Bremen
/
Journeys_WantHome
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Journeys_WantHome/Controllers/AuthApiController.cs

923 lines
36 KiB
C#
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Newtonsoft.Json;
using Newtonsoft.Json.Linq;
using Microsoft.AspNetCore.Cors;
using Dapper;
using System.Data;
using System.Data.SqlClient;
using System.Web;
using System.Text;
using System.Net;
using System.Net.Http;
using System.Net.Http.Headers;
using Dapper.Contrib.Extensions;
using System.IO;
using System.Threading;
using System.Dynamic;
using NPOI;
using NPOI.HPSF;
using NPOI.HSSF;
using NPOI.HSSF.UserModel;
using NPOI.XSSF;
using NPOI.XSSF.UserModel;
using NPOI.POIFS;
using NPOI.Util;
using Microsoft.Extensions.Configuration;
using System.Security.Policy;
using NPOI.SS.Formula.Functions;
using static DbTableClass;
using System.Runtime.InteropServices.ObjectiveC;
using static System.Net.WebRequestMethods;
using System.Diagnostics.Eventing.Reader;
namespace Journeys_WantHome.Controllers
{
[Route("AuthApi")]
public class AuthApiController : ControllerBase
{
private readonly IHttpContextAccessor _httpContextAccessor;
DbConn dbConn = new DbConn();
SqlConnection conn = new SqlConnection(GlobalClass.appsettings("ConnectionStrings:SQLConnectionString"));
SqlConnection elabConn = new SqlConnection(GlobalClass.appsettings("ConnectionStrings:ElabConnectionString"));
public AuthApiController(IHttpContextAccessor httpContextAccessor)
{
this._httpContextAccessor = httpContextAccessor;
}
[Route("optionItemOrder")]
public ActionResult OptionItemOrder(IFormCollection obj) {
signinResult ret = new signinResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string option_uid = obj["option_uid"].ToString();
string orderJson = obj["order_json"].ToString();
if (option_uid == "")
{
ret.ret = "no";
ret.err_code = "00001";
ret.message = "無option_uid資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (orderJson == "") {
ret.ret = "no";
ret.err_code = "00002";
ret.message = "無order_json資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
dynamic orderObj;
try {
orderObj = JsonConvert.DeserializeObject<dynamic>(orderJson);
} catch (Exception ex)
{
ret.ret = "no";
ret.err_code = "00003";
ret.message = "json文字轉成物件失敗 " + ex.Message;
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
int intOrder = 1;
foreach (dynamic tmpObj in orderObj) {
string optionItem_uid = tmpObj.id;
optionItem tmpItem = conn.QueryFirstOrDefault<optionItem>("select * from optionItem where option_uid = @option_uid and optionItem_uid = @optionItem_uid", new { option_uid = option_uid, optionItem_uid = optionItem_uid});
if (tmpItem != null)
{
tmpItem.optionItem_order = intOrder;
conn.Update<optionItem>(tmpItem);
}
intOrder++;
}
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("addEditDelItem")]
public ActionResult AddEditDelItem(IFormCollection obj) {
optionItemResult ret = new optionItemResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string option_uid = obj["option_uid"].ToString();
string optionItem_uid = obj["optionItem_uid"].ToString();
string optionItem_name = obj["optionItem_name"].ToString();
string method = obj["method"].ToString();
if (option_uid == "")
{
ret.ret = "no";
ret.err_code = "00001";
ret.message = "無option_uid資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "") {
ret.ret = "no";
ret.err_code = "0002";
ret.message = "無method資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "get") {
optionItem item = conn.QueryFirstOrDefault<optionItem>("select * from optionItem where optionItem_ishide = 'N' and option_uid = @option_uid and optionItem_uid = @optionItem_uid", new { option_uid = option_uid, optionItem_uid = optionItem_uid});
if (item == null) {
ret.ret = "no";
ret.err_code = "0003";
ret.message = "無此筆資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
ret.ret = "yes";
ret.optionItem = item;
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "add") {
if (optionItem_name == "") {
ret.ret = "no";
ret.err_code = "0004";
ret.message = "無項目名稱!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
optionItem item = conn.QueryFirstOrDefault<optionItem>("select * from optionItem where optionItem_ishide = 'N' and option_uid = @option_uid and optionItem_name = @optionItem_name", new { option_uid = option_uid, optionItem_name = optionItem_name});
if (item != null)
{
ret.ret = "no";
ret.err_code = "0005";
ret.message = "此項目名稱已存在!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
List<optionItem> itemsList = conn.Query<optionItem>("select * from optionItem where optionItem_ishide = 'N' and option_uid = @option_uid", new { option_uid = option_uid}).ToList();
optionItem_uid = "item_" + GlobalClass.CreateRandomCode(8);
item = new optionItem();
item.option_uid = option_uid;
item.optionItem_uid = optionItem_uid;
item.optionItem_name = optionItem_name;
item.optionItem_ishide = "N";
item.optionItem_userId = token.user_id;
item.optionItem_order = itemsList.Count + 1;
conn.Insert(item);
ret.ret = "yes";
ret.optionItem = item;
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "edit") {
if (optionItem_name == "")
{
ret.ret = "no";
ret.err_code = "0004";
ret.message = "無項目名稱!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
optionItem item = conn.QueryFirstOrDefault<optionItem>("select * from optionItem where optionItem_ishide = 'N' and option_uid = @option_uid and optionItem_name = @optionItem_name and optionItem_uid <> @optionItem_uid", new { option_uid = option_uid, optionItem_name = optionItem_name, optionItem_uid = optionItem_uid });
if (item != null)
{
ret.ret = "no";
ret.err_code = "0005";
ret.message = "此修改後項目名稱已被使用!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
optionItem editItem = conn.QueryFirstOrDefault<optionItem>("select * from optionItem where optionItem_ishide = 'N' and option_uid = @option_uid and optionItem_uid = @optionItem_uid", new { option_uid = option_uid, optionItem_uid = optionItem_uid});
if (editItem == null) {
ret.ret = "no";
ret.err_code = "0003";
ret.message = "無此筆資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
editItem.optionItem_name = optionItem_name;
editItem.optionItem_userId = token.user_id;
editItem.optionItem_modifydate = DateTime.Now;
conn.Update(editItem);
ret.ret = "yes";
ret.optionItem = editItem;
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "del") {
optionItem editItem = conn.QueryFirstOrDefault<optionItem>("select * from optionItem where optionItem_ishide = 'N' and option_uid = @option_uid and optionItem_uid = @optionItem_uid", new { option_uid = option_uid, optionItem_uid = optionItem_uid });
if (editItem == null)
{
ret.ret = "no";
ret.err_code = "0003";
ret.message = "無此筆資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
editItem.optionItem_userId = token.user_id;
editItem.optionItem_modifydate = DateTime.Now;
editItem.optionItem_ishide = "Y";
conn.Update(editItem);
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("optionItemList")]
public ActionResult OptionItemList(IFormCollection obj) {
optionListResult ret = new optionListResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string option_uid = obj["option_uid"].ToString();
if (option_uid == "") {
ret.ret = "no";
ret.err_code = "00001";
ret.message = "無option_uid資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
ret.optionItems = conn.Query<optionItem>("select * from optionItem where optionItem_ishide = 'N' and option_uid = @option_uid order by optionItem_order ", new { option_uid = option_uid }).ToList();
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("addEditGetUser")]
public ActionResult AddEditGetUser(IFormCollection obj) {
updateUserResult ret = new updateUserResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string method = obj["method"].ToString();
if (method == "") {
ret.ret = "no";
ret.err_code = "0001";
ret.message = "沒有method參數";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "add") {
string user_type = obj["user_type"].ToString();
string user_perm = obj["user_perm"].ToString();
if (user_type == "") {
ret.ret = "no";
ret.err_code = "0002";
ret.message = "沒有user_type參數";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
//N為E白板帳號
if (user_type == "N")
{
string user_id = obj["user_elabName"].ToString();
user newUser = conn.QueryFirstOrDefault<user>("select * from users where user_id = @user_id ", new { user_id = user_id });
if (newUser != null)
{
ret.ret = "no";
ret.err_code = "0003";
ret.message = "此帳號已經存在於系統!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
new_userdata elabUser;
try
{
elabUser = elabConn.QueryFirstOrDefault<new_userdata>("select * from new_userdata where userid = @user_id", new { user_id = user_id });
}
catch (Exception ex) {
ret.ret = "no";
ret.err_code = "90001";
ret.message = ex.Message;
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (elabUser == null)
{
ret.ret = "no";
ret.err_code = "0004";
ret.message = "E白板無此帳號!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string user_uid = GlobalClass.CreateRandomCode(12);
newUser = new user();
newUser.user_uid = user_uid;
newUser.user_name = elabUser.username;
newUser.user_id = elabUser.userid;
newUser.user_email = elabUser.mail;
newUser.user_type = user_type;
newUser.user_onjob = "Y";
newUser.user_perm = user_perm;
newUser.user_ishidden = "N";
newUser.user_createdate = DateTime.Now;
if (user_perm == "")
{
ret.ret = "no";
ret.err_code = "0009";
ret.message = "無此帳號的權限設定值!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
conn.Insert(newUser);
ret.ret = "yes";
ret.user = newUser;
}
else {
string user_id = obj["user_id"].ToString();
string user_pwd = obj["user_pwd"].ToString();
string user_uid = GlobalClass.CreateRandomCode(12);
string user_name = obj["user_name"].ToString();
string user_email = obj["user_email"].ToString();
if (user_id == "") {
ret.ret = "no";
ret.err_code = "0006";
ret.message = "請輸入帳號ID!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (user_name == "")
{
ret.ret = "no";
ret.err_code = "0006";
ret.message = "請輸入帳號名稱!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (user_perm == "") {
ret.ret = "no";
ret.err_code = "0009";
ret.message = "無此帳號的權限設定值!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (GlobalClass.isEmail(user_email) == false) {
ret.ret = "no";
ret.err_code = "0007";
ret.message = "請輸入正確EMail!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
user newUser = conn.QueryFirstOrDefault<user>("select * from users where user_id = @user_id ", new { user_id = user_id });
if (newUser != null)
{
ret.ret = "no";
ret.err_code = "0003";
ret.message = "此帳號已經存在於系統!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
new_userdata elabUser = elabConn.QueryFirstOrDefault("select * from new_userdata where userid = @user_id", new { user_id = user_id });
if (elabUser != null)
{
ret.ret = "no";
ret.err_code = "0005";
ret.message = "E白板系統內有此帳號ID請換帳號或改以E白板帳號加入!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
newUser = new user();
newUser.user_uid = user_uid;
newUser.user_id = user_id;
newUser.user_name = user_name;
newUser.user_pwd = user_pwd;
newUser.user_email = user_email;
newUser.user_type = user_type;
newUser.user_onjob = "Y";
newUser.user_perm = user_perm;
newUser.user_ishidden = "N";
newUser.user_createdate = DateTime.Now;
conn.Insert(newUser);
ret.ret = "yes";
ret.user = newUser;
}
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "edit") {
string user_type = obj["user_type"].ToString();
string user_uid = obj["user_uid"].ToString();
string user_perm = obj["user_perm"].ToString();
if (user_type == "")
{
ret.ret = "no";
ret.err_code = "0002";
ret.message = "沒有user_type參數";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (user_perm == "")
{
ret.ret = "no";
ret.err_code = "0009";
ret.message = "無此帳號的權限設定值!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
user editUser = conn.QueryFirstOrDefault<user>("select * from users where user_uid = @user_uid and user_type = @user_type", new { user_uid = user_uid, user_type = user_type });
if (editUser == null) {
ret.ret = "no";
ret.err_code = "0008";
ret.message = "沒有此用戶資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
//N為E白板帳號
if (user_type == "N")
{
editUser.user_perm = user_perm;
}
else {
string user_pwd = obj["user_pwd"].ToString();
string user_name = obj["user_name"].ToString();
string user_email = obj["user_email"].ToString();
editUser.user_perm = user_perm;
if (user_name == "")
{
ret.ret = "no";
ret.err_code = "0006";
ret.message = "請輸入帳號名稱!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (GlobalClass.isEmail(user_email) == false)
{
ret.ret = "no";
ret.err_code = "0007";
ret.message = "請輸入正確EMail!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (user_pwd != "") {
editUser.user_pwd = user_pwd;
}
editUser.user_name = user_name;
editUser.user_email = user_email;
}
conn.Update<user>(editUser);
ret.ret = "yes";
ret.user = editUser;
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "del") {
string user_uid = obj["user_uid"].ToString();
user editUser = conn.QueryFirstOrDefault<user>("select * from users where user_ishidden = 'N' and user_uid = @user_uid ", new { user_uid = user_uid });
if (editUser == null)
{
ret.ret = "no";
ret.err_code = "0008";
ret.message = "沒有此用戶資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
editUser.user_ishidden = "Y";
conn.Update(editUser);
if (editUser.user_lastlogintime == "") {
conn.Delete(editUser);
}
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "get") {
string user_uid = obj["user_uid"].ToString();
user editUser = conn.QueryFirstOrDefault<user>("select * from users where user_ishidden = 'N' and user_uid = @user_uid", new { user_uid = user_uid });
if (editUser == null)
{
ret.ret = "no";
ret.err_code = "0008";
ret.message = "沒有此用戶資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
ret.ret = "yes";
ret.user = editUser;
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("elab_UserList")]
public ActionResult Elab_UserList(IFormCollection obj) {
elabUserListResult ret = new elabUserListResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
ret.userList = elabConn.Query<new_userdata>("select * from new_userdata where onjob = 0 order by usersn desc ").ToList();
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("userList")]
public ActionResult UserList(IFormCollection obj) {
userListResult ret = new userListResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system") {
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
ret.userList = conn.Query<user>("select * from users where user_ishidden = 'N' order by user_sn desc").ToList();
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("logout")]
public ActionResult Logout() {
signinResult ret = new signinResult();
authToken _objToken = new authToken(this._httpContextAccessor);
if (_objToken.user_isLogin == true)
{
string token_key = _httpContextAccessor.HttpContext.Request.Cookies["token_key"];
conn.Execute("delete token where token_key = @token_key", new { token_key = token_key});
}
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("signin")]
public ActionResult Signin(IFormCollection obj) {
signinResult ret = new signinResult();
string input_ID = obj["id"].ToString();
string input_PWD = obj["pwd"].ToString();
string input_isRemember = obj["remember"].ToString();
string sys_ID = GlobalClass.appsettings("Admin:id");
string sys_PWD = GlobalClass.Sha256(GlobalClass.appsettings("Admin:pwd"));
if (input_ID == "") {
ret.ret = "no";
ret.err_code = "0001";
ret.message = "帳號或密碼錯誤!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
//判斷是否為系統預設帳號
if (input_ID == sys_ID)
{
if (input_PWD != sys_PWD)
{
ret.ret = "no";
ret.err_code = "0001";
ret.message = "帳號或密碼錯誤!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
token adminToken = new token();
int intexpireMin = 20;
if (input_isRemember == "Y")
{
intexpireMin = 60 * 24 * 7;
}
string token_key = GlobalClass.CreateRandomCode(24);
adminToken.user_uid = GlobalClass.appsettings("Admin:uid");
adminToken.user_id = GlobalClass.appsettings("Admin:id");
adminToken.token_isremember = input_isRemember;
adminToken.token_key = token_key;
adminToken.token_createdate = DateTime.Now;
adminToken.token_expireddate = DateTime.Now.AddMinutes(intexpireMin);
conn.Insert<token>(adminToken);
CookieOptions options = new CookieOptions();
options.Secure = true;
options.Expires = DateTime.Now.AddMinutes(intexpireMin);
HttpContext.Response.Cookies.Delete("token_key");
_httpContextAccessor.HttpContext.Response.Cookies.Append("token_key", token_key, options);
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
else {
//非系統帳號
user webUser = conn.QueryFirstOrDefault<user>("select * from users where user_ishidden = 'N' and user_id = @user_id", new { user_id = input_ID});
if (webUser == null)
{
ret.ret = "no";
ret.err_code = "0002";
ret.message = "系統無此帳號!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (webUser.user_onjob == "N") {
ret.ret = "no";
ret.err_code = "0003";
ret.message = "此帳號已經離職,無法登入";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
webUser.user_lastlogintime = DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss");
if (webUser.user_type == "Y")
{
if (input_PWD != webUser.user_pwd)
{
ret.ret = "no";
ret.err_code = "0004";
ret.message = "密碼錯誤!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
}
else
{
new_userdata elabUser = elabConn.QueryFirstOrDefault<new_userdata>("select * from new_userdata where userid = @userid", new { userid = webUser.user_id });
if (input_PWD != GlobalClass.Sha256(elabUser.userpw))
{
ret.ret = "no";
ret.err_code = "0004";
ret.message = "密碼錯誤!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (elabUser.onjob == 1)
{
webUser.user_onjob = "N";
conn.Update(webUser);
ret.ret = "no";
ret.err_code = "0003";
ret.message = "此帳號已經離職,無法登入";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
}
token userToken = new token();
int intexpireMin = 20;
if (input_isRemember == "Y")
{
intexpireMin = 60 * 24 * 7;
}
string token_key = GlobalClass.CreateRandomCode(24);
userToken.user_uid = webUser.user_uid;
userToken.user_id = input_ID;
userToken.token_isremember = input_isRemember;
userToken.token_key = token_key;
userToken.token_createdate = DateTime.Now;
userToken.token_expireddate = DateTime.Now.AddMinutes(intexpireMin);
conn.Insert<token>(userToken);
conn.Update<user>(webUser);
CookieOptions options = new CookieOptions();
options.Secure = true;
options.Expires = DateTime.Now.AddMinutes(intexpireMin);
HttpContext.Response.Cookies.Delete("token_key");
_httpContextAccessor.HttpContext.Response.Cookies.Append("token_key", token_key, options);
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
ret.ret = "no";
ret.err_code = "9999";
ret.message = "無參數錯誤";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
public class signinResult
{
public string ret = "no";
public string err_code = "0000";
public string message = "";
}
public class userListResult
{
public string ret = "no";
public string err_code = "0000";
public string message = "";
public List<user> userList = new List<user>();
}
public class elabUserListResult
{
public string ret = "no";
public string err_code = "0000";
public string message = "";
public List<new_userdata> userList = new List<new_userdata>();
}
public class updateUserResult
{
public string ret = "no";
public string err_code = "0000";
public string message = "";
public user user = new user();
}
public class optionListResult
{
public string ret = "no";
public string err_code = "0000";
public string message = "";
public List<optionItem> optionItems = new List<optionItem>();
}
public class optionItemResult
{
public string ret = "no";
public string err_code = "0000";
public string message = "";
public optionItem optionItem = new optionItem();
}
}
}
Reference in New Issue View Git Blame Copy Permalink