abbott_2024_event/BackEnd/api/chgPassword.ashx.cs

using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Runtime.Serialization.Json;
using System.Web;
using System.Web.SessionState;
using Dapper;
using Dapper.Contrib.Extensions;
using NPOI.POIFS.EventFileSystem;

namespace abbott_2024_event.BackEnd.api
{
    /// <summary>
    /// chgPassword 的摘要描述
    /// </summary>
    public class chgPassword : IHttpHandler
    {

        SqlConnection conn = new SqlConnection(globalClass.appsettings("DBConnectionString"));
        public authToken authToken;
        public void ProcessRequest(HttpContext context)
        {
            result objRet = new result();
            DataContractJsonSerializer json = new DataContractJsonSerializer(objRet.GetType());
            context.Response.ContentType = "application/json;charset=utf-8";

            authToken = new authToken();

            if (authToken.user_isLogin == false)
            {
                HttpCookie tokenCookie = (HttpContext.Current.Request.Cookies["token"] == null) ? null : HttpContext.Current.Request.Cookies["token"];
                HttpCookie idCookie = (HttpContext.Current.Request.Cookies["id"] == null) ? null : HttpContext.Current.Request.Cookies["id"];

                HttpContext.Current.Response.Cookies["token"].Expires = DateTime.Now.AddDays(-1);

                if (tokenCookie != null)
                {
                    tokenCookie.Expires = DateTime.Now.AddDays(-10);
                    tokenCookie.Values.Clear();

                    HttpContext.Current.Response.Cookies.Set(tokenCookie);

                    HttpContext.Current.Response.Cookies.Add(new HttpCookie("token", ""));
                }



                objRet.ret = "no";
                objRet.err_code = "0001";
                objRet.message = "尚未登入，請登入後使用";
                json.WriteObject(context.Response.OutputStream, objRet);
                return;
            }


            string pwd = (context.Request["pwd"] == null) ? "" : context.Request["pwd"].ToString();

            if (pwd == "") {
                objRet.ret = "no";
                objRet.err_code = "0002";
                objRet.message = "沒有pwd資料";
                json.WriteObject(context.Response.OutputStream, objRet);
                return;
            }

            conn.Execute("update login set login_pwd = @login_pwd where login_id = @login_id", new { login_pwd = pwd, login_id = authToken.user_id });

            objRet.ret = "yes";
            json.WriteObject(context.Response.OutputStream, objRet);
            return;
        }

        public class result
        {
            public string ret = "no";
            public string err_code = "0000";
            public string message = "";
        }
        public bool IsReusable
        {
            get
            {
                return false;
            }
        }
    }
}