using Backend.Models; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Logging; using Repository.BackendRepository.Implement; using Repository.BackendRepository.Interface; using Serilog.Core; using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; namespace Backend.Controllers { public class LoginController : Controller { private readonly ILogger logger; private readonly IUserInfoRepository userInfoRepository; private readonly IBackendRepository backendRepository; public LoginController(ILogger logger, IUserInfoRepository userInfoRepository, IBackendRepository backendRepository) { this.logger = logger; this.userInfoRepository = userInfoRepository; this.backendRepository = backendRepository; } public IActionResult Index() { ViewBag.ProjectName = backendRepository.GetOneAsync("select system_key from variable where deleted = 0 and system_type = 'project_name';").Result; return View(); } /// /// 表單post提交,準備登入 /// /// /// [HttpPost] public async Task IndexAsync(LoginViewModel login) { if (!ModelState.IsValid) { return View(); } UserInfo userInfo = null; EDFunction edFunction = new EDFunction(); try { userInfo = await userInfoRepository.GetOneByAccountAsync(login.Account); if (userInfo == null) { ViewBag.errMsg = "帳號或密碼輸入錯誤"; return View(); } string SHA256Pwd = edFunction.GetSHA256Encryption(login.Password); if (string.Compare(userInfo.Password, SHA256Pwd) != 0) { ViewBag.errMsg = "帳號或密碼輸入錯誤"; return View(); } } catch (Exception ex) { ViewBag.ErrMsg = "系統內部錯誤,請聯絡管理者。"; string json = System.Text.Json.JsonSerializer.Serialize(login); logger.LogError("【Login/Index - 登入資訊】" + json); logger.LogError("【Login/Index】" + ex.Message); return View(); } HttpContext.Session.SetString("MyAccount", edFunction.AESEncrypt(userInfo.Account)); //將帳號透過AES加密 return RedirectToAction("Index", "Home"); } /// /// 登出,Action 記得別加上[Authorize],不管用戶是否登入,都可以執行SignOut /// /// public IActionResult SignOut() { HttpContext.Session.Clear(); return RedirectToAction("Index", "Login");//導至登入頁 } /// /// 忘記密碼 /// /// public IActionResult ForgotPassword() { ViewBag.ProjectName = backendRepository.GetOneAsync("select system_key from variable where deleted = 0 and system_type = 'project_name';").Result; return View("~/Views/Login/ForgotPassword.cshtml"); } /// /// 取得新密碼 /// /// /// [HttpPost] public async Task ForgotPasswordAsync(ForgotPasswordViewModel forgot) { if (!ModelState.IsValid) { return View(); } string sWhere = @"deleted = @Deleted AND email = @Email"; object param = new { Deleted = 0, Email = forgot.Email }; var user = await userInfoRepository.GetOneAsync("userinfo", sWhere, param); if (user == null) { ViewBag.errMsg = "查無此信箱"; return View(); } //隨機產生亂數 Random random = new Random((int)DateTime.Now.Ticks); const string chars = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz23456789"; string random_password = new string(Enumerable.Repeat(chars, 8).Select(s => s[random.Next(chars.Length)]).ToArray()); EDFunction edFunction = new EDFunction(); var newPassword = edFunction.GetSHA256Encryption(random_password); Dictionary updateUserPasswordDic = new Dictionary() { { "@password", newPassword}, { "@updated_at", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")}, }; await userInfoRepository.UpdateOneByCustomTable(updateUserPasswordDic, "userinfo", "userinfo_guid='" + user.Userinfo_guid + "'"); //var sendSubject = "變更密碼成功"; //var sendContent = $"您的新密碼為:{random_password}"; //List recipientEmails = new List() //{ // user.Email //}; //sendEmailService.Send(recipientEmails, sendSubject, sendContent); return RedirectToAction("Index", "Login"); } /// /// 獲取專案名稱(東別) /// /// [HttpPost] [Route("Variable/ProjectName")] public async Task> ProjectName() { ApiResult apiResult = new ApiResult(); try { var variable = await backendRepository.GetOneAsync("select * from variable where deleted = 0 and system_type = 'project_name';"); apiResult.Data = variable; apiResult.Code = "0000"; apiResult.Msg = "成功"; } catch (Exception exception) { apiResult.Code = "9999"; apiResult.Msg = "系統內部錯誤,請聯絡管理者。"; logger.LogError("【LogginController/ProjectName】" + exception.Message); } return apiResult; } } }