendRepository.GetAllAsync("userinfo", sWhere, new { Guid = guid }); + var userInfos = await backendRepository.GetAllAsync("userinfo", sWhere, new { Guid = guid }); if (userInfos.Count > 0) { apiResult.Code = "9997"; diff --git a/FrontendWebApi/Jwt/UserInfo.cs b/FrontendWebApi/Jwt/UserInfo.cs index e90dbda..5f644ee 100644 --- a/FrontendWebApi/Jwt/UserInfo.cs +++ b/FrontendWebApi/Jwt/UserInfo.cs @@ -24,6 +24,7 @@ namespace FrontendWebApi.Models /// public string Password { get; set; } } + public class JwtLogin { public string userinfo_guid { get; set; } @@ -31,6 +32,7 @@ namespace FrontendWebApi.Models public string full_name { get; set; } public string email { get; set; } } + public class JwtGet : JwtLogin { public int nbf { get; set; } diff --git a/FrontendWebApi/Models/User.cs b/FrontendWebApi/Models/User.cs index 8ceced0..b07bada 100644 --- a/FrontendWebApi/Models/User.cs +++ b/FrontendWebApi/Models/User.cs @@ -29,7 +29,7 @@ namespace FrontendWebApi.Models Normal = 1, //正常 } - public class UserInfo : Actor + public class UserInfos : Actor { public string Userinfo_guid { get; set; } public byte Deleted { get; set; } //是否刪除