ibms-dome/FrontendWebApi/Controllers/LoginController.cs

using FrontendWebApi.Jwt;
using FrontendWebApi.Models;
using iTextSharp.text;
using iTextSharp.text.pdf;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
using Newtonsoft.Json;
using NPOI.SS.UserModel;
using NPOI.XSSF.UserModel;
using Repository.BackendRepository.Interface;
using Repository.FrontendRepository.Interface;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Threading.Tasks;

namespace FrontendWebApi.Controllers
{
    public class LoginController : Controller
    {
        private readonly ILogger<LoginController> logger;
        private readonly IBackendRepository backendRepository;
        private readonly IFrontendRepository frontendRepository;
        private readonly IJwtHelpers jwt;
        //string jwt_str = "login";
        protected MyUserInfo myUserInfo = null;
        protected JwtGet myUser;
        protected string jwt_str = null;
        protected bool jwtlife = true;

        public LoginController
        (
            ILogger<LoginController> logger,
            IBackendRepository backendRepository,
            IFrontendRepository frontendRepository,
            IJwtHelpers jwt
        )
        {
            this.logger = logger;
            this.jwt = jwt;
            this.backendRepository = backendRepository;
            this.frontendRepository = frontendRepository;
        }

        public IActionResult Index(string jwt)
        {
            ViewBag.jwt = jwt;
            return View();
        }

        [HttpPost]
        [Route("api/Login")]
        public async Task<ActionResult<ApiResult<TnToken>>> Login([FromBody] Login login)
        {
            ApiResult<TnToken> apiResult = new ApiResult<TnToken>(null);
            ErrorCode errorCode = new ErrorCode();
            try
            {
                ControllerContext.HttpContext.Response.Headers.Add("Access-Control-Allow-Origin", "*");
                EDFunction eDFunction = new EDFunction();
                
                //string SHA256Pwd = eDFunction.GetSHA256Encryption(login.password);
                var User = await backendRepository.GetOneAsync<User>("userinfo", @$"account = '{login.account}' and deleted = 0");
                if (User == null)
                {
                    apiResult.Code = "9998";
                    apiResult.Msg = "查無此帳戶";
                    return Ok(apiResult);
                }
                JwtLogin jwtLoing = new JwtLogin()
                {
                    account = User.account,
                    email = User.email,
                    full_name = User.full_name,
                    userinfo_guid = User.userinfo_guid
                };
                apiResult.Code = "0000";
                apiResult.Msg = "登入成功";
                apiResult.Data = jwt.GenerateToken(jwtLoing);
            }
            catch
            {
                apiResult.Code = "9999";
                return BadRequest(apiResult);
            }
            return Ok(apiResult);
        }


        [HttpPost]
        public async Task<ActionResult<ApiResult<string>>> CheckJwt()
        {
            ApiResult<string> apiResult = new ApiResult<string>(null);
            ErrorCode errorCode = new ErrorCode();
            try
            {
                var ctx = ControllerContext.HttpContext;
                ctx.Response.Headers.Add("Access-Control-Allow-Origin", "*");
                ctx.Response.Headers.Add("Access-Control-Allow-Headers", "*");
                ctx.Response.Headers.Add("Access-Control-Allow-Credentials", "true");
                var a = User.Claims.Select(p => new { Type = p.Type, Value = p.Value }).ToList();
                myUser = new JwtGet()
                {
                    account = User.Claims.Where(a => a.Type == "account").Select(e => e.Value).FirstOrDefault(),
                    email = User.Claims.Where(a => a.Type == "email").Select(e => e.Value).FirstOrDefault(),
                    full_name = User.Claims.Where(a => a.Type == "full_name").Select(e => e.Value).FirstOrDefault(),
                    exp = User.Claims.Where(a => a.Type == "exp").Select(e => Convert.ToInt32(e.Value)).FirstOrDefault(),
                    nbf = User.Claims.Where(a => a.Type == "nbf").Select(e => Convert.ToInt32(e.Value)).FirstOrDefault(),
                    userinfo_guid = User.Claims.Where(a => a.Type == "userinfo_guid").Select(e => e.Value).FirstOrDefault(),
                };

                if (myUser.exp == 0)
                {
                    jwt_str = "Jwt Token不合法";
                    jwtlife = false;
                }
                else
                {
                    //if (myUser.exp <= DateTime.Now.AddHours(-8).AddMinutes(10).Subtract(new DateTime(1970, 1, 1)).TotalSeconds)
                    //{
                        //取得當前登入使用者資訊
                        EDFunction edFunction = new EDFunction();
                        HttpContext.Session.SetString("MyApiAccount", edFunction.AESEncrypt(myUser.account)); //將帳號透過AES加密
                    //}
                }

                apiResult.Code = "0000";
            }
            catch(Exception exception)
            {
                apiResult.Code = "9999";
                string json = System.Text.Json.JsonSerializer.Serialize(myUser.account);
                logger.LogError("【Login/Index - 登入資訊】" + json);
                logger.LogError("【Login/Index】" + exception.Message);

                return Ok(apiResult);
            }

            return Ok(apiResult);
        }
    }
}