4 年之前 · ef882d9c0f
--- a/TEAMModelOS.SDK/Extension/JwtAuthExtension.cs
+++ b/TEAMModelOS.SDK/Extension/JwtAuthExtension.cs
@@ -15,7 +15,7 @@ namespace TEAMModelOS.SDK.Extension
 
				 {
			
 
				     public static class JwtAuthExtension
			
 
				     {
			
 
				-        public static string CreateAuthToken(string issuer, string userID, string salt, string schoolID = "",  string[] roles = null, string[] permissions = null, int expire = 1)
			
 
				+        public static string CreateAuthToken(string issuer, string userID, string salt, string schoolID = "", string[] roles = null, string[] permissions = null, int expire = 1)
			
 
				         {
			
 
				             // 設定要加入到 JWT Token 中的聲明資訊(Claims)
			
 
				             var claims = new List<Claim>();
			
@@ -26,16 +26,22 @@ namespace TEAMModelOS.SDK.Extension
 
				             claims.Add(new Claim(JwtRegisteredClaimNames.Exp, DateTimeOffset.UtcNow.AddHours(expire).ToUnixTimeSeconds().ToString())); // 到期的時間，必須為數字
			
 
				 
			
 
				             // 擴充 "roles" 加入登入者的角色，角色類型 (USER、HABOOK) 
			
 
				-            foreach (var role in roles)
			
 
				+            if (roles != null)
			
 
				             {
			
 
				-                claims.Add(new Claim("roles", role));
			
 
				+                foreach (var role in roles)
			
 
				+                {
			
 
				+                    claims.Add(new Claim("roles", role));
			
 
				+                }
			
 
				             }
			
 
				-            // 擴充 "permissions" 加入登入者的權限請求  
			
 
				 
			
 
				-            foreach (var role in permissions)
			
 
				+            // 擴充 "permissions" 加入登入者的權限請求
			
 
				+            if (permissions != null)
			
 
				             {
			
 
				-                claims.Add(new Claim("permissions", role));
			
 
				-            }           
			
 
				+                foreach (var role in permissions)
			
 
				+                {
			
 
				+                    claims.Add(new Claim("permissions", role));
			
 
				+                }
			
 
				+            }
			
 
				 
			
 
				             // 建立一組對稱式加密的金鑰，主要用於 JWT 簽章之用
			
 
				             var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(salt));
			
@@ -44,7 +50,7 @@ namespace TEAMModelOS.SDK.Extension
 
				             var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
			
 
				             // 建立 SecurityTokenDescriptor
			
 
				             var tokenDescriptor = new SecurityTokenDescriptor
			
 
				-            {                
			
 
				+            {
			
 
				                 Issuer = issuer,
			
 
				                 Subject = new ClaimsIdentity(claims),
			
 
				                 Expires = DateTime.Now.AddHours(expire),
			
--- a/TEAMModelOS/Controllers/Teacher/InitController.cs
+++ b/TEAMModelOS/Controllers/Teacher/InitController.cs
@@ -108,10 +108,7 @@ namespace TEAMModelOS.Controllers
 
				                     //Debug
			
 
				                     //string teacher = Encoding.UTF8.GetString(stream.ToArray());
			
 
				                     response = await _azureCosmos.GetCosmosClient().GetContainer("TEAMModelOSTemp", "Teacher").CreateItemStreamAsync(stream, new PartitionKey("Base"));
			
 
				-                }
			
 
				-
			
 
				-                //授權權杖
			
 
				-                string auth_token = JwtAuthExtension.CreateAuthToken(_option.HostName, id, _option.JwtSecretKey, "", new string[] { "Teacher" }, new string[] { });
			
 
				+                }            
			
 
				 
			
 
				                 //私人課程
			
 
				                 List<object> courses = new List<object>();
			
@@ -141,6 +138,8 @@ namespace TEAMModelOS.Controllers
 
				                     }
			
 
				                 }
			
 
				 
			
 
				+                var auth_token = JwtAuthExtension.CreateAuthToken(_option.HostName, id, _option.JwtSecretKey, roles: new[] { "Teacher" });
			
 
				+
			
 
				                 //取得Teacher Blob 容器位置及SAS 
			
 
				                 var container = _azureStorage.GetBlobContainerClient(id);
			
 
				                 await container.CreateIfNotExistsAsync(PublicAccessType.None); //嘗試創建Teacher私有容器，如存在則不做任何事，保障容器一定存在
			
@@ -156,11 +155,9 @@ namespace TEAMModelOS.Controllers
 
				             }
			
 
				         }
			
 
				 
			
 
				-
			
 
				         [ProducesDefaultResponseType]
			
 
				         //[AuthToken(Roles = "Teacher")]
			
 
				-        [HttpPost("get-school-info")]
			
 
				-        
			
 
				+        [HttpPost("get-school-info")]        
			
 
				         public async Task<IActionResult> GetSchoolInfo(JsonElement requert)
			
 
				         {
			
 
				             //var (id, school) = HttpContext.GetAuthTokenInfo(); //此API有設置權杖，需要取得權杖使用者id及當前學校代碼(學校不一定有)
			
@@ -188,16 +185,15 @@ namespace TEAMModelOS.Controllers
 
				             return Ok(new { courses });
			
 
				         }
			
 
				 
			
 
				-
			
 
				+        [ProducesDefaultResponseType]
			
 
				         //[AuthToken(Roles = "Teacher")]
			
 
				-        [HttpPost("get-school-list")]
			
 
				-        
			
 
				+        [HttpPost("get-school-list")]        
			
 
				         public async Task<IActionResult> GetSchoolList()
			
 
				         {
			
 
				             var client = _azureCosmos.GetCosmosClient();
			
 
				 
			
 
				             List<object> schools = new List<object>();
			
 
				-            await foreach (var item in client.GetContainer("TEAMModelOSTemp", "School").GetItemQueryStreamIterator(queryText: $"select c.id, c.name from c ", requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("Base") }))
			
 
				+            await foreach (var item in client.GetContainer("TEAMModelOSTemp", "School").GetItemQueryStreamIterator(queryText: $"select c.id, c.name,c.region,c.province,c.city from c ", requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("Base") }))
			
 
				             {
			
 
				                 using var json = await JsonDocument.ParseAsync(item.ContentStream);