using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.IdentityModel.Tokens; using Models; using SERVER; using System; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text; using Newtonsoft.Json; using SERVER.LIB; using System.IO; using System.Drawing; using System.Drawing.Imaging; using COMMON; using System.Linq; namespace WebUI.Controllers { [AllowAnonymous] public class LoginController : Controller { protected readonly IHttpContextAccessor _httpContextAccessor; public LoginController(IHttpContextAccessor httpContextAccessor) { _httpContextAccessor = httpContextAccessor; } [HttpPost] public IActionResult LSH_TEST(string REURL = "") { Random random = new Random(); ViewBag.ReURL = REURL; return View(); } [HttpGet] public IActionResult Index(string REURL = "") { ViewBag.ReURL = REURL; return View(); } [HttpPost] public IActionResult Logon(string userName, string pwd) { if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(pwd)) { //内网地址就 传空值 string ipaddress = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(); string UserAgent = _httpContextAccessor.HttpContext.Request.Headers["User-Agent"]; var res = SYNC_DATA.SYNC_GetUserinfo(ipaddress, UserAgent, userName, pwd); if (res.Status == 200) { string keys = res.Data.Userinfo.Uid; //+ DateTime.Now.ToString("yyyyMMddhmmssfff") + UtilsSharp.RandomHelper.NumberAndLetters(5); if (ConfigEntity.Instance.IsMore == false && XC_Redis.Redis.IsExists(keys)) { return Json(new ReturnData { IsSuccess = false, Result = "已经在其他地方登录~" }); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Nbf,$"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}") , new Claim (JwtRegisteredClaimNames.Exp,$"{new DateTimeOffset(DateTime.Now.AddMinutes(30)).ToUnixTimeSeconds()}"), new Claim(ClaimTypes.Name,keys) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtConst.Instance.SecurityKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: JwtConst.Instance.Domain, audience: JwtConst.Instance.Domain, claims: claims, expires: DateTime.Now.AddMinutes(20), signingCredentials: creds); var RES = new ReturnData { IsSuccess = true }; string toke = new JwtSecurityTokenHandler().WriteToken(token); HttpContext.Response.Cookies.Append("CurrentUser", toke); // 权限信息 同一用户 不用地点登录 共享 最后登录会更新该数据 XC_Redis.Redis.SetKey(keys, res.Data, 20); int[] rom = { new Random(int.Parse(UtilsSharp.RandomHelper.Number(4))).Next(0, toke.Length), new Random(int.Parse(UtilsSharp.RandomHelper.Number(4))).Next(0, toke.Length), new Random(int.Parse(UtilsSharp.RandomHelper.Number(4))).Next(0, toke.Length), new Random(int.Parse(UtilsSharp.RandomHelper.Number(4))).Next(0, toke.Length), }; // 当前会话用户的 标识 同账号不同地点登录区别使用 用户名 加 token 后7未 XC_Redis.Redis.SetKey(keys + toke.Substring(toke.Length-8) + "_rom", rom, 20); foreach (var item in rom) { keys += toke[item]; } return Json(RES); } else { return Json(new ReturnData { IsSuccess = false, Result = null }); } } else { return Json(new ReturnData { IsSuccess = false, Result = null }); } } } }