/// <summary>从Cookie加载用户信息</summary>
/// <param name="provider">提供者</param>
/// <param name="autologin">是否自动登录</param>
/// <param name="context">Http上下文,兼容NetCore</param>
/// <returns></returns>
public static IManageUser LoadCookie(this IManageProvider provider, Boolean autologin, HttpContext context)
{
var key = "token";
var req = context?.Request;
var token = req?.Cookies[key];
if (token.IsNullOrEmpty())
{
return(null);
}
var jwt = GetJwt();
if (!jwt.TryDecode(token, out var msg))
{
XTrace.WriteLine("令牌无效:{0}, token={1}", msg, token);
return(null);
}
var user = jwt.Subject;
if (user.IsNullOrEmpty())
{
return(null);
}
//// 判断有效期
//if (jwt.Expire < DateTime.Now)
//{
// XTrace.WriteLine("令牌过期:{0} {1}", jwt.Expire, token);
// return null;
//}
var u = provider.FindByName(user);
if (u == null || !u.Enable)
{
return(null);
}
// 保存登录信息
if (autologin && u is IAuthUser mu)
{
mu.SaveLogin(null);
LogProvider.Provider.WriteLog("用户", "自动登录", true, $"{user} Time={jwt.IssuedAt} Expire={jwt.Expire} Token={token}", u.ID, u + "", ip: context.GetUserHost());
}
return(u);
}
/// <summary>从Cookie加载用户信息</summary>
/// <param name="provider">提供者</param>
/// <param name="autologin">是否自动登录</param>
/// <param name="context">Http上下文,兼容NetCore</param>
/// <returns></returns>
public static IManageUser LoadCookie(this IManageProvider provider, Boolean autologin = true, IServiceProvider context = null)
{
var key = GetCookieKey(provider);
if (context == null)
{
context = HttpContext.Current;
}
var req = context.GetService <HttpRequest>();
var cookie = req?.Cookies[key];
if (cookie == null)
{
return(null);
}
var m = new CookieModel();
if (!m.Read(cookie, SysConfig.Current.InstallTime.ToFullString()))
{
return(null);
}
var user = HttpUtility.UrlDecode(m.UserName);
//var user = HttpUtility.UrlDecode(cookie["u"]);
//var pass = cookie["p"];
//var exp = cookie["e"].ToInt(-1);
if (user.IsNullOrEmpty() || m.Password.IsNullOrEmpty())
{
return(null);
}
// 判断有效期
//var expire = exp.ToDateTime();
if (m.Expire < DateTime.Now)
{
return(null);
}
var u = provider.FindByName(user);
if (u == null || !u.Enable)
{
return(null);
}
var mu = u as IAuthUser;
if (!m.Password.EqualIgnoreCase(mu.Password.MD5()))
{
return(null);
}
// 保存登录信息
if (autologin)
{
mu.SaveLogin(null);
LogProvider.Provider.WriteLog("用户", "自动登录", $"{user} Time={m.Time} Expire={m.Expire}", u.ID, u + "", ip: req.RequestContext.HttpContext.GetUserHost());
}
return(u);
}
/// <summary>从Cookie加载用户信息</summary>
/// <param name="provider">提供者</param>
/// <param name="autologin">是否自动登录</param>
/// <param name="context">Http上下文,兼容NetCore</param>
/// <returns></returns>
public static IManageUser LoadCookie(this IManageProvider provider, Boolean autologin, HttpContext context)
{
var key = "token";
var req = context?.Request;
var token = req?.Cookies[key];
// 尝试从url中获取token
if (token.IsNullOrEmpty() || token.Split(".").Length != 3)
{
token = req?.Query["token"];
}
if (token.IsNullOrEmpty() || token.Split(".").Length != 3)
{
token = req?.Query["jwtToken"];
}
// 尝试从头部获取token
if (token.IsNullOrEmpty() || token.Split(".").Length != 3)
{
token = req?.Headers[HeaderNames.Authorization];
}
if (token.IsNullOrEmpty() || token.Split(".").Length != 3)
{
return(null);
}
token = token.Replace("Bearer ", "", StringComparison.OrdinalIgnoreCase);
var jwt = GetJwt();
if (!jwt.TryDecode(token, out var msg))
{
XTrace.WriteLine("令牌无效:{0}, token={1}", msg, token);
return(null);
}
var user = jwt.Subject;
if (user.IsNullOrEmpty())
{
return(null);
}
// 判断有效期
if (jwt.Expire < DateTime.Now)
{
XTrace.WriteLine("令牌过期:{0} {1}", jwt.Expire, token);
return(null);
}
var u = provider.FindByName(user);
if (u == null || !u.Enable)
{
return(null);
}
// 保存登录信息。如果是json请求,不用记录自动登录
if (autologin && u is IAuthUser mu && !req.IsAjaxRequest())
{
mu.SaveLogin(null);
LogProvider.Provider.WriteLog("用户", "自动登录", true, $"{user} Time={jwt.IssuedAt} Expire={jwt.Expire} Token={token}", u.ID, u + "", ip: context.GetUserHost());
}
return(u);
}
