using System; using System.Collections.Generic; using System.IdentityModel.Tokens.Jwt; using System.Linq; using System.Security.Claims; using System.Threading.Tasks; using New_College.AuthHelper; using New_College.AuthHelper.OverWrite; using New_College.Common.Helper; using New_College.IServices; using New_College.Model; using New_College.Model.ViewModels; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; namespace New_College.Controllers { ///

/// 登录管理【无权限】 ///

[Produces("application/json")] [Route("api/Login")] [AllowAnonymous] public class LoginController : Controller { readonly ISysUserInfoServices _sysUserInfoServices; readonly IUserRoleServices _userRoleServices; readonly IRoleServices _roleServices; readonly PermissionRequirement _requirement; private readonly IRoleModulePermissionServices _roleModulePermissionServices; ///

/// 构造函数注入 ///

/// /// /// /// /// public LoginController(ISysUserInfoServices sysUserInfoServices, IUserRoleServices userRoleServices, IRoleServices roleServices, PermissionRequirement requirement, IRoleModulePermissionServices roleModulePermissionServices) { this._sysUserInfoServices = sysUserInfoServices; this._userRoleServices = userRoleServices; this._roleServices = roleServices; _requirement = requirement; _roleModulePermissionServices = roleModulePermissionServices; } #region 获取token的第1种方法 ///

/// 获取JWT的方法1 ///

/// /// /// [HttpGet] [Route("Token")] public async Task> GetJwtStr(string name, string pass) { string jwtStr = string.Empty; bool suc = false; //这里就是用户登陆以后，通过数据库去调取数据，分配权限的操作 var user = await _sysUserInfoServices.GetUserRoleNameStr(name, MD5Helper.MD5Encrypt32(pass)); if (user != null) { TokenModelJwt tokenModel = new TokenModelJwt { Uid = 1, Role = user }; jwtStr = JwtHelper.IssueJwt(tokenModel); suc = true; } else { jwtStr = "login fail!!!"; } return new MessageModel() { success = suc, msg = suc ? "获取成功" : "获取失败", response = jwtStr }; } ///

/// 获取JWT的方法2：给Nuxt提供 ///

/// /// /// [HttpGet] [Route("GetTokenNuxt")] public MessageModel GetJwtStrForNuxt(string name, string pass) { string jwtStr = string.Empty; bool suc = false; //这里就是用户登陆以后，通过数据库去调取数据，分配权限的操作 //这里直接写死了 if (name == "admins" && pass == "admins") { TokenModelJwt tokenModel = new TokenModelJwt { Uid = 1, Role = "Admin" }; jwtStr = JwtHelper.IssueJwt(tokenModel); suc = true; } else { jwtStr = "login fail!!!"; } var result = new { data = new { success = suc, token = jwtStr } }; return new MessageModel() { success = suc, msg = suc ? "获取成功" : "获取失败", response = jwtStr }; } #endregion ///

/// 获取JWT的方法3：整个系统主要方法 ///

/// /// /// [HttpGet] [Route("JWTToken3.0")] public async Task> GetJwtToken3(string name = "", string pass = "") { string jwtStr = string.Empty; if (string.IsNullOrEmpty(name) || string.IsNullOrEmpty(pass)) { return new MessageModel() { success = false, msg = "用户名或密码不能为空", }; } pass = MD5Helper.MD5Encrypt32(pass); var user = await _sysUserInfoServices.Query(d => d.uLoginName == name && d.uLoginPWD == pass && d.tdIsDelete == false); if (user.Count > 0) { var userRoles = await _sysUserInfoServices.GetUserRoleNameStr(name, pass); //如果是基于用户的授权策略，这里要添加用户;如果是基于角色的授权策略，这里要添加角色 var claims = new List { new Claim(ClaimTypes.Name, name), new Claim(JwtRegisteredClaimNames.Jti, user.FirstOrDefault().uID.ToString()), new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) }; claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s))); // ids4和jwt切换 // jwt if (!Permissions.IsUseIds4) { var data = await _roleModulePermissionServices.RoleModuleMaps(); var list = (from item in data where item.IsDeleted == false orderby item.Id select new PermissionItem { Url = item.Module?.LinkUrl, Role = item.Role?.Name.ObjToString(), }).ToList(); _requirement.Permissions = list; } var token = JwtToken.BuildJwtToken(claims.ToArray(), _requirement); return new MessageModel() { success = true, msg = "获取成功", response = token }; } else { return new MessageModel() { success = false, msg = "认证失败", }; } } ///

/// 请求刷新Token（以旧换新） ///

/// /// [HttpGet] [Route("RefreshToken")] public async Task> RefreshToken(string token = "") { string jwtStr = string.Empty; if (string.IsNullOrEmpty(token)) { return new MessageModel() { success = false, msg = "token无效，请重新登录！", }; } var tokenModel = JwtHelper.SerializeJwt(token); if (tokenModel != null && tokenModel.Uid > 0) { var user = await _sysUserInfoServices.QueryById(tokenModel.Uid); if (user != null) { var userRoles = await _sysUserInfoServices.GetUserRoleNameStr(user.uLoginName, user.uLoginPWD); //如果是基于用户的授权策略，这里要添加用户;如果是基于角色的授权策略，这里要添加角色 var claims = new List { new Claim(ClaimTypes.Name, user.uLoginName), new Claim(JwtRegisteredClaimNames.Jti, tokenModel.Uid.ObjToString()), new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(_requirement.Expiration.TotalSeconds).ToString()) }; claims.AddRange(userRoles.Split(',').Select(s => new Claim(ClaimTypes.Role, s))); //用户标识 var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme); identity.AddClaims(claims); var refreshToken = JwtToken.BuildJwtToken(claims.ToArray(), _requirement); return new MessageModel() { success = true, msg = "获取成功", response = refreshToken }; } } return new MessageModel() { success = false, msg = "认证失败！", }; } ///

/// 获取JWT的方法4：给 JSONP 测试 ///

/// /// /// /// /// /// [HttpGet] [Route("jsonp")] public void Getjsonp(string callBack, long id = 1, string sub = "Admin", int expiresSliding = 30, int expiresAbsoulute = 30) { TokenModelJwt tokenModel = new TokenModelJwt { Uid = id, Role = sub }; string jwtStr = JwtHelper.IssueJwt(tokenModel); string response = string.Format("\"value\":\"{0}\"", jwtStr); string call = callBack + "({" + response + "})"; Response.WriteAsync(call); } ///

/// 测试 MD5 加密字符串 ///

/// /// [HttpGet] [Route("Md5Password")] public string Md5Password(string password = "") { return MD5Helper.MD5Encrypt32(password); } } }