/// <summary>
/// 解码
/// </summary>
/// <param name="token"></param>
/// <returns></returns>
public UserIdSessionData Decrypt(string token)
{
//验证用户信息
UserIdSessionData sessionData = null;
try
{
sessionData = SessionKeyHelper.Decrypt(token);
}
catch
{
Logger.Error(String.Format("{0}解密失败 ", token));
}
return(sessionData);
}
/// <summary>
/// 加码
/// </summary>
/// <param name="data"></param>
/// <returns></returns>
public string Encrypt(UserIdSessionData data)
{
return SessionKeyHelper.Encrypt(data);
}
public virtual void ExecActionExecuting(ActionExecutingContext filterContext)
{
//获取SessionKey
var httpContext = filterContext.HttpContext;
var token = httpContext.Request[Define.Token];
if (String.IsNullOrEmpty(token) && !_holdon)
{
//filterContext.HttpContext.ClearError();
filterContext.Result = new RestfulResult
{
Data = new ExecuteResult
{
StatusCode = StatusCode.ClientError,
Message = String.Format("{0}为空", Define.Token)
}
};
return;
//return false;
}
//验证用户信息
try
{
_sessionData = SessionKeyHelper.Decrypt(token);
}
catch
{
_log.Error(String.Format("{0}解密失败 ", token));
}
// 解密失败返回结果
if (_sessionData == null && !_holdon)
{
filterContext.Result = new RestfulResult
{
Data = new ExecuteResult
{
StatusCode = StatusCode.Unauthorized,
Message = "您的身份验证失败."
}
};
return;
}
// Session过期
#if !DEBUG
if (_sessionData != null && _sessionData.Expired && !_holdon)
{
filterContext.Result = new RestfulResult
{
Data = new ExecuteResult
{
StatusCode = StatusCode.Unauthorized,
Message = "您已经很长时候没有使用啦,为保证你的账户安全,请重新登录."
}
};
return;
}
#endif
//TODO:可以通过ActionDescriptor获取参数的类型,这里约定好就可以了,没有必要去那样做
var output = 0;
if (_sessionData != null)
{
Int32.TryParse(_sessionData.UserId, out output);
}
if (_sessionData != null)
{
this._authUser = ServiceLocator.Current.Resolve<IUserService>().Get(Int32.Parse(_sessionData.UserId));
if (this._authUser == null)
{
filterContext.Result = new RestfulResult
{
Data = new ExecuteResult
{
StatusCode = StatusCode.Unauthorized,
Message = "您的身份验证失败."
}
};
return;
}
filterContext.ActionParameters[Define.AuthUser] = this._authUser;
////// 设置参数userId的值
////httpContext.Request.
httpContext.Request.RequestContext.RouteData.Values.Add(Define.AuthUserId, output.ToString(CultureInfo.InvariantCulture));
//httpContext.Request.Params.Add(Define.AuthUserId, output.ToString(CultureInfo.InvariantCulture));
filterContext.ActionParameters[Define.AuthUserId] = output;
}
else
{
filterContext.ActionParameters[Define.AuthUser] = null;
filterContext.ActionParameters[Define.AuthUserId] = null;
}
ExecActionRoleAuthorizeing(filterContext);
}
/// <summary>
/// 加码
/// </summary>
/// <param name="data"></param>
/// <returns></returns>
public string Encrypt(UserIdSessionData data)
{
return(SessionKeyHelper.Encrypt(data));
}
public virtual void ExecActionExecuting(ActionExecutingContext filterContext)
{
//获取SessionKey
var httpContext = filterContext.HttpContext;
var token = httpContext.Request[Define.Token];
if (String.IsNullOrEmpty(token) && !_holdon)
{
//filterContext.HttpContext.ClearError();
filterContext.Result = new RestfulResult
{
Data = new ExecuteResult
{
StatusCode = StatusCode.ClientError,
Message = String.Format("{0}为空", Define.Token)
}
};
return;
//return false;
}
//验证用户信息
try
{
_sessionData = SessionKeyHelper.Decrypt(token);
}
catch
{
_log.Error(String.Format("{0}解密失败 ", token));
}
// 解密失败返回结果
if (_sessionData == null && !_holdon)
{
filterContext.Result = new RestfulResult
{
Data = new ExecuteResult
{
StatusCode = StatusCode.Unauthorized,
Message = "您的身份验证失败."
}
};
return;
}
// Session过期
if (_sessionData != null && _sessionData.Expired && !_holdon)
{
filterContext.Result = new RestfulResult
{
Data = new ExecuteResult
{
StatusCode = StatusCode.Unauthorized,
Message = "您已经很长时候没有使用啦,为保证你的账户安全,请重新登录."
}
};
return;
}
//TODO:可以通过ActionDescriptor获取参数的类型,这里约定好就可以了,没有必要去那样做
var output = 0;
if (_sessionData != null)
{
Int32.TryParse(_sessionData.UserId, out output);
}
if (_sessionData != null)
{
this._authUser = ServiceLocator.Current.Resolve <IUserService>().Get(Int32.Parse(_sessionData.UserId));
if (this._authUser == null)
{
filterContext.Result = new RestfulResult
{
Data = new ExecuteResult
{
StatusCode = StatusCode.Unauthorized,
Message = "您的身份验证失败."
}
};
return;
}
filterContext.ActionParameters[Define.AuthUser] = this._authUser;
////// 设置参数userId的值
////httpContext.Request.
httpContext.Request.RequestContext.RouteData.Values.Add(Define.AuthUserId, output.ToString(CultureInfo.InvariantCulture));
//httpContext.Request.Params.Add(Define.AuthUserId, output.ToString(CultureInfo.InvariantCulture));
filterContext.ActionParameters[Define.AuthUserId] = output;
}
else
{
filterContext.ActionParameters[Define.AuthUser] = null;
filterContext.ActionParameters[Define.AuthUserId] = null;
}
ExecActionRoleAuthorizeing(filterContext);
}
