dk96
/
QuotationMaker
2
1
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
QuotationMaker/Controllers/AuthApiController.cs

1109 lines
42 KiB
C#
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using static DbTableClass;
using static resultClass;
using System.Data.SqlClient;
using Dapper.Contrib.Extensions;
using Dapper;
using Newtonsoft.Json;
namespace QuotationMaker.Controllers
{
[Route("AuthApi")]
public class AuthApiController : ControllerBase
{
private readonly IHttpContextAccessor _httpContextAccessor;
DbConn dbConn = new DbConn();
SqlConnection conn = new SqlConnection(GlobalClass.appsettings("ConnectionStrings:SQLConnectionString"));
SqlConnection elabConn = new SqlConnection(GlobalClass.appsettings("ConnectionStrings:ElabConnectionString"));
public AuthApiController(IHttpContextAccessor httpContextAccessor)
{
this._httpContextAccessor = httpContextAccessor;
}
[Route("addGroupUser")]
public ActionResult AddGroupUser(IFormCollection obj) {
groupUserListResult ret = new groupUserListResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string dept_uid = obj["dept_uid"].ToString();
string users_json_str = obj["users_json"].ToString();
string group_uid = obj["group_uid"].ToString();
group objGroup = conn.QueryFirstOrDefault<group>("select * from [group] where group_uid = @group_uid", new { group_uid = group_uid });
if (objGroup == null)
{
ret.ret = "no";
ret.err_code = "0003";
ret.message = "無此group_uid的群組資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
dynamic usersJsonObj;
try
{
usersJsonObj = JsonConvert.DeserializeObject(users_json_str);
}
catch (Exception ex)
{
ret.ret = "no";
ret.err_code = "0003";
ret.message = "使用者列表資料錯誤 users json error," + ex.Message;
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string nowrite_msg = "";
int userCount = 0;
foreach (dynamic item in usersJsonObj)
{
string user_uid = item.user_uid;
string user_name = item.user_name;
groupUser chk_user = conn.QueryFirstOrDefault<groupUser>("select * from groupUser where user_uid = @user_uid and dept_uid = @dept_uid", new { user_uid = user_uid, dept_uid = dept_uid });
if (chk_user == null)
{
groupUser newGU = new groupUser();
newGU.group_uid = group_uid;
newGU.user_uid = user_uid;
newGU.groupUser_uid = GlobalClass.CreateRandomCode(16);
newGU.dept_uid = dept_uid;
conn.Insert<groupUser>(newGU);
user objUser = new user();
objUser.user_uid=user_uid;
objUser.user_name=user_name;
ret.users.Add(objUser);
userCount++;
}
else
{
nowrite_msg += user_name + " 此用戶已經是其他群組的成員,故此員取消加入!\n";
}
}
ret.message = nowrite_msg;
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("delGroup")]
public ActionResult DelGroup(IFormCollection obj) {
signinResult ret = new signinResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string group_uid = obj["group_uid"].ToString();
group objGroup = conn.QueryFirstOrDefault<group>("select * from [group] where group_uid = @group_uid", new { group_uid = group_uid });
if (objGroup == null)
{
ret.ret = "no";
ret.err_code = "0003";
ret.message = "無此group_uid的群組資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
conn.Execute("delete groupUser where group_uid = @group_uid", new { group_uid = group_uid});
conn.Delete(objGroup);
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("editGroupName")]
public ActionResult EditGroupName(IFormCollection obj) {
signinResult ret = new signinResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string group_name = obj["group_name"].ToString();
string group_uid = obj["group_uid"].ToString();
group objGroup = conn.QueryFirstOrDefault<group>("select * from [group] where group_uid = @group_uid", new { group_uid = group_uid });
if (objGroup == null) {
ret.ret = "no";
ret.err_code = "0003";
ret.message = "無此group_uid的群組資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
objGroup.group_name = group_name;
conn.Update(objGroup);
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("delGroupUser")]
public ActionResult DelGroupUser(IFormCollection obj) {
signinResult ret = new signinResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string dept_uid = obj["dept_uid"].ToString();
string user_uid = obj["user_uid"].ToString();
string group_uid = obj["group_uid"].ToString();
groupUser objUser = conn.QueryFirstOrDefault<groupUser>("select * from groupUser where dept_uid = @dept_uid and user_uid = @user_uid and group_uid = @group_uid ", new { dept_uid = dept_uid, user_uid = user_uid, group_uid = group_uid });
if (objUser == null) {
ret.ret = "no";
ret.err_code = "0002";
ret.message = "此群組無此帳號可以刪除!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
conn.Delete(objUser);
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("addNewGroup")]
public ActionResult AddNewGroup(IFormCollection obj) {
groupListResult ret = new groupListResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string dept_uid = obj["dept_uid"].ToString();
string group_name = obj["group_name"].ToString();
string users_json_str = obj["users_json"].ToString();
string group_uid = GlobalClass.CreateRandomCode(10);
group newGroup = new group();
newGroup.group_uid = group_uid;
newGroup.group_name = group_name;
newGroup.dept_uid = dept_uid;
dynamic usersJsonObj;
try
{
usersJsonObj = JsonConvert.DeserializeObject(users_json_str);
}
catch (Exception ex) {
ret.ret = "no";
ret.err_code = "0003";
ret.message = "使用者列表資料錯誤 users json error," + ex.Message;
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string nowrite_msg = "";
int userCount = 0;
foreach (dynamic item in usersJsonObj) {
string user_uid = item.user_uid;
string user_name = item.user_name;
groupUser chk_user = conn.QueryFirstOrDefault<groupUser>("select * from groupUser where user_uid = @user_uid and dept_uid = @dept_uid", new { user_uid = user_uid, dept_uid = dept_uid });
if (chk_user == null)
{
groupUser newGU = new groupUser();
newGU.group_uid = group_uid;
newGU.user_uid = user_uid;
newGU.groupUser_uid = GlobalClass.CreateRandomCode(16);
newGU.dept_uid = dept_uid;
conn.Insert<groupUser>(newGU);
userCount++;
}
else {
nowrite_msg += user_name + " 此用戶已經是其他群組的成員,故此員取消加入!\n";
}
}
if (userCount == 0) {
nowrite_msg += "成員數量不得為0故取消建立群組!";
ret.ret = "no";
ret.err_code = "0007";
ret.message = nowrite_msg;
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
conn.Insert(newGroup);
ret.groups.Add(new groupDetail(newGroup));
ret.message = nowrite_msg;
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("noGroupUserList")]
public ActionResult NoGroupUserList(IFormCollection obj) {
userListResult ret = new userListResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string dept_uid = obj["dept_uid"].ToString();
if (dept_uid == "")
{
ret.ret = "no";
ret.err_code = "00002";
ret.message = "無dept_uid參數!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
List<user> userList = conn.Query<user>("select A.* from users A, userDept B where A.user_uid = B.user_uid and A.user_ishidden = 'N' and A.user_onjob= 'Y' and B.dept_uid = @dept_uid and A.user_uid not in (select user_uid from groupUser) ", new { dept_uid = dept_uid }).ToList();
ret.userList = userList;
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("authDeptList")]
public ActionResult AuthDeptList(IFormCollection obj)
{
deptListResult ret = new deptListResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string sqlString = "select * from depts order by dept_order";
if (token.user_id != GlobalClass.appsettings("Admin:id")) {
sqlString = "select * from depts where dept_uid in (select dept_uid from groupUser where user_uid = '" + token.user_uid + "' ) order by dept_order ";
}
ret.depts = conn.Query<depts>(sqlString).ToList();
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("groupList")]
public ActionResult GroupList(IFormCollection obj)
{
groupListResult ret = new groupListResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string dept_uid = obj["dept_uid"].ToString();
if (dept_uid == "") {
ret.ret = "no";
ret.err_code = "00002";
ret.message = "無dept_uid參數!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
List<group> groupList = conn.Query<group>("select * from [group] where dept_uid = @dept_uid", new { dept_uid = dept_uid}).ToList();
foreach (group objGroup in groupList)
{
ret.groups.Add(new groupDetail(objGroup));
}
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("addEditGetUser")]
public ActionResult AddEditGetUser(IFormCollection obj)
{
updateUserResult ret = new updateUserResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string method = obj["method"].ToString();
if (method == "")
{
ret.ret = "no";
ret.err_code = "0001";
ret.message = "沒有method參數";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "add")
{
string user_type = obj["user_type"].ToString();
string user_perm = obj["user_perm"].ToString();
string user_depts = obj["user_depts"].ToString().Trim(',');
string[] depts = user_depts.Split(",");
if (depts.Length == 0) {
ret.ret = "no";
ret.err_code = "0002";
ret.message = "沒有所屬單位";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (user_type == "")
{
ret.ret = "no";
ret.err_code = "0002";
ret.message = "沒有user_type參數";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
//N為E白板帳號
if (user_type == "N")
{
string user_id = obj["user_elabName"].ToString();
user newUser = conn.QueryFirstOrDefault<user>("select * from users where user_id = @user_id ", new { user_id = user_id });
if (newUser != null)
{
ret.ret = "no";
ret.err_code = "0003";
ret.message = "此帳號已經存在於系統!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
new_userdata elabUser;
try
{
elabUser = elabConn.QueryFirstOrDefault<new_userdata>("select * from new_userdata where userid = @user_id", new { user_id = user_id });
}
catch (Exception ex)
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = ex.Message;
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (elabUser == null)
{
ret.ret = "no";
ret.err_code = "0004";
ret.message = "E白板無此帳號!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
string user_uid = GlobalClass.CreateRandomCode(12);
newUser = new user();
newUser.user_uid = user_uid;
newUser.user_name = elabUser.username;
newUser.user_id = elabUser.userid;
newUser.user_email = elabUser.mail;
newUser.user_type = user_type;
newUser.user_onjob = "Y";
newUser.user_perm = user_perm;
newUser.user_ishidden = "N";
newUser.user_createdate = DateTime.Now;
if (user_perm == "")
{
ret.ret = "no";
ret.err_code = "0009";
ret.message = "無此帳號的權限設定值!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
conn.Insert(newUser);
foreach (string dept_uid in depts) {
if (dept_uid != "")
{
userDept objUserDept = new userDept();
objUserDept.user_uid = user_uid;
objUserDept.dept_uid = dept_uid;
conn.Insert<userDept>(objUserDept);
}
}
ret.ret = "yes";
ret.user = new userWithDept(newUser);
}
else
{
string user_id = obj["user_id"].ToString();
string user_pwd = obj["user_pwd"].ToString();
string user_uid = GlobalClass.CreateRandomCode(12);
string user_name = obj["user_name"].ToString();
string user_email = obj["user_email"].ToString();
if (user_id == "")
{
ret.ret = "no";
ret.err_code = "0006";
ret.message = "請輸入帳號ID!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (user_name == "")
{
ret.ret = "no";
ret.err_code = "0006";
ret.message = "請輸入帳號名稱!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (user_perm == "")
{
ret.ret = "no";
ret.err_code = "0009";
ret.message = "無此帳號的權限設定值!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (GlobalClass.isEmail(user_email) == false)
{
ret.ret = "no";
ret.err_code = "0007";
ret.message = "請輸入正確EMail!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
user newUser = conn.QueryFirstOrDefault<user>("select * from users where user_id = @user_id ", new { user_id = user_id });
if (newUser != null)
{
ret.ret = "no";
ret.err_code = "0003";
ret.message = "此帳號已經存在於系統!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
new_userdata elabUser = elabConn.QueryFirstOrDefault("select * from new_userdata where userid = @user_id", new { user_id = user_id });
if (elabUser != null)
{
ret.ret = "no";
ret.err_code = "0005";
ret.message = "E白板系統內有此帳號ID請換帳號或改以E白板帳號加入!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
newUser = new user();
newUser.user_uid = user_uid;
newUser.user_id = user_id;
newUser.user_name = user_name;
newUser.user_pwd = user_pwd;
newUser.user_email = user_email;
newUser.user_type = user_type;
newUser.user_onjob = "Y";
newUser.user_perm = user_perm;
newUser.user_ishidden = "N";
newUser.user_createdate = DateTime.Now;
conn.Insert(newUser);
foreach (string dept_uid in depts)
{
if (dept_uid != "")
{
userDept objUserDept = new userDept();
objUserDept.user_uid = user_uid;
objUserDept.dept_uid = dept_uid;
conn.Insert<userDept>(objUserDept);
}
}
ret.ret = "yes";
ret.user = new userWithDept(newUser);
}
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "edit")
{
string user_type = obj["user_type"].ToString();
string user_uid = obj["user_uid"].ToString();
string user_perm = obj["user_perm"].ToString();
string user_depts = obj["user_depts"].ToString().Trim(',');
string[] depts = user_depts.Split(",");
if (depts.Length == 0)
{
ret.ret = "no";
ret.err_code = "0002";
ret.message = "沒有所屬單位";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (user_type == "")
{
ret.ret = "no";
ret.err_code = "0002";
ret.message = "沒有user_type參數";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (user_perm == "")
{
ret.ret = "no";
ret.err_code = "0009";
ret.message = "無此帳號的權限設定值!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
user editUser = conn.QueryFirstOrDefault<user>("select * from users where user_uid = @user_uid and user_type = @user_type", new { user_uid = user_uid, user_type = user_type });
if (editUser == null)
{
ret.ret = "no";
ret.err_code = "0008";
ret.message = "沒有此用戶資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
//N為E白板帳號
if (user_type == "N")
{
editUser.user_perm = user_perm;
}
else
{
string user_pwd = obj["user_pwd"].ToString();
string user_name = obj["user_name"].ToString();
string user_email = obj["user_email"].ToString();
editUser.user_perm = user_perm;
if (user_name == "")
{
ret.ret = "no";
ret.err_code = "0006";
ret.message = "請輸入帳號名稱!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (GlobalClass.isEmail(user_email) == false)
{
ret.ret = "no";
ret.err_code = "0007";
ret.message = "請輸入正確EMail!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (user_pwd != "")
{
editUser.user_pwd = user_pwd;
}
editUser.user_name = user_name;
editUser.user_email = user_email;
}
conn.Update<user>(editUser);
conn.Execute("delete userDept where user_uid = @user_uid", new { user_uid = user_uid});
foreach (string dept_uid in depts)
{
if (dept_uid != "") {
userDept objUserDept = new userDept();
objUserDept.user_uid = user_uid;
objUserDept.dept_uid = dept_uid;
conn.Insert<userDept>(objUserDept);
}
}
ret.ret = "yes";
ret.user = new userWithDept(editUser);
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "del")
{
string user_uid = obj["user_uid"].ToString();
user editUser = conn.QueryFirstOrDefault<user>("select * from users where user_ishidden = 'N' and user_uid = @user_uid ", new { user_uid = user_uid });
if (editUser == null)
{
ret.ret = "no";
ret.err_code = "0008";
ret.message = "沒有此用戶資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
editUser.user_ishidden = "Y";
conn.Update(editUser);
if (editUser.user_lastlogintime == "")
{
conn.Delete(editUser);
}
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (method == "get")
{
string user_uid = obj["user_uid"].ToString();
user editUser = conn.QueryFirstOrDefault<user>("select * from users where user_ishidden = 'N' and user_uid = @user_uid", new { user_uid = user_uid });
if (editUser == null)
{
ret.ret = "no";
ret.err_code = "0008";
ret.message = "沒有此用戶資料!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
ret.ret = "yes";
ret.user = new userWithDept(editUser);
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("elab_UserList")]
public ActionResult Elab_UserList(IFormCollection obj)
{
elabUserListResult ret = new elabUserListResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
ret.userList = elabConn.Query<new_userdata>("select * from new_userdata where onjob = 0 order by usersn desc ").ToList();
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("userList")]
public ActionResult UserList(IFormCollection obj)
{
userListResult ret = new userListResult();
authToken token = new authToken(this._httpContextAccessor);
if (token.user_isLogin == false)
{
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "no";
ret.err_code = "99999";
ret.message = "非登入狀態!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (token.user_perm != "system")
{
ret.ret = "no";
ret.err_code = "90001";
ret.message = "此帳號無此api使用權限!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
ret.userList = conn.Query<user>("select * from users where user_ishidden = 'N' order by user_sn desc").ToList();
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("logout")]
public ActionResult Logout()
{
signinResult ret = new signinResult();
authToken _objToken = new authToken(this._httpContextAccessor);
if (_objToken.user_isLogin == true)
{
string token_key = _httpContextAccessor.HttpContext.Request.Cookies["token_key"];
conn.Execute("delete token where token_key = @token_key", new { token_key = token_key });
}
HttpContext.Response.Cookies.Delete("token_key");
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
[Route("signin")]
public ActionResult Signin(IFormCollection obj)
{
signinResult ret = new signinResult();
string input_ID = obj["id"].ToString();
string input_PWD = obj["pwd"].ToString();
string input_isRemember = obj["remember"].ToString();
string sys_ID = GlobalClass.appsettings("Admin:id");
string sys_PWD = GlobalClass.Sha256(GlobalClass.appsettings("Admin:pwd"));
if (input_ID == "")
{
ret.ret = "no";
ret.err_code = "0001";
ret.message = "帳號或密碼錯誤!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
//判斷是否為系統預設帳號
if (input_ID == sys_ID)
{
if (input_PWD != sys_PWD)
{
ret.ret = "no";
ret.err_code = "0001";
ret.message = "帳號或密碼錯誤!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
token adminToken = new token();
int intexpireMin = 20;
if (input_isRemember == "Y")
{
intexpireMin = 60 * 24 * 7;
}
string token_key = GlobalClass.CreateRandomCode(24);
adminToken.user_uid = GlobalClass.appsettings("Admin:uid");
adminToken.user_id = GlobalClass.appsettings("Admin:id");
adminToken.token_isremember = input_isRemember;
adminToken.token_key = token_key;
adminToken.token_createdate = DateTime.Now;
adminToken.token_expireddate = DateTime.Now.AddMinutes(intexpireMin);
conn.Insert<token>(adminToken);
CookieOptions options = new CookieOptions();
options.Secure = true;
options.Expires = DateTime.Now.AddMinutes(intexpireMin);
HttpContext.Response.Cookies.Delete("token_key");
_httpContextAccessor.HttpContext.Response.Cookies.Append("token_key", token_key, options);
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
else
{
//非系統帳號
user webUser = conn.QueryFirstOrDefault<user>("select * from users where user_ishidden = 'N' and user_id = @user_id", new { user_id = input_ID });
if (webUser == null)
{
ret.ret = "no";
ret.err_code = "0002";
ret.message = "系統無此帳號!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (webUser.user_onjob == "N")
{
ret.ret = "no";
ret.err_code = "0003";
ret.message = "此帳號已經離職,無法登入";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
webUser.user_lastlogintime = DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss");
if (webUser.user_type == "Y")
{
if (input_PWD != webUser.user_pwd)
{
ret.ret = "no";
ret.err_code = "0004";
ret.message = "密碼錯誤!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
}
else
{
new_userdata elabUser = elabConn.QueryFirstOrDefault<new_userdata>("select * from new_userdata where userid = @userid", new { userid = webUser.user_id });
if (input_PWD != GlobalClass.Sha256(elabUser.userpw))
{
ret.ret = "no";
ret.err_code = "0004";
ret.message = "密碼錯誤!";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
if (elabUser.onjob == 1)
{
webUser.user_onjob = "N";
conn.Update(webUser);
ret.ret = "no";
ret.err_code = "0003";
ret.message = "此帳號已經離職,無法登入";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
}
token userToken = new token();
int intexpireMin = 20;
if (input_isRemember == "Y")
{
intexpireMin = 60 * 24 * 7;
}
string token_key = GlobalClass.CreateRandomCode(24);
userToken.user_uid = webUser.user_uid;
userToken.user_id = input_ID;
userToken.token_isremember = input_isRemember;
userToken.token_key = token_key;
userToken.token_createdate = DateTime.Now;
userToken.token_expireddate = DateTime.Now.AddMinutes(intexpireMin);
conn.Insert<token>(userToken);
conn.Update<user>(webUser);
CookieOptions options = new CookieOptions();
options.Secure = true;
options.Expires = DateTime.Now.AddMinutes(intexpireMin);
HttpContext.Response.Cookies.Delete("token_key");
_httpContextAccessor.HttpContext.Response.Cookies.Append("token_key", token_key, options);
ret.ret = "yes";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
ret.ret = "no";
ret.err_code = "9999";
ret.message = "無參數錯誤";
return Content(JsonConvert.SerializeObject(ret), "application/json;charset=utf-8");
}
public class signinResult
{
public string ret = "no";
public string err_code = "0000";
public string message = "";
}
public class userListResult
{
public string ret = "no";
public string err_code = "0000";
public string message = "";
public List<user> userList = new List<user>();
}
public class elabUserListResult
{
public string ret = "no";
public string err_code = "0000";
public string message = "";
public List<new_userdata> userList = new List<new_userdata>();
}
public class updateUserResult
{
public string ret = "no";
public string err_code = "0000";
public string message = "";
public userWithDept user = new userWithDept();
}
}
}
Reference in New Issue View Git Blame Copy Permalink