using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using JiepeiWMS.AuthHelper;
using JiepeiWMS.AuthHelper.OverWrite;
using JiepeiWMS.Common;
using JiepeiWMS.Common.Helper;
using JiepeiWMS.Extends;
using JiepeiWMS.IServices;
using JiepeiWMS.Model;
using JiepeiWMS.Model.ViewModels;
using JiepeiWMS.Services;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
namespace JiepeiWMS.Controllers
{
///
/// 登录管理【无权限】
///
[Produces("application/json")]
[Route("api/Login")]
[AllowAnonymous]
public class LoginController : Controller
{
readonly ISysUserInfoServices _sysUserInfoServices;
readonly IUserRoleServices _userRoleServices;
readonly IRoleServices _roleServices;
readonly PermissionRequirement _requirement;
private readonly IRoleModulePermissionServices _roleModulePermissionServices;
private readonly ISmsLogServices _smsLogServices;
///
/// 构造函数注入
///
///
///
///
///
///
///
public LoginController(ISysUserInfoServices sysUserInfoServices,
IUserRoleServices userRoleServices,
IRoleServices roleServices,
PermissionRequirement requirement,
IRoleModulePermissionServices roleModulePermissionServices,
ISmsLogServices SmsLogServices
)
{
this._sysUserInfoServices = sysUserInfoServices;
this._userRoleServices = userRoleServices;
this._roleServices = roleServices;
_requirement = requirement;
_roleModulePermissionServices = roleModulePermissionServices;
_smsLogServices = SmsLogServices;
}
#region 获取token的第1种方法
///
/// 获取JWT的方法1
///
///
///
///
[HttpGet]
[Route("Token")]
public async Task> GetJwtStr(string name, string pass)
{
string jwtStr = string.Empty;
bool suc = false;
//这里就是用户登陆以后,通过数据库去调取数据,分配权限的操作
var user = await _sysUserInfoServices.GetUserRoleNameStr(name, MD5Helper.MD5Encrypt32(pass));
if (user != null)
{
TokenModelJwt tokenModel = new TokenModelJwt { Uid = 1, Role = user };
jwtStr = JwtHelper.IssueJwt(tokenModel);
suc = true;
}
else
{
jwtStr = "login fail!!!";
}
return new MessageModel()
{
success = suc,
msg = suc ? "获取成功" : "获取失败",
response = jwtStr
};
}
///
/// 获取JWT的方法2:给Nuxt提供
///
///
///
///
[HttpGet]
[Route("GetTokenNuxt")]
public MessageModel GetJwtStrForNuxt(string name, string pass)
{
string jwtStr = string.Empty;
bool suc = false;
//这里就是用户登陆以后,通过数据库去调取数据,分配权限的操作
//这里直接写死了
if (name == "admins" && pass == "admins")
{
TokenModelJwt tokenModel = new TokenModelJwt
{
Uid = 1,
Role = "Admin"
};
jwtStr = JwtHelper.IssueJwt(tokenModel);
suc = true;
}
else
{
jwtStr = "login fail!!!";
}
var result = new
{
data = new { success = suc, token = jwtStr }
};
return new MessageModel()
{
success = suc,
msg = suc ? "获取成功" : "获取失败",
response = jwtStr
};
}
#endregion
///
/// 获取JWT的方法3:整个系统主要方法
///
///
///
///
///
[HttpGet]
[Route("JWTToken3.0")]
public async Task> GetJwtToken3(string name = "", string pass = "", string VCode = "")
{
string jwtStr = string.Empty;
if (string.IsNullOrEmpty(name) || string.IsNullOrEmpty(pass) || string.IsNullOrEmpty(VCode))
{
return new MessageModel()
{
success = false,
msg = "用户名或密码、验证码不能为空",
};
}
var userlist = await _sysUserInfoServices.Query(u => u.uLoginName == name || u.JobNo == name);
var userverfiy = userlist.FirstOrDefault();
string sessionCode = HttpContext.Session.GetString("VERFIY_CODE_TOKEN");
string sessionsmscode = HttpContext.Session.GetString("SID_WEBMANAGER_LOGIN_SMSVALIDATE_CODE");
if (userverfiy != null)
{
//判断是否需要手机验证码
if (!string.IsNullOrEmpty(userverfiy.Mobile) && userverfiy.Mobile.IsCanSendMobile() && userverfiy.Mobile != "15000000000")
{
if (string.IsNullOrEmpty(sessionCode) || string.Compare(VCode, sessionsmscode, true) != 0)
{
return new MessageModel()
{
success = false,
msg = "手机验证码错误,请重新输入或重新获取!",
};
}
}
else
{
//判断验证码是否输入正确
if (string.IsNullOrEmpty(sessionCode) || string.Compare(VCode, sessionCode, true) != 0)
{
return new MessageModel()
{
success = false,
msg = "验证码错误,请重新输入",
};
}
}
//验证通过之后移除验证码
HttpContext.Session.Remove("SID_WEBMANAGER_LOGIN_SMSVALIDATE_CODE");
HttpContext.Session.Remove("VERFIY_CODE_TOKEN");
}
pass = MD5Helper.MD5Encrypt32(pass);
var user = await _sysUserInfoServices.Query(d => d.uLoginName == name && d.uLoginPWD == pass && d.tdIsDelete == false);
//判断如果不是登录名就用工号登录
if (user.Count <= 0)
{
user = await _sysUserInfoServices.Query(d => d.JobNo == name && d.uLoginPWD == pass && d.tdIsDelete == false);
}
if (user.Count > 0)
{
var userRoles = await _sysUserInfoServices.GetUserRoleNameStr(name, pass);
//如果是基于用户的授权策略,这里要添加用户;如果是基于角色的授权策略,这里要添加角色
var claims = new List {
new Claim(ClaimTypes.Name, name),
new Claim(JwtRegisteredClaimNames.Jti, user.FirstOrDefault().uID.ToString()),
new Claim("SysOrgId",user.FirstOrDefault().SysOrgId.ToString()),
new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) };
claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s)));
// ids4和jwt切换
// jwt
if (!Permissions.IsUseIds4)
{
var data = await _roleModulePermissionServices.RoleModuleMaps();
var list = (from item in data
where item.IsDeleted == false
orderby item.Id
select new PermissionItem
{
Url = item.Module?.LinkUrl,
Role = item.Role?.Name.ObjToString(),
}).ToList();
_requirement.Permissions = list;
}
var token = JwtToken.BuildJwtToken(claims.ToArray(), _requirement);
return new MessageModel()
{
success = true,
msg = "获取成功",
response = token
};
}
else
{
return new MessageModel()
{
success = false,
msg = "用户名或密码错误",
};
}
}
///
/// 请求刷新Token(以旧换新)
///
///
///
[HttpGet]
[Route("RefreshToken")]
public async Task> RefreshToken(string token = "")
{
string jwtStr = string.Empty;
if (string.IsNullOrEmpty(token))
{
return new MessageModel()
{
success = false,
msg = "token无效,请重新登录!",
};
}
var tokenModel = JwtHelper.SerializeJwt(token);
if (tokenModel != null && tokenModel.Uid > 0)
{
var user = await _sysUserInfoServices.QueryById(tokenModel.Uid);
if (user != null)
{
var userRoles = await _sysUserInfoServices.GetUserRoleNameStr(user.uLoginName, user.uLoginPWD);
//如果是基于用户的授权策略,这里要添加用户;如果是基于角色的授权策略,这里要添加角色
var claims = new List {
new Claim(ClaimTypes.Name, user.uLoginName),
new Claim("SysOrgId",user.SysOrgId.ToString()),
new Claim(JwtRegisteredClaimNames.Jti, tokenModel.Uid.ObjToString()),
new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) };
claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s)));
//用户标识
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
identity.AddClaims(claims);
var refreshToken = JwtToken.BuildJwtToken(claims.ToArray(), _requirement);
return new MessageModel()
{
success = true,
msg = "获取成功",
response = refreshToken
};
}
}
return new MessageModel()
{
success = false,
msg = "认证失败!",
};
}
///
/// 获取JWT的方法4:给 JSONP 测试
///
///
///
///
///
///
///
[HttpGet]
[Route("jsonp")]
public void Getjsonp(string callBack, long id = 1, string sub = "Admin", int expiresSliding = 30, int expiresAbsoulute = 30)
{
TokenModelJwt tokenModel = new TokenModelJwt
{
Uid = id,
Role = sub
};
string jwtStr = JwtHelper.IssueJwt(tokenModel);
string response = string.Format("\"value\":\"{0}\"", jwtStr);
string call = callBack + "({" + response + "})";
Response.WriteAsync(call);
}
///
/// 测试 MD5 加密字符串
///
///
///
[HttpGet]
[Route("Md5Password")]
public string Md5Password(string password = "")
{
return MD5Helper.MD5Encrypt32(password);
}
///
/// 第三方JWT请求认证:/Login/LoginByJobNo
///
///
///
[HttpGet]
[Route("LoginByJobNo")]
public async Task> LoginByJobNo(string JWTToken = "")
{
string msg;
if (string.IsNullOrEmpty(JWTToken))
{
msg = "token无效,请重新登录";
goto ErrorResult;
}
var jwtHandler = new JwtSecurityTokenHandler();
JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(JWTToken);
object obj;
jwtToken.Payload.TryGetValue("exp", out obj);
var exp = obj == null ? string.Empty : obj.ToString();
if (string.IsNullOrEmpty(exp))
{
msg = "时间戳已过期";
goto ErrorResult;
}
DateTime dtexp = exp._ToInt64()._ToTimestampTime();
if (Math.Abs((dtexp - DateTime.Now).TotalSeconds) > 300)
{
msg = "时间戳已过期";
goto ErrorResult;
}
jwtToken.Payload.TryGetValue("JobNo", out obj);
var jobno = obj == null ? string.Empty : obj.ToString();
if (string.IsNullOrEmpty(jobno))
{
msg = "认证参数有误";
goto ErrorResult;
}
var users = await _sysUserInfoServices.Query(t => t.JobNo == jobno);
if (users.Count <= 0)
{
msg = "用户不存在";
goto ErrorResult;
}
var user = users[0];
var userRoles = await _sysUserInfoServices.GetUserRoleNameStr(user.uLoginName, user.uLoginPWD);
//如果是基于用户的授权策略,这里要添加用户;如果是基于角色的授权策略,这里要添加角色
var claims = new List {
new Claim(ClaimTypes.Name, user.uLoginName),
new Claim(JwtRegisteredClaimNames.Jti, user.uID.ObjToString()),
new Claim("SysOrgId",user.SysOrgId.ToString()),
new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) };
claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s)));
//用户标识
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
identity.AddClaims(claims);
var data = await _roleModulePermissionServices.RoleModuleMaps();
var list = (from item in data
where item.IsDeleted == false
orderby item.Id
select new PermissionItem
{
Url = item.Module?.LinkUrl,
Role = item.Role?.Name.ObjToString(),
}).ToList();
_requirement.Permissions = list;
var jjoken = JwtToken.BuildJwtToken(claims.ToArray(), _requirement);
return new MessageModel()
{
success = true,
msg = "获取成功",
response = jjoken
};
ErrorResult:
return new MessageModel()
{
success = false,
msg = msg,
};
}
///
/// 获取图形验证码
///
///
[HttpGet]
[Route("VerifyCode")]
public async Task GetVerifyCode()
{
VierificationCodeServices _vierificationCodeServices = new VierificationCodeServices();
Response.ContentType = "image/jpeg";
using (var stream = _vierificationCodeServices.Create(out string code))
{
var buffer = stream.ToArray();
// 将验证码的token放入Session
HttpContext.Session.SetString("VERFIY_CODE_TOKEN", code);
await Response.Body.WriteAsync(buffer, 0, buffer.Length);
}
}
///
/// 获取手机短信验证码
///
///
///
[HttpGet]
[Route("SendSms")]
public async Task> SendSms(string Account)
{
string result = "输入的账号不存在";
bool suc = false;
var userlist = await _sysUserInfoServices.Query(u => u.uLoginName == Account || u.JobNo == Account);
var user = userlist.FirstOrDefault();
if (user != null && user.uID > 0)
{
if (!string.IsNullOrEmpty(user.Mobile) && user.Mobile.IsCanSendMobile() && user.Mobile != "15000000000")
{
var vCode = new VierificationCodeServices();
var code = vCode.CreateValidateCode(6);
var content = "登录验证码:" + code + "。5分钟之内有效";
result = SmsHelper.Send(content, user.Mobile) ? "成功" : "失败";
if (result == "成功")
{
suc = true;
HttpContext.Session.SetString("SID_WEBMANAGER_LOGIN_SMSVALIDATE_CODE", code);
}
//添加日志
var logid = _smsLogServices.AddSmssLog(user.uID, user.Mobile, "WMS系统登录验证", content, result, "捷配", "");
}
else
{
result = "账号无需手机验证登录";
}
}
else
{
result = "输入的账号不存在";
}
return new MessageModel()
{
success = suc,
msg = suc ? "获取成功" : "获取失败",
response = result
};
}
///
/// 获取当前用户是用短信登录还是验证码登录 0验证码 1短信
///
///
///
[HttpGet]
[Route("IsSmsValid")]
public async Task> IsSmsValid(string Account)
{
int result = 1;
bool suc = false;
var userlist = await _sysUserInfoServices.Query(u => u.uLoginName == Account || u.JobNo == Account);
var user = userlist.FirstOrDefault();
if (user!=null&&user.uID>0)
{
if (string.IsNullOrEmpty(user.Mobile) || !user.Mobile.IsCanSendMobile() || user.Mobile == "15000000000")
{
result = 0;
}
suc = true;
}
else
{
result = 0;
suc = true;
}
return new MessageModel()
{
success=suc,
msg=suc?"获取成功":"获取失败",
response = result
};
}
}
}