using System;
|
using System.Collections.Generic;
|
using System.IdentityModel.Tokens.Jwt;
|
using System.Linq;
|
using System.Security.Claims;
|
using System.Threading.Tasks;
|
using JiepeiWMS.AuthHelper;
|
using JiepeiWMS.AuthHelper.OverWrite;
|
using JiepeiWMS.Common;
|
using JiepeiWMS.Common.Helper;
|
using JiepeiWMS.Extends;
|
using JiepeiWMS.IServices;
|
using JiepeiWMS.Model;
|
using JiepeiWMS.Model.ViewModels;
|
using JiepeiWMS.Services;
|
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
using Microsoft.AspNetCore.Authorization;
|
using Microsoft.AspNetCore.Http;
|
using Microsoft.AspNetCore.Mvc;
|
|
namespace JiepeiWMS.Controllers
|
{
|
/// <summary>
|
/// 登录管理【无权限】
|
/// </summary>
|
[Produces("application/json")]
|
[Route("api/Login")]
|
[AllowAnonymous]
|
public class LoginController : Controller
|
{
|
readonly ISysUserInfoServices _sysUserInfoServices;
|
readonly IUserRoleServices _userRoleServices;
|
readonly IRoleServices _roleServices;
|
readonly PermissionRequirement _requirement;
|
private readonly IRoleModulePermissionServices _roleModulePermissionServices;
|
private readonly ISmsLogServices _smsLogServices;
|
|
|
/// <summary>
|
/// 构造函数注入
|
/// </summary>
|
/// <param name="sysUserInfoServices"></param>
|
/// <param name="userRoleServices"></param>
|
/// <param name="roleServices"></param>
|
/// <param name="requirement"></param>
|
/// <param name="roleModulePermissionServices"></param>
|
/// <param name="SmsLogServices"></param>
|
public LoginController(ISysUserInfoServices sysUserInfoServices,
|
IUserRoleServices userRoleServices,
|
IRoleServices roleServices,
|
PermissionRequirement requirement,
|
IRoleModulePermissionServices roleModulePermissionServices,
|
ISmsLogServices SmsLogServices
|
)
|
{
|
this._sysUserInfoServices = sysUserInfoServices;
|
this._userRoleServices = userRoleServices;
|
this._roleServices = roleServices;
|
_requirement = requirement;
|
_roleModulePermissionServices = roleModulePermissionServices;
|
_smsLogServices = SmsLogServices;
|
}
|
|
|
#region 获取token的第1种方法
|
/// <summary>
|
/// 获取JWT的方法1
|
/// </summary>
|
/// <param name="name"></param>
|
/// <param name="pass"></param>
|
/// <returns></returns>
|
[HttpGet]
|
[Route("Token")]
|
public async Task<MessageModel<string>> GetJwtStr(string name, string pass)
|
{
|
string jwtStr = string.Empty;
|
bool suc = false;
|
//这里就是用户登陆以后,通过数据库去调取数据,分配权限的操作
|
|
var user = await _sysUserInfoServices.GetUserRoleNameStr(name, MD5Helper.MD5Encrypt32(pass));
|
if (user != null)
|
{
|
|
TokenModelJwt tokenModel = new TokenModelJwt { Uid = 1, Role = user };
|
|
jwtStr = JwtHelper.IssueJwt(tokenModel);
|
suc = true;
|
}
|
else
|
{
|
jwtStr = "login fail!!!";
|
}
|
|
return new MessageModel<string>()
|
{
|
success = suc,
|
msg = suc ? "获取成功" : "获取失败",
|
response = jwtStr
|
};
|
}
|
|
|
/// <summary>
|
/// 获取JWT的方法2:给Nuxt提供
|
/// </summary>
|
/// <param name="name"></param>
|
/// <param name="pass"></param>
|
/// <returns></returns>
|
[HttpGet]
|
[Route("GetTokenNuxt")]
|
public MessageModel<string> GetJwtStrForNuxt(string name, string pass)
|
{
|
string jwtStr = string.Empty;
|
bool suc = false;
|
//这里就是用户登陆以后,通过数据库去调取数据,分配权限的操作
|
//这里直接写死了
|
if (name == "admins" && pass == "admins")
|
{
|
TokenModelJwt tokenModel = new TokenModelJwt
|
{
|
Uid = 1,
|
Role = "Admin"
|
};
|
|
jwtStr = JwtHelper.IssueJwt(tokenModel);
|
suc = true;
|
}
|
else
|
{
|
jwtStr = "login fail!!!";
|
}
|
var result = new
|
{
|
data = new { success = suc, token = jwtStr }
|
};
|
|
return new MessageModel<string>()
|
{
|
success = suc,
|
msg = suc ? "获取成功" : "获取失败",
|
response = jwtStr
|
};
|
}
|
#endregion
|
|
|
|
/// <summary>
|
/// 获取JWT的方法3:整个系统主要方法
|
/// </summary>
|
/// <param name="name"></param>
|
/// <param name="pass"></param>
|
/// <param name="VCode"></param>
|
/// <returns></returns>
|
[HttpGet]
|
[Route("JWTToken3.0")]
|
public async Task<MessageModel<TokenInfoViewModel>> GetJwtToken3(string name = "", string pass = "", string VCode = "")
|
{
|
string jwtStr = string.Empty;
|
|
if (string.IsNullOrEmpty(name) || string.IsNullOrEmpty(pass) || string.IsNullOrEmpty(VCode))
|
{
|
return new MessageModel<TokenInfoViewModel>()
|
{
|
success = false,
|
msg = "用户名或密码、验证码不能为空",
|
};
|
}
|
var userlist = await _sysUserInfoServices.Query(u => u.uLoginName == name || u.JobNo == name);
|
var userverfiy = userlist.FirstOrDefault();
|
string sessionCode = HttpContext.Session.GetString("VERFIY_CODE_TOKEN");
|
string sessionsmscode = HttpContext.Session.GetString("SID_WEBMANAGER_LOGIN_SMSVALIDATE_CODE");
|
if (userverfiy != null)
|
{
|
//判断是否需要手机验证码
|
if (!string.IsNullOrEmpty(userverfiy.Mobile) && userverfiy.Mobile.IsCanSendMobile() && userverfiy.Mobile != "15000000000")
|
{
|
if (string.IsNullOrEmpty(sessionCode) || string.Compare(VCode, sessionsmscode, true) != 0)
|
{
|
return new MessageModel<TokenInfoViewModel>()
|
{
|
success = false,
|
msg = "手机验证码错误,请重新输入或重新获取!",
|
};
|
}
|
|
}
|
else
|
{
|
//判断验证码是否输入正确
|
if (string.IsNullOrEmpty(sessionCode) || string.Compare(VCode, sessionCode, true) != 0)
|
{
|
return new MessageModel<TokenInfoViewModel>()
|
{
|
success = false,
|
msg = "验证码错误,请重新输入",
|
};
|
}
|
|
}
|
//验证通过之后移除验证码
|
HttpContext.Session.Remove("SID_WEBMANAGER_LOGIN_SMSVALIDATE_CODE");
|
HttpContext.Session.Remove("VERFIY_CODE_TOKEN");
|
}
|
|
pass = MD5Helper.MD5Encrypt32(pass);
|
|
var user = await _sysUserInfoServices.Query(d => d.uLoginName == name && d.uLoginPWD == pass && d.tdIsDelete == false);
|
//判断如果不是登录名就用工号登录
|
if (user.Count <= 0)
|
{
|
user = await _sysUserInfoServices.Query(d => d.JobNo == name && d.uLoginPWD == pass && d.tdIsDelete == false);
|
}
|
if (user.Count > 0)
|
{
|
var userRoles = await _sysUserInfoServices.GetUserRoleNameStr(name, pass);
|
//如果是基于用户的授权策略,这里要添加用户;如果是基于角色的授权策略,这里要添加角色
|
var claims = new List<Claim> {
|
new Claim(ClaimTypes.Name, name),
|
new Claim(JwtRegisteredClaimNames.Jti, user.FirstOrDefault().uID.ToString()),
|
new Claim("SysOrgId",user.FirstOrDefault().SysOrgId.ToString()),
|
new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) };
|
claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s)));
|
|
|
// ids4和jwt切换
|
// jwt
|
if (!Permissions.IsUseIds4)
|
{
|
var data = await _roleModulePermissionServices.RoleModuleMaps();
|
var list = (from item in data
|
where item.IsDeleted == false
|
orderby item.Id
|
select new PermissionItem
|
{
|
Url = item.Module?.LinkUrl,
|
Role = item.Role?.Name.ObjToString(),
|
}).ToList();
|
|
_requirement.Permissions = list;
|
}
|
|
var token = JwtToken.BuildJwtToken(claims.ToArray(), _requirement);
|
return new MessageModel<TokenInfoViewModel>()
|
{
|
success = true,
|
msg = "获取成功",
|
response = token
|
};
|
}
|
else
|
{
|
return new MessageModel<TokenInfoViewModel>()
|
{
|
success = false,
|
msg = "用户名或密码错误",
|
};
|
}
|
}
|
|
/// <summary>
|
/// 请求刷新Token(以旧换新)
|
/// </summary>
|
/// <param name="token"></param>
|
/// <returns></returns>
|
[HttpGet]
|
[Route("RefreshToken")]
|
public async Task<MessageModel<TokenInfoViewModel>> RefreshToken(string token = "")
|
{
|
string jwtStr = string.Empty;
|
|
if (string.IsNullOrEmpty(token))
|
{
|
return new MessageModel<TokenInfoViewModel>()
|
{
|
success = false,
|
msg = "token无效,请重新登录!",
|
};
|
}
|
var tokenModel = JwtHelper.SerializeJwt(token);
|
if (tokenModel != null && tokenModel.Uid > 0)
|
{
|
var user = await _sysUserInfoServices.QueryById(tokenModel.Uid);
|
if (user != null)
|
{
|
var userRoles = await _sysUserInfoServices.GetUserRoleNameStr(user.uLoginName, user.uLoginPWD);
|
//如果是基于用户的授权策略,这里要添加用户;如果是基于角色的授权策略,这里要添加角色
|
var claims = new List<Claim> {
|
new Claim(ClaimTypes.Name, user.uLoginName),
|
new Claim("SysOrgId",user.SysOrgId.ToString()),
|
new Claim(JwtRegisteredClaimNames.Jti, tokenModel.Uid.ObjToString()),
|
new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) };
|
claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s)));
|
|
//用户标识
|
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
|
identity.AddClaims(claims);
|
|
var refreshToken = JwtToken.BuildJwtToken(claims.ToArray(), _requirement);
|
return new MessageModel<TokenInfoViewModel>()
|
{
|
success = true,
|
msg = "获取成功",
|
response = refreshToken
|
};
|
}
|
}
|
|
return new MessageModel<TokenInfoViewModel>()
|
{
|
success = false,
|
msg = "认证失败!",
|
};
|
}
|
|
/// <summary>
|
/// 获取JWT的方法4:给 JSONP 测试
|
/// </summary>
|
/// <param name="callBack"></param>
|
/// <param name="id"></param>
|
/// <param name="sub"></param>
|
/// <param name="expiresSliding"></param>
|
/// <param name="expiresAbsoulute"></param>
|
/// <returns></returns>
|
[HttpGet]
|
[Route("jsonp")]
|
public void Getjsonp(string callBack, long id = 1, string sub = "Admin", int expiresSliding = 30, int expiresAbsoulute = 30)
|
{
|
TokenModelJwt tokenModel = new TokenModelJwt
|
{
|
Uid = id,
|
Role = sub
|
};
|
|
string jwtStr = JwtHelper.IssueJwt(tokenModel);
|
|
string response = string.Format("\"value\":\"{0}\"", jwtStr);
|
string call = callBack + "({" + response + "})";
|
Response.WriteAsync(call);
|
}
|
|
|
/// <summary>
|
/// 测试 MD5 加密字符串
|
/// </summary>
|
/// <param name="password"></param>
|
/// <returns></returns>
|
[HttpGet]
|
[Route("Md5Password")]
|
public string Md5Password(string password = "")
|
{
|
return MD5Helper.MD5Encrypt32(password);
|
}
|
|
/// <summary>
|
/// 第三方JWT请求认证:/Login/LoginByJobNo
|
/// </summary>
|
/// <param name="JWTToken"></param>
|
/// <returns></returns>
|
[HttpGet]
|
[Route("LoginByJobNo")]
|
public async Task<MessageModel<TokenInfoViewModel>> LoginByJobNo(string JWTToken = "")
|
{
|
string msg;
|
if (string.IsNullOrEmpty(JWTToken))
|
{
|
msg = "token无效,请重新登录";
|
goto ErrorResult;
|
}
|
var jwtHandler = new JwtSecurityTokenHandler();
|
JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(JWTToken);
|
object obj;
|
jwtToken.Payload.TryGetValue("exp", out obj);
|
var exp = obj == null ? string.Empty : obj.ToString();
|
if (string.IsNullOrEmpty(exp))
|
{
|
msg = "时间戳已过期";
|
goto ErrorResult;
|
}
|
DateTime dtexp = exp._ToInt64()._ToTimestampTime();
|
if (Math.Abs((dtexp - DateTime.Now).TotalSeconds) > 300)
|
{
|
msg = "时间戳已过期";
|
goto ErrorResult;
|
}
|
jwtToken.Payload.TryGetValue("JobNo", out obj);
|
var jobno = obj == null ? string.Empty : obj.ToString();
|
if (string.IsNullOrEmpty(jobno))
|
{
|
msg = "认证参数有误";
|
goto ErrorResult;
|
}
|
var users = await _sysUserInfoServices.Query(t => t.JobNo == jobno);
|
if (users.Count <= 0)
|
{
|
msg = "用户不存在";
|
goto ErrorResult;
|
}
|
var user = users[0];
|
var userRoles = await _sysUserInfoServices.GetUserRoleNameStr(user.uLoginName, user.uLoginPWD);
|
//如果是基于用户的授权策略,这里要添加用户;如果是基于角色的授权策略,这里要添加角色
|
var claims = new List<Claim> {
|
new Claim(ClaimTypes.Name, user.uLoginName),
|
new Claim(JwtRegisteredClaimNames.Jti, user.uID.ObjToString()),
|
new Claim("SysOrgId",user.SysOrgId.ToString()),
|
new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) };
|
claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s)));
|
|
//用户标识
|
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
|
identity.AddClaims(claims);
|
|
var data = await _roleModulePermissionServices.RoleModuleMaps();
|
var list = (from item in data
|
where item.IsDeleted == false
|
orderby item.Id
|
select new PermissionItem
|
{
|
Url = item.Module?.LinkUrl,
|
Role = item.Role?.Name.ObjToString(),
|
}).ToList();
|
_requirement.Permissions = list;
|
|
var jjoken = JwtToken.BuildJwtToken(claims.ToArray(), _requirement);
|
|
return new MessageModel<TokenInfoViewModel>()
|
{
|
success = true,
|
msg = "获取成功",
|
response = jjoken
|
};
|
|
ErrorResult:
|
return new MessageModel<TokenInfoViewModel>()
|
{
|
success = false,
|
msg = msg,
|
};
|
}
|
|
/// <summary>
|
/// 获取图形验证码
|
/// </summary>
|
/// <returns></returns>
|
[HttpGet]
|
[Route("VerifyCode")]
|
public async Task GetVerifyCode()
|
{
|
VierificationCodeServices _vierificationCodeServices = new VierificationCodeServices();
|
Response.ContentType = "image/jpeg";
|
using (var stream = _vierificationCodeServices.Create(out string code))
|
{
|
var buffer = stream.ToArray();
|
|
// 将验证码的token放入Session
|
HttpContext.Session.SetString("VERFIY_CODE_TOKEN", code);
|
|
await Response.Body.WriteAsync(buffer, 0, buffer.Length);
|
}
|
}
|
|
/// <summary>
|
/// 获取手机短信验证码
|
/// </summary>
|
/// <param name="Account"></param>
|
/// <returns></returns>
|
[HttpGet]
|
[Route("SendSms")]
|
public async Task<MessageModel<string>> SendSms(string Account)
|
{
|
string result = "输入的账号不存在";
|
bool suc = false;
|
var userlist = await _sysUserInfoServices.Query(u => u.uLoginName == Account || u.JobNo == Account);
|
var user = userlist.FirstOrDefault();
|
if (user != null && user.uID > 0)
|
{
|
if (!string.IsNullOrEmpty(user.Mobile) && user.Mobile.IsCanSendMobile() && user.Mobile != "15000000000")
|
{
|
var vCode = new VierificationCodeServices();
|
var code = vCode.CreateValidateCode(6);
|
var content = "登录验证码:" + code + "。5分钟之内有效";
|
result = SmsHelper.Send(content, user.Mobile) ? "成功" : "失败";
|
if (result == "成功")
|
{
|
suc = true;
|
HttpContext.Session.SetString("SID_WEBMANAGER_LOGIN_SMSVALIDATE_CODE", code);
|
}
|
//添加日志
|
var logid = _smsLogServices.AddSmssLog(user.uID, user.Mobile, "WMS系统登录验证", content, result, "捷配", "");
|
}
|
else
|
{
|
result = "账号无需手机验证登录";
|
}
|
}
|
else
|
{
|
result = "输入的账号不存在";
|
}
|
|
return new MessageModel<string>()
|
{
|
success = suc,
|
msg = suc ? "获取成功" : "获取失败",
|
response = result
|
};
|
}
|
|
/// <summary>
|
/// 获取当前用户是用短信登录还是验证码登录 0验证码 1短信
|
/// </summary>
|
/// <param name="Account"></param>
|
/// <returns></returns>
|
[HttpGet]
|
[Route("IsSmsValid")]
|
public async Task<MessageModel<int>> IsSmsValid(string Account)
|
{
|
int result = 1;
|
bool suc = false;
|
var userlist = await _sysUserInfoServices.Query(u => u.uLoginName == Account || u.JobNo == Account);
|
var user = userlist.FirstOrDefault();
|
if (user!=null&&user.uID>0)
|
{
|
if (string.IsNullOrEmpty(user.Mobile) || !user.Mobile.IsCanSendMobile() || user.Mobile == "15000000000")
|
{
|
result = 0;
|
}
|
suc = true;
|
}
|
else
|
{
|
result = 0;
|
suc = true;
|
}
|
return new MessageModel<int>()
|
{
|
success=suc,
|
msg=suc?"获取成功":"获取失败",
|
response = result
|
};
|
}
|
|
}
|
}
|
