diff --git a/Controllers/AuthApiController.cs b/Controllers/AuthApiController.cs index 6557b0e..a40287d 100644 --- a/Controllers/AuthApiController.cs +++ b/Controllers/AuthApiController.cs @@ -42,7 +42,7 @@ namespace Journeys_WantHome.Controllers - [Route("BackEndApi")] + [Route("AuthApi")] public class AuthApiController : ControllerBase { private readonly IHttpContextAccessor _httpContextAccessor; @@ -57,8 +57,369 @@ namespace Journeys_WantHome.Controllers this._httpContextAccessor = httpContextAccessor; } + [Route("addEditGetUser")] + public ActionResult AddEditGetUser(IFormCollection obj) { + updateUserResult ret = new updateUserResult(); + + authToken token = new authToken(this._httpContextAccessor); + if (token.user_isLogin == false) + { + HttpContext.Response.Cookies.Delete("token_key"); + ret.ret = "no"; + ret.err_code = "99999"; + ret.message = "非登入狀態!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (token.user_perm != "system") + { + ret.ret = "no"; + ret.err_code = "90001"; + ret.message = "此帳號無此api使用權限!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + string method = obj["method"].ToString(); + + if (method == "") { + ret.ret = "no"; + ret.err_code = "0001"; + ret.message = "沒有method參數"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + + if (method == "add") { + string user_type = obj["user_type"].ToString(); + string user_perm = obj["user_perm"].ToString(); + + if (user_type == "") { + ret.ret = "no"; + ret.err_code = "0002"; + ret.message = "沒有user_type參數"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + //N為E白板帳號 + if (user_type == "N") + { + string user_id = obj["user_elabName"].ToString(); + + user newUser = conn.QueryFirstOrDefault("select * from users where user_id = @user_id ", new { user_id = user_id }); + + if (newUser != null) + { + ret.ret = "no"; + ret.err_code = "0003"; + ret.message = "此帳號已經存在於系統!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + + } + + new_userdata elabUser; + + try + { + elabUser = elabConn.QueryFirstOrDefault("select * from new_userdata where userid = @user_id", new { user_id = user_id }); + } + catch (Exception ex) { + ret.ret = "no"; + ret.err_code = "90001"; + ret.message = ex.Message; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + + } + + if (elabUser == null) + { + ret.ret = "no"; + ret.err_code = "0004"; + ret.message = "E白板無此帳號!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + + string user_uid = GlobalClass.CreateRandomCode(12); + newUser = new user(); + newUser.user_uid = user_uid; + newUser.user_name = elabUser.username; + newUser.user_id = elabUser.userid; + newUser.user_email = elabUser.mail; + newUser.user_type = user_type; + newUser.user_onjob = "Y"; + newUser.user_perm = user_perm; + newUser.user_ishidden = "N"; + newUser.user_createdate = DateTime.Now; + + if (user_perm == "") + { + ret.ret = "no"; + ret.err_code = "0009"; + ret.message = "無此帳號的權限設定值!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + conn.Insert(newUser); + + ret.ret = "yes"; + ret.user = newUser; + } + else { + string user_id = obj["user_id"].ToString(); + string user_pwd = obj["user_pwd"].ToString(); + string user_uid = GlobalClass.CreateRandomCode(12); + string user_name = obj["user_name"].ToString(); + string user_email = obj["user_email"].ToString(); + + + if (user_id == "") { + ret.ret = "no"; + ret.err_code = "0006"; + ret.message = "請輸入帳號ID!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (user_name == "") + { + ret.ret = "no"; + ret.err_code = "0006"; + ret.message = "請輸入帳號名稱!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (user_perm == "") { + ret.ret = "no"; + ret.err_code = "0009"; + ret.message = "無此帳號的權限設定值!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (GlobalClass.isEmail(user_email) == false) { + ret.ret = "no"; + ret.err_code = "0007"; + ret.message = "請輸入正確EMail!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + user newUser = conn.QueryFirstOrDefault("select * from users where user_id = @user_id ", new { user_id = user_id }); + + if (newUser != null) + { + ret.ret = "no"; + ret.err_code = "0003"; + ret.message = "此帳號已經存在於系統!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + new_userdata elabUser = elabConn.QueryFirstOrDefault("select * from new_userdata where userid = @user_id", new { user_id = user_id }); + + if (elabUser != null) + { + ret.ret = "no"; + ret.err_code = "0005"; + ret.message = "E白板系統內有此帳號ID,請換帳號或改以E白板帳號加入!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + + + newUser = new user(); + newUser.user_uid = user_uid; + newUser.user_id = user_id; + newUser.user_name = user_name; + newUser.user_pwd = user_pwd; + newUser.user_email = user_email; + newUser.user_type = user_type; + newUser.user_onjob = "Y"; + newUser.user_perm = user_perm; + newUser.user_ishidden = "N"; + newUser.user_createdate = DateTime.Now; + + conn.Insert(newUser); + + ret.ret = "yes"; + ret.user = newUser; + } + + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (method == "edit") { + string user_type = obj["user_type"].ToString(); + string user_uid = obj["user_uid"].ToString(); + string user_perm = obj["user_perm"].ToString(); + + if (user_type == "") + { + ret.ret = "no"; + ret.err_code = "0002"; + ret.message = "沒有user_type參數"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (user_perm == "") + { + ret.ret = "no"; + ret.err_code = "0009"; + ret.message = "無此帳號的權限設定值!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + user editUser = conn.QueryFirstOrDefault("select * from users where user_uid = @user_uid and user_type = @user_type", new { user_uid = user_uid, user_type = user_type }); + + if (editUser == null) { + ret.ret = "no"; + ret.err_code = "0008"; + ret.message = "沒有此用戶資料!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + //N為E白板帳號 + if (user_type == "N") + { + editUser.user_perm = user_perm; + } + else { + string user_pwd = obj["user_pwd"].ToString(); + string user_name = obj["user_name"].ToString(); + string user_email = obj["user_email"].ToString(); + + editUser.user_perm = user_perm; + + if (user_name == "") + { + ret.ret = "no"; + ret.err_code = "0006"; + ret.message = "請輸入帳號名稱!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (GlobalClass.isEmail(user_email) == false) + { + ret.ret = "no"; + ret.err_code = "0007"; + ret.message = "請輸入正確EMail!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (user_pwd != "") { + editUser.user_pwd = user_pwd; + } + + editUser.user_name = user_name; + editUser.user_email = user_email; + } + + conn.Update(editUser); + + ret.ret = "yes"; + ret.user = editUser; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (method == "del") { + string user_uid = obj["user_uid"].ToString(); + + + user editUser = conn.QueryFirstOrDefault("select * from users where user_ishidden = 'N' and user_uid = @user_uid ", new { user_uid = user_uid }); + + if (editUser == null) + { + ret.ret = "no"; + ret.err_code = "0008"; + ret.message = "沒有此用戶資料!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + editUser.user_ishidden = "Y"; + + conn.Update(editUser); + + if (editUser.user_lastlogintime == "") { + conn.Delete(editUser); + } + + ret.ret = "yes"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (method == "get") { + string user_uid = obj["user_uid"].ToString(); + + user editUser = conn.QueryFirstOrDefault("select * from users where user_ishidden = 'N' and user_uid = @user_uid", new { user_uid = user_uid }); + + if (editUser == null) + { + ret.ret = "no"; + ret.err_code = "0008"; + ret.message = "沒有此用戶資料!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + ret.ret = "yes"; + ret.user = editUser; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + [Route("elab_UserList")] + public ActionResult Elab_UserList(IFormCollection obj) { + elabUserListResult ret = new elabUserListResult(); + + authToken token = new authToken(this._httpContextAccessor); + if (token.user_isLogin == false) + { + HttpContext.Response.Cookies.Delete("token_key"); + ret.ret = "no"; + ret.err_code = "99999"; + ret.message = "非登入狀態!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (token.user_perm != "system") + { + ret.ret = "no"; + ret.err_code = "90001"; + ret.message = "此帳號無此api使用權限!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + ret.userList = elabConn.Query("select * from new_userdata where onjob = 0 order by usersn desc ").ToList(); + ret.ret = "yes"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + [Route("userList")] + public ActionResult UserList(IFormCollection obj) { + userListResult ret = new userListResult(); + + authToken token = new authToken(this._httpContextAccessor); + if (token.user_isLogin == false) + { + HttpContext.Response.Cookies.Delete("token_key"); + ret.ret = "no"; + ret.err_code = "99999"; + ret.message = "非登入狀態!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + if (token.user_perm != "system") { + ret.ret = "no"; + ret.err_code = "90001"; + ret.message = "此帳號無此api使用權限!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + + ret.userList = conn.Query("select * from users where user_ishidden = 'N' order by user_sn desc").ToList(); + ret.ret = "yes"; + + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + [Route("signin")] - public ActionResult Signin(FormCollection obj) { + public ActionResult Signin(IFormCollection obj) { signinResult ret = new signinResult(); string input_ID = obj["id"].ToString(); @@ -68,6 +429,13 @@ namespace Journeys_WantHome.Controllers string sys_ID = GlobalClass.appsettings("Admin:id"); string sys_PWD = GlobalClass.Sha256(GlobalClass.appsettings("Admin:pwd")); + if (input_ID == "") { + ret.ret = "no"; + ret.err_code = "0001"; + ret.message = "帳號或密碼錯誤!"; + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + //判斷是否為系統預設帳號 if (input_ID == sys_ID) { @@ -90,7 +458,8 @@ namespace Journeys_WantHome.Controllers string token_key = GlobalClass.CreateRandomCode(24); - adminToken.user_uid = GlobalClass.appsettings("Admin:id"); + adminToken.user_uid = GlobalClass.appsettings("Admin:uid"); + adminToken.user_id = GlobalClass.appsettings("Admin:id"); adminToken.token_isremember = input_isRemember; adminToken.token_key = token_key; adminToken.token_createdate = DateTime.Now; @@ -113,7 +482,7 @@ namespace Journeys_WantHome.Controllers } else { //非系統帳號 - user webUser = conn.QueryFirstOrDefault("select * from users where user_ishidden = 'N' and user_uid = @user_uid", new { user_uid = input_ID}); + user webUser = conn.QueryFirstOrDefault("select * from users where user_ishidden = 'N' and user_id = @user_id", new { user_id = input_ID}); if (webUser == null) { @@ -130,9 +499,12 @@ namespace Journeys_WantHome.Controllers return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } + webUser.user_lastlogintime = DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss"); + if (webUser.user_type == "Y") { - if (input_PWD != webUser.user_pwd) { + if (input_PWD != webUser.user_pwd) + { ret.ret = "no"; ret.err_code = "0004"; ret.message = "密碼錯誤!"; @@ -141,16 +513,18 @@ namespace Journeys_WantHome.Controllers } else { - new_userdata elabUser = elabConn.QueryFirstOrDefault("select * from new_userdata where userid = @userid", new { userid = webUser.user_id}); + new_userdata elabUser = elabConn.QueryFirstOrDefault("select * from new_userdata where userid = @userid", new { userid = webUser.user_id }); - if (input_PWD != GlobalClass.Sha256(elabUser.userpw)) { + if (input_PWD != GlobalClass.Sha256(elabUser.userpw)) + { ret.ret = "no"; ret.err_code = "0004"; ret.message = "密碼錯誤!"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } - if (elabUser.onjob == 1) { + if (elabUser.onjob == 1) + { webUser.user_onjob = "N"; conn.Update(webUser); @@ -160,41 +534,49 @@ namespace Journeys_WantHome.Controllers ret.message = "此帳號已經離職,無法登入"; return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } - - token userToken = new token(); - - int intexpireMin = 20; - - if (input_isRemember == "Y") - { - intexpireMin = 60 * 24 * 7; - } - - string token_key = GlobalClass.CreateRandomCode(24); - - userToken.user_uid = input_ID; - userToken.token_isremember = input_isRemember; - userToken.token_key = token_key; - userToken.token_createdate = DateTime.Now; - userToken.token_expireddate = DateTime.Now.AddMinutes(intexpireMin); - - conn.Insert(userToken); - - CookieOptions options = new CookieOptions(); - - options.Secure = true; - options.Expires = DateTime.Now.AddMinutes(intexpireMin); - - HttpContext.Response.Cookies.Delete("token_key"); - - _httpContextAccessor.HttpContext.Response.Cookies.Append("token_key", token_key, options); - - ret.ret = "yes"; - - return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } + + token userToken = new token(); + + int intexpireMin = 20; + + if (input_isRemember == "Y") + { + intexpireMin = 60 * 24 * 7; + } + + string token_key = GlobalClass.CreateRandomCode(24); + + userToken.user_uid = webUser.user_uid; + userToken.user_id = input_ID; + userToken.token_isremember = input_isRemember; + userToken.token_key = token_key; + userToken.token_createdate = DateTime.Now; + userToken.token_expireddate = DateTime.Now.AddMinutes(intexpireMin); + + conn.Insert(userToken); + conn.Update(webUser); + + CookieOptions options = new CookieOptions(); + + options.Secure = true; + options.Expires = DateTime.Now.AddMinutes(intexpireMin); + + HttpContext.Response.Cookies.Delete("token_key"); + + _httpContextAccessor.HttpContext.Response.Cookies.Append("token_key", token_key, options); + + ret.ret = "yes"; + + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); + } + ret.ret = "no"; + ret.err_code = "9999"; + ret.message = "無參數錯誤"; + + return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8"); } @@ -204,5 +586,29 @@ namespace Journeys_WantHome.Controllers public string err_code = "0000"; public string message = ""; } + + public class userListResult + { + public string ret = "no"; + public string err_code = "0000"; + public string message = ""; + public List userList = new List(); + } + + public class elabUserListResult + { + public string ret = "no"; + public string err_code = "0000"; + public string message = ""; + public List userList = new List(); + } + + public class updateUserResult + { + public string ret = "no"; + public string err_code = "0000"; + public string message = ""; + public user user = new user(); + } } } diff --git a/Controllers/HomeController.cs b/Controllers/HomeController.cs index 51de022..25a7060 100644 --- a/Controllers/HomeController.cs +++ b/Controllers/HomeController.cs @@ -1,4 +1,5 @@ using Journeys_WantHome.Models; +using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using System.Diagnostics; @@ -7,23 +8,71 @@ namespace Journeys_WantHome.Controllers public class HomeController : Controller { private readonly ILogger _logger; + private readonly IHttpContextAccessor _httpContextAccessor; + private authToken _objToken; - public HomeController(ILogger logger) - { + + + public HomeController(ILogger logger, IHttpContextAccessor httpContextAccessor) + { _logger = logger; - } - public IActionResult Index() + this._httpContextAccessor = httpContextAccessor; + + this._objToken = new authToken(this._httpContextAccessor); + } + + public IActionResult UserList() + { + if (checkToken() == false) + { + HttpContext.Response.Cookies.Delete("token_key"); + return Redirect("~/Root/Login"); + } + + if (this._objToken.user_perm != "system") { + return Redirect("~/"); + } + + return View(); + } + + public IActionResult Dashboard() { - return View(); + if (checkToken() == false) + { + HttpContext.Response.Cookies.Delete("token_key"); + return Redirect("~/Root/Login"); + } + + return View(); } - public IActionResult Privacy() - { - return View(); - } + public Boolean checkToken() + { + this._objToken = new authToken(this._httpContextAccessor); - [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)] + if (this._objToken.user_isLogin == false) + { + HttpContext.Response.Cookies.Delete("token_key"); + return false; + } + + @ViewData["user_name"] = this._objToken.user_name; + ViewData["user_permtype"] = "一般使用者"; + if (this._objToken.user_perm == "system") + { + ViewData["authMenu"] = "display:block;"; + ViewData["user_permtype"] = "管理者"; + } + else { + ViewData["authMenu"] = "display:none;"; + } + + return true; + } + + [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)] public IActionResult Error() { return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier }); diff --git a/Models/DbTableClass.cs b/Models/DbTableClass.cs index 74acac9..5cfd553 100644 --- a/Models/DbTableClass.cs +++ b/Models/DbTableClass.cs @@ -19,6 +19,8 @@ public class DbTableClass public string user_uid { get; set; } = ""; + public string user_id { get; set; } = ""; + public string token_isremember { get; set; } = "N"; public DateTime token_createdate { get; set; } = DateTime.Now; @@ -56,7 +58,7 @@ public class DbTableClass public DateTime user_createdate { get; set; } = DateTime.Now; - public string user_lastlogintime { get; set; } = DateTime.Now; + public string user_lastlogintime { get; set; } = ""; } @@ -73,19 +75,19 @@ public class DbTableClass public string username { get; set; } = ""; - public int? maincategoryid { get; set; } = 1; + public int maincategoryid { get; set; } = 1; - public int? subcategoryid { get; set; } = 1; + public int subcategoryid { get; set; } = 1; - public int? grade { get; set; } = 0; + public int grade { get; set; } = 0; public string mail { get; set; } = ""; public string mailto { get; set; } = ""; - public int? onjob { get; set; } = 0; + public int onjob { get; set; } = 0; - public int? permission { get; set; } = 0; + public int permission { get; set; } = 0; } diff --git a/Models/GlobalClass.cs b/Models/GlobalClass.cs index e620fc7..1776547 100644 --- a/Models/GlobalClass.cs +++ b/Models/GlobalClass.cs @@ -168,15 +168,6 @@ public static class GlobalClass return (Image)destinationImage; } - public static void sendLineMessage(string uid, string messageJson) - { - string channelAccessToken = GlobalClass.appsettings("Line:access_token"); - - var bot = new isRock.LineBot.Bot(channelAccessToken); - - bot.PushMessageWithJSON(uid, messageJson); - } - /// /// base 64字串格式的圖片轉成Image物件 /// diff --git a/Models/authToken.cs b/Models/authToken.cs index 0bfc742..7e9219d 100644 --- a/Models/authToken.cs +++ b/Models/authToken.cs @@ -13,6 +13,7 @@ using System.Data.SqlClient; using static DbTableClass; using Dapper.Contrib.Extensions; using System.Reflection.Metadata.Ecma335; +using Microsoft.Extensions.Options; public class authToken { @@ -49,12 +50,15 @@ public class authToken var tokenData = dbConn.sqlConnection().Query("select * from token where token_key = @token_key", new { token_key = token_key }); - CookieOptions cookieOptions = new CookieOptions(); + //CookieOptions cookieOptions = new CookieOptions(); + + //cookieOptions.Secure = true; + //cookieOptions.Expires = DateTime.Now.AddMinutes(intexpireMin); if (tokenData.Count() == 0) { - + _httpContextAccessor.HttpContext.Response.Cookies.Delete("token_key"); user_isLogin = false; error_msg = "not this account"; @@ -84,6 +88,16 @@ public class authToken "where token_key = @token_key", new { token_expireddate = DateTime.Now.AddMinutes(intMin), token_key = token_key }); dbConn.closeConn(); + + CookieOptions options = new CookieOptions() + { + Secure = true, + Expires = DateTime.Now.AddMinutes(intMin) + }; + + //_httpContextAccessor.HttpContext.Response.Cookies.Delete("web_token_key"); + _httpContextAccessor.HttpContext.Response.Cookies.Append("token_key", token_key, options); + return; } else { @@ -125,6 +139,16 @@ public class authToken dbConn.sqlConnection().Execute("update token set token_expireddate = @token_expireddate " + "where token_key = @token_key", new { token_expireddate = DateTime.Now.AddMinutes(intMin), token_key = token_key }); + + CookieOptions options = new CookieOptions() + { + Secure = true, + Expires = DateTime.Now.AddMinutes(intMin) + }; + + //_httpContextAccessor.HttpContext.Response.Cookies.Delete("web_token_key"); + _httpContextAccessor.HttpContext.Response.Cookies.Append("token_key", token_key, options); + dbConn.closeConn(); } diff --git a/Program.cs b/Program.cs index 5fce308..5092d37 100644 --- a/Program.cs +++ b/Program.cs @@ -26,6 +26,6 @@ app.UseAuthorization(); app.MapControllerRoute( name: "default", - pattern: "{controller=Home}/{action=Index}/{id?}"); + pattern: "{controller=Home}/{action=Dashboard}/{id?}"); app.Run(); diff --git a/Views/Home/Dashboard.cshtml b/Views/Home/Dashboard.cshtml new file mode 100644 index 0000000..121caea --- /dev/null +++ b/Views/Home/Dashboard.cshtml @@ -0,0 +1,14 @@ +@* + For more information on enabling MVC for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860 +*@ +@{ + Layout = "_LooperLayout"; +} + +@section Style { + +} + +@section Script { + +} \ No newline at end of file diff --git a/Views/Home/Index.cshtml b/Views/Home/Index.cshtml deleted file mode 100644 index d2d19bd..0000000 --- a/Views/Home/Index.cshtml +++ /dev/null @@ -1,8 +0,0 @@ -@{ - ViewData["Title"] = "Home Page"; -} - -
-

Welcome

-

Learn about building Web apps with ASP.NET Core.

-
diff --git a/Views/Home/Privacy.cshtml b/Views/Home/Privacy.cshtml deleted file mode 100644 index af4fb19..0000000 --- a/Views/Home/Privacy.cshtml +++ /dev/null @@ -1,6 +0,0 @@ -@{ - ViewData["Title"] = "Privacy Policy"; -} -

@ViewData["Title"]

- -

Use this page to detail your site's privacy policy.

diff --git a/Views/Home/UserList.cshtml b/Views/Home/UserList.cshtml new file mode 100644 index 0000000..bb0dd3d --- /dev/null +++ b/Views/Home/UserList.cshtml @@ -0,0 +1,153 @@ +@* + For more information on enabling MVC for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860 +*@ +@{ + Layout = "_LooperLayout"; +} + +@section Style { + +} + +@section Script { + + + + + +} + + +
+ +
+ + + +

系統使用者清單

+

+
+ +
+ + +
+ +
+ + + + + + + + + + + + + + + + + + + + + + +
姓名 帳號 類型 權限 上次登入 功能
姓名 帳號 類型 權限 上次登入 功能
+
+
+
+
+ + + +
+ +
\ No newline at end of file diff --git a/Views/Root/Login.cshtml b/Views/Root/Login.cshtml index d4233e6..ecb4e45 100644 --- a/Views/Root/Login.cshtml +++ b/Views/Root/Login.cshtml @@ -77,7 +77,7 @@
- +
@@ -97,8 +97,13 @@ + + - + + + + + + + +
+ + +
+ +
+ +
+ + + + + + + + + + + + + +
+ +
+ +
+ + +
+ +
+ + +
+ +
+
+
+
Beni Arisandi
Profile Logout +
Help Center Ask Forum Keyboard Shortcuts +
+
+
+
+
+
+ + + +
+ +
+ +
+ @RenderBody() +
+
+ + +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @RenderSection("Script", required: false) + + + diff --git a/appsettings.json b/appsettings.json index 1b6c924..e047cc2 100644 --- a/appsettings.json +++ b/appsettings.json @@ -7,8 +7,8 @@ }, "AllowedHosts": "*", "ConnectionStrings": { - "SQLConnectionString": "Data Source=mssql.bremen.com.tw;Initial Catalog=journeys_wanthome;User ID=journeys_wanthome;Password=2icR52n@9;Max Pool Size=100;", - "ElabConnectionString": "Data Source=mssql.bremen.com.tw;Initial Catalog=elab;User ID=elab;Password=2#2k9Vfg" + "SQLConnectionString": "Data Source=sql.bremen.com.tw;Initial Catalog=journeys_wanthome;User ID=journeys_wanthome;Password=2icR52n@9;Max Pool Size=100;", + "ElabConnectionString": "Data Source=sql.bremen.com.tw;database=elab;uid=elab;pwd=2#2k9Vfg" }, "Admin": { "uid": "system", diff --git a/wwwroot/assets/javascript/custom/dashboard.js b/wwwroot/assets/javascript/custom/dashboard.js new file mode 100644 index 0000000..0497358 --- /dev/null +++ b/wwwroot/assets/javascript/custom/dashboard.js @@ -0,0 +1,5 @@ + + +$(document).ready(function () { + +}); \ No newline at end of file diff --git a/wwwroot/assets/javascript/custom/globalJS.js b/wwwroot/assets/javascript/custom/globalJS.js new file mode 100644 index 0000000..22d56b6 --- /dev/null +++ b/wwwroot/assets/javascript/custom/globalJS.js @@ -0,0 +1,258 @@ +(function ($, document) { + (function ($) { + $.UrlParam = function (name) { + //宣告正規表達式 + var reg = new RegExp("(^|&)" + name + "=([^&]*)(&|$)"); + /* + * window.location.search 獲取URL ?之後的參數(包含問號) + * substr(1) 獲取第一個字以後的字串(就是去除掉?號) + * match(reg) 用正規表達式檢查是否符合要查詢的參數 + */ + var r = window.location.search.substr(1).match(reg); + //如果取出的參數存在則取出參數的值否則回穿null + if (r != null) return unescape(r[2]); return null; + } + })(jQuery); + + if ($.cookie) { + $.cookieKey = function (CookieName, KeyName, Value, Options) { + var reg = new RegExp("(?:([^=]+)=([^&]*)&?)", "ig"), + match = null, + matches = []; + var cookieVal = $.cookie(CookieName); + while (match = reg.exec(cookieVal)) { + if (KeyName.toLowerCase() == match[1].toLowerCase()) { + if (Value) { //we are updating, collect all values + matches.push([match[1], Value]); + } + else { + return match[2]; //we are getting, sub key found just return it + } + } + else if (Value) { //we are updating, collect all values + matches.push([match[1], match[2]]); + } + } + + if (Value) { //we are updating, update values + updatedValue = "", + sep = ""; + for (i = 0; i < matches; i++) { + updatedValue += sep + matches[i][0] + "=" + matches[i][1]; + sep = "&" + } + $.cookie(CookieName, updatedValue, Options); + } + else return null;//we are getting, value not found + } + } +})(jQuery, document); + +// 對Date的擴充套件,將 Date 轉化為指定格式的String +// 月(M)、日(d)、小時(h)、分(m)、秒(s)、季度(q) 可以用 1-2 個佔位符, +// 年(y)可以用 1-4 個佔位符,毫秒(S)只能用 1 個佔位符(是 1-3 位的數字) +// 例子: +// (new Date()).format("yyyy-MM-dd hh:mm:ss.S") ==> 2006-07-02 08:09:04.423 +// (new Date()).format("yyyy-M-d hⓜ️s.S") ==> 2006-7-2 8:9:4.18 +Date.prototype.format = function (fmt) { + var o = { + "M+": this.getMonth() + 1, //月份 + "d+": this.getDate(), //日 + "h+": this.getHours(), //小時 + "m+": this.getMinutes(), //分 + "s+": this.getSeconds(), //秒 + "q+": Math.floor((this.getMonth() + 3) / 3), //季度 + "S": this.getMilliseconds() //毫秒 + }; + if (/(y+)/.test(fmt)) fmt = fmt.replace(RegExp.$1, (this.getFullYear() + "").substr(4 - RegExp.$1.length)); + for (var k in o) + if (new RegExp("(" + k + ")").test(fmt)) fmt = fmt.replace(RegExp.$1, (RegExp.$1.length == 1) ? (o[k]) : (("00" + o[k]).substr(("" + o[k]).length))); + return fmt; +} + +Date.prototype.addSeconds = function (seconds) { + this.setSeconds(this.getSeconds() + seconds); + return this; +} + +Date.prototype.addMinutes = function (minutes) { + this.setMinutes(this.getMinutes() + minutes); + return this; +} + +Date.prototype.addHours = function (hours) { + this.setHours(this.getHours() + hours); + return this; +} + +Date.prototype.addDays = function (days) { + this.setDate(this.getDate() + days); + return this; +} + +Date.prototype.addMonths = function (months) { + this.setMonth(this.getMonth() + months); + return this; +} + +Date.prototype.addYears = function (years) { + this.setFullYear(this.getFullYear() + years); + return this; +} + +function diffSeconds(milliseconds) { + return Math.floor(milliseconds / 1000); +} + +function diffMinutes(milliseconds) { + return Math.floor(milliseconds / 1000 / 60); +} + +function diffHours(milliseconds) { + return Math.floor(milliseconds / 1000 / 60 / 60); +} + +function diffDays(milliseconds) { + return Math.floor(milliseconds / 1000 / 60 / 60 / 24); +} + +function padding(num, length) { + for (var len = (num + "").length; len < length; len = num.length) { + num = "0" + num; + } + return num; +} + +function clearChildren(element) { + for (var i = 0; i < element.childNodes.length; i++) { + var e = element.childNodes[i]; + if (e.tagName) switch (e.tagName.toLowerCase()) { + case 'input': + switch (e.type) { + case "radio": + case "checkbox": break; + case "button": + case "submit": + case "text": e.value = ''; break; + case "image": break; + default: if (e.type != "checkbox") { e.value = ''; }; break; + } + break; + case 'select': e.selectedIndex = 0; break; + case 'textarea': e.innerHTML = ''; break; + default: clearChildren(e); + } + } + + $(element).children().find('textarea').each(function () { + $(this).val(''); + }); + + $(element).children().find('select').each(function () { + $(this).prop('selectedIndex', 0); + }); +} + + + +$(document).ready(function () { + $('.modal').on("hidden.bs.modal", function (e) { + clearChildren(this); + if ($('.modal:visible').length) { + $('.modal-backdrop').first().css('z-index', parseInt($('.modal:visible').last().css('z-index')) - 10); + $('body').addClass('modal-open'); + } + + + }).on("show.bs.modal", function (e) { + if ($('.modal:visible').length) { + $('.modal-backdrop.in').first().css('z-index', parseInt($('.modal:visible').last().css('z-index')) + 10); + $(this).css('z-index', parseInt($('.modal-backdrop.in').first().css('z-index')) + 10); + } + }); + + (function ($) { + $.UrlParam = function (name) { + //宣告正規表達式 + var reg = new RegExp("(^|&)" + name + "=([^&]*)(&|$)"); + /* + * window.location.search 獲取URL ?之後的參數(包含問號) + * substr(1) 獲取第一個字以後的字串(就是去除掉?號) + * match(reg) 用正規表達式檢查是否符合要查詢的參數 + */ + var r = window.location.search.substr(1).match(reg); + //如果取出的參數存在則取出參數的值否則回穿null + if (r != null) return unescape(r[2]); return null; + } + })(jQuery); + +}); + + +String.prototype.isDate = function () { + var p; + var re1 = /(\d{4})[年./-](\d{1,2})[月./-](\d{1,2})[日]?$/; + var re2 = /(\d{1,2})[月./-](\d{1,2})[日./-](\d{2})[年]?$/; + var re3 = /(\d{1,2})[月./-](\d{1,2})[日./-](\d{4})[年]?$/; + if (re1.test(this)) { + p = re1.exec(this); + return new Date(p[1], p[2], p[3]); + } + if (re2.test(this)) { + p = re2.exec(this); + return new Date(p[3], p[1], p[2]); + } + if (re3.test(this)) { + p = re3.exec(this); + return new Date(p[3], p[1], p[2]); + } + return ""; +} + +String.prototype.isDigit = function () { + var s = this.Trim(); + return (s.replace(/\d/g, "").length == 0); +} + +/*** 檢查是否由數字字母和下劃線組成 ***/ +String.prototype.isAlpha = function () { + return (this.replace(/\w/g, "").length == 0); +} + +/*** 檢查是否為數 ***/ +String.prototype.isNumber = function () { + var s = this.Trim(); + return (s.search(/^[+-]?[0-9.]*$/) >= 0); +} + +/*** 返回字節數 ***/ +String.prototype.lenb = function () { + return this.replace(/[^\x00-\xff]/g, "**").length; +} + +/*** 檢查是否包含漢字 ***/ +String.prototype.isInChinese = function () { + return (this.length != this.replace(/[^\x00-\xff]/g, "**").length); +} + +/*** 刪除首尾空格 ***/ +String.prototype.Trim = function () { + return this.replace(/(^\s*)|(\s*$)/g, ""); +} +const apiUrl = '' /*** 有值的話需要斜線結尾喔 **/ + +/*** 簡單的email檢查 ***/ +String.prototype.isEmail = function () { + var strr; + var mail = this; + var re = /(\w+@\w+\.\w+)(\.{0,1}\w*)(\.{0,1}\w*)/i; + re.exec(mail); + if (RegExp.$3 != "" && RegExp.$3 != "." && RegExp.$2 != ".") + strr = RegExp.$1 + RegExp.$2 + RegExp.$3; + else + if (RegExp.$2 != "" && RegExp.$2 != ".") + strr = RegExp.$1 + RegExp.$2; + else + strr = RegExp.$1; + return (strr == mail); +} \ No newline at end of file diff --git a/wwwroot/assets/javascript/custom/login.js b/wwwroot/assets/javascript/custom/login.js new file mode 100644 index 0000000..164f3a4 --- /dev/null +++ b/wwwroot/assets/javascript/custom/login.js @@ -0,0 +1,63 @@ +$(document).ready(function () { + if ($.UrlParam("isLogout") != "true") { + if ($.cookie("token_key") != null) { + if ($.cookie("token_key") != "") { + location.href = "../"; + alert("has token_key value :" + $.cookie("token_key")); + } + + } + } + + + $("#loginBtn").click(function () { + var id = $("#inputUser").val(); + var pwd = $("#inputPassword").val(); + var remember = "N"; + + if ($("#remember-me").prop("checked")) { + remember = "Y"; + } + + var err_msg = ""; + + if (id === "") { + err_msg += "請輸入帳號!\n"; + } + + if (pwd === "") { + err_msg += "請輸入密碼!\n"; + } + + if (err_msg !== "") { + alert(err_msg); + return; + } + + pwd = sha256_digest(pwd); + + var formData = { + id: id, + pwd: pwd, + remember: remember + } + + $.ajax({ + url: "/AuthApi/signin", + type: "POST", + data: formData, + success: function (data, textStatus, jqXHR) { + if (data.ret == "yes") { + location.href = "/Home/Dashboard"; + //location.href = "/BackEnd/nounsList"; + + } else { + alert(data.message); + } + }, + error: function (jqXHR, textStatus, errorThrown) { + alert('網路或伺服器發生錯誤,請稍後重試!'); + } + }); + }); +}); \ No newline at end of file diff --git a/wwwroot/assets/javascript/custom/userlist.js b/wwwroot/assets/javascript/custom/userlist.js new file mode 100644 index 0000000..ac18c35 --- /dev/null +++ b/wwwroot/assets/javascript/custom/userlist.js @@ -0,0 +1,391 @@ +function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } } + +function _defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } + +function _createClass(Constructor, protoProps, staticProps) { if (protoProps) _defineProperties(Constructor.prototype, protoProps); if (staticProps) _defineProperties(Constructor, staticProps); return Constructor; } + +// DataTables Demo +// ============================================================= +var DataTablesResponsive = /*#__PURE__*/function () { + function DataTablesResponsive() { + _classCallCheck(this, DataTablesResponsive); + + this.init(); + } + + _createClass(DataTablesResponsive, [{ + key: "init", + value: function init() { + // event handlers + this.table = this.table(); + } + }, { + key: "table", + value: function table() { + $('#dt-responsive').DataTable({ + ajax: { + url: '/AuthApi/userList', + type: 'POST', + dataSrc: 'userList' + }, + rowId: 'user_uid', + responsive: true, + dom: "<'row'<'col-sm-12 col-md-6'l><'col-sm-12 col-md-6'f>>\n <'table-responsive'tr>\n <'row align-items-center'<'col-sm-12 col-md-5'i><'col-sm-12 col-md-7 d-flex justify-content-end'p>>", + language: { + paginate: { + previous: '', + next: '' + } + }, + columns: [{ + data: 'user_name' + }, { + data: 'user_id' + }, { + data: 'user_type' + }, { + data: 'user_perm' + }, { + data: 'user_lastlogintime' + }, { + data: 'user_uid' + }], + columnDefs: [ + { + targets: 2, + orderable: false, + searchable: false, + render: function render(data, type, row, meta) { + if (row.user_type == 'N') { + return 'E白板帳號'; + } else { + return '自建帳號'; + } + } + }, + { + targets: 3, + orderable: false, + searchable: false, + render: function render(data, type, row, meta) { + if (row.user_perm == 'user') { + return '一般使用者'; + } else { + return '系統使用者'; + } + } + }, { + targets: 5, + orderable: false, + searchable: false, + render: function render(data, type, row, meta) { + return "\n "); + } + } + + ], + initComplete: function () { + userTable = $('#dt-responsive').dataTable(); + + $('#dt-responsive').on('click', 'a', function () { + buttonClick(this); + }); + + $('#dt-responsive').on('click', 'input[name="selectedRow[]"]', function () { + checkboxClick(this); + }); + } + }); + } + }]); + + return DataTablesResponsive; +}(); + +/** + * Keep in mind that your scripts may not always be executed after the theme is completely ready, + * you might need to observe the `theme:load` event to make sure your scripts are executed after the theme is ready. + */ +var userTable; +var userRowID; +var userRowPos; +$(document).on('theme:init', function () { + new DataTablesResponsive(); +}); +function buttonClick(obj) { + + var type = obj.getAttribute('data-method'); + var uid = obj.getAttribute('data-uid'); + + + userRowID = $('#' + uid); + + userRowPos = userTable.fnGetPosition($('#' + uid)[0]); + + if (type == "edit") { + var formData = { + method: 'get', + user_uid: uid + } + + $.ajax({ + url: "/AuthApi/addEditGetUser", + type: "post", + data: formData, + success: function (data, textStatus, jqXHR) { + if (data.ret == "yes") { + var obj = data.user; + + $("#method").val('edit'); + $("#user_uid").val(obj.user_uid); + $("#user_type").val(obj.user_type).trigger('change'); + $("#user_perm").val(obj.user_perm).trigger('change'); + + if (obj.user_type == "N") { + $("#user_elabName").val(obj.user_id).trigger('change'); + + } else { + $("#user_name").val(obj.user_name).trigger('change'); + $("#user_id").val(obj.user_id).trigger('change'); + $("#user_email").val(obj.user_email).trigger('change'); + } + + + modalStatus("Y"); + $('#clientNewModal').modal('toggle'); + } else { + alert(data.message); + + if (data.err_code == "99999") { + location.href = "/Root/Login"; + } + } + }, + error: function (jqXHR, textStatus, errorThrown) { + alert('網路或伺服器發生錯誤,請稍後重試!'); + } + }); + + + } + + if (type == "del") { + if (confirm('確定刪除此筆資料?')) { + var formData = { + method: 'del', + user_uid: uid + } + + $.ajax({ + url: "/AuthApi/addEditGetUser", + type: "post", + data: formData, + success: function (data, textStatus, jqXHR) { + if (data.ret == "yes") { + var row = userTable.api().row(userRowID).remove().draw(false); + alert('刪除成功'); + + } else { + alert(data.message); + + if (data.err_code == "99999") { + location.href = "/Root/Login"; + } + } + }, + error: function (jqXHR, textStatus, errorThrown) { + alert('網路或伺服器發生錯誤,請稍後重試!'); + } + }); + } + } +} + +function modalStatus(readonly) { + if (readonly == "Y") { + $("#user_type").prop("disabled", true); + $("#user_elabName").prop("disabled", true); + $("#user_id").prop("readonly", true); + } else { + $("#user_type").prop("disabled", false); + $("#user_elabName").prop("disabled", false); + $("#user_id").prop("readonly", false); + } +} + +$(document).ready(function () { + + loadElabList(); + userTypeStatus(); + + + + $("#saveBtn").on('click', function () { + var user_uid = $("#user_uid").val(); + var user_type = $("#user_type").val(); + var method = $("#method").val(); + var user_id = $("#user_id").val(); + var user_elabName = $("#user_elabName").val(); + var user_name = $("#user_name").val(); + var user_pwd = $("#user_pwd").val(); + var user_chkpwd = $("#user_chkpwd").val(); + var user_email = $("#user_email").val(); + var user_perm = $("#user_perm").val(); + + var err_msg = ""; + + if (user_type == "N") { + if ($("#user_elabName").val() == "") { + err_msg += "請選擇要加入系統用戶的E白板帳號!\n"; + } + } else { + if (user_id == "") { + err_msg += "請輸入帳號!\n"; + } + + if (user_name == "") { + err_msg += "請輸入使用者名稱!\n"; + } + + if (user_email.isEmail == false) { + err_msg += "請輸入正確的Email!\n"; + } + + if (method == "add") { + if (user_pwd == "") { + err_msg += "請輸入密碼!\n"; + } + } + + if (user_pwd != user_chkpwd) { + err_msg += "請確認兩次密碼是否輸入正確!\n"; + } + + if (method == "edit" && user_pwd == "") { + user_pwd = ""; + } else { + user_pwd = sha256_digest(user_pwd); + } + } + + if (user_perm == "") { + err_msg += "請選擇此使用者的使用權限!\n"; + } + + if (err_msg != "") { + alert(err_msg); + return; + } + + var formData = { + user_uid: user_uid, + user_type: user_type, + method: method, + user_id: user_id, + user_elabName: user_elabName, + user_name: user_name, + user_email: user_email, + user_pwd: user_pwd, + user_perm: user_perm + } + + $.ajax({ + url: "/AuthApi/AddEditGetUser", + type: "post", + data: formData, + success: function (data, textStatus, jqXHR) { + if (data.ret == "yes") { + var obj = data.user; + + if (method == "add") { + userTable.fnAddData(obj); + alert("新增完成"); + + } + + if (method == "edit") { + userTable.fnUpdate(obj, userRowPos); + alert("修改完成"); + } + + $('#clientNewModal').modal('toggle'); + } else { + alert(data.message); + + if (data.err_code == "99999") { + location.href = "/Root/Login"; + } + } + }, + error: function (jqXHR, textStatus, errorThrown) { + + alert('網路或伺服器發生錯誤,請稍後重試!'); + } + }); + + }); + + $("#user_type").on('change', function () { + userTypeStatus(); + }); + + $('#userNewModal').on('click', function () { + $('#method').val('add'); + modalStatus("N"); + $('#clientNewModal').modal('toggle'); + }); + + function userTypeStatus() { + var user_type = $("#user_type").val(); + + if (user_type == "Y") { + $("#user_elab_div").hide(); + $("#user_name_div").show(); + $("#user_id_div").show(); + $("#user_pwd_div").show(); + $("#user_chkpwd_div").show(); + $("#user_email_div").show(); + } else { + $("#user_elab_div").show(); + $("#user_name_div").hide(); + $("#user_id_div").hide(); + $("#user_pwd_div").hide(); + $("#user_chkpwd_div").hide(); + $("#user_email_div").hide(); + } + } + + function loadElabList() { + $("#user_elabName") + .find("option") + .remove() + .end() + .append(""); + + + $.ajax({ + url: "/AuthApi/elab_UserList", + type: "post", + data: {}, + success: function (data, textStatus, jqXHR) { + if (data.ret == "yes") { + $.each(data.userList, function (i, item) { + $("#user_elabName").append($("