Beispiel #1
0
        public static VolunteerToken GetToken(string token)
        {
            DbEntity       db             = new DbEntity();
            VolunteerToken volunteerToken = db.VolunteerTokens.FirstOrDefault(s => s.Token == token);

            db.Dispose();
            return(volunteerToken);
        }
Beispiel #2
0
        public bool IsTokenValid(TokenModel token)
        {
            var volunteerToken = new VolunteerToken
            {
                Id           = token.TokenId,
                Volunteer_ID = token.VolunteerId,
                Token_VC     = token.Token
            };

            return(_tokenSpecification.IsTokenActive(volunteerToken) &&
                   token.IsFormatValid);
        }
        public IHttpActionResult PostLogout()
        {
            Guid           volunteerId    = VolunteerService.GetVolunteerIdFromIdentity();
            VolunteerToken volunteerToken = db.VolunteerTokens.FirstOrDefault(s => s.VolunteerId == volunteerId);

            try
            {
                volunteerToken.Validity        = 0;
                db.Entry(volunteerToken).State = EntityState.Modified;
                db.SaveChanges();
            }
            catch
            {
                db.Entry(volunteerToken).State = EntityState.Unchanged;
                return(BadRequest("操作发生错误"));
            }
            return(Ok());
        }
Beispiel #4
0
 public static bool UpdateTokenActiveTime(Guid Id)
 {
     try
     {
         DbEntity       db             = new DbEntity();
         VolunteerToken volunteerToken = db.VolunteerTokens.FirstOrDefault(s => s.VolunteerId == Id);
         if (volunteerToken == null)
         {
             return(false);
         }
         volunteerToken.ActiveTime = DateTime.UtcNow;
         db.SaveChanges();
         db.Dispose();
         return(true);
     }
     catch
     {
         return(false);
     }
 }
Beispiel #5
0
        public override void OnActionExecuting(HttpActionContext actionContext)
        {
            IEnumerable <string> tokenItem = null;

            actionContext.Request.Headers.TryGetValues("token", out tokenItem);
            //没有token
            if (tokenItem == null)
            {
                throwUnanthorizedException();
            }
            string         token          = tokenItem.ToList()[0];
            VolunteerToken volunteerToken = VolunteerService.GetToken(token);

            //数据库没有此token
            if (volunteerToken == null)
            {
                throwUnanthorizedException();
            }
            //token过期
            if (volunteerToken.ExpiredTime < DateTime.UtcNow)
            {
                throwUnanthorizedException();
            }

            Volunteer volunteer = VolunteerService.GetVolunteer(volunteerToken.VolunteerId);

            //volunteer是否存在或有效
            if (volunteer == null || volunteer.Status == EnumUserStatus.注销 || volunteer.Status == EnumUserStatus.密码输入错误临时锁定 || volunteer.Status == EnumUserStatus.注册未验证手机)
            {
                throwUnanthorizedException();
            }

            SetPrincipal(new VolunteerPrincipal(volunteer));

            if (!VolunteerService.UpdateTokenActiveTime(volunteer.Id))
            {
                throwUnanthorizedException();
            }
            base.OnActionExecuting(actionContext);
        }
Beispiel #6
0
        public string GenerateToken(GenerateTokenModel model)
        {
            var claims = new[]
            {
                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
                new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString(CultureInfo.InvariantCulture)),
                new Claim("vId", SecurityBase.Encrypt(model.VolunterId.ToString())),
                new Claim("oId", SecurityBase.Encrypt(model.OrganisationId.ToString())),
                new Claim(JwtRegisteredClaimNames.Email, SecurityBase.Encrypt(model.Email))
            };

            var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(model.Key));
            var signingCredentials   = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256Signature, "http://www.w3.org/2001/04/xmlenc#sha256");

            var jwtSecurityToken = new JwtSecurityToken(
                issuer: model.Issuer,
                audience: model.Audience,
                claims: claims,
                //expires: DateTime.UtcNow,//DateTime.UtcNow.AddDays(1),
                signingCredentials: signingCredentials
                );

            var jwtSecurityTokenHandler = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);

            var tokenId = claims.First(claim => claim.Type == JwtRegisteredClaimNames.Jti).Value;

            var volunteerToken = new VolunteerToken
            {
                Id           = new Guid(tokenId),
                Volunteer_ID = model.VolunterId,
                Token_VC     = jwtSecurityTokenHandler,
                Active_BT    = true
            };

            _volunteerTokenRepository.SaveToken(volunteerToken);

            return(jwtSecurityTokenHandler);
        }
        public IHttpActionResult PostLogin(Login model)
        {
            //验证Android手机终端
            IEnumerable <string> headerUuid = null;

            ActionContext.Request.Headers.TryGetValues("uuid", out headerUuid);
            if (headerUuid == null)
            {
                return(BadRequest("请从Android手机操作"));
            }
            string uuid = null;

            if (headerUuid != null)
            {
                uuid = headerUuid.ToList()[0];
            }
            //验证数据
            if (model == null)
            {
                return(BadRequest("请填写登录信息"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState.Values.First(s => s.Errors.Count > 0).Errors[0].ErrorMessage));
            }
            Volunteer volunteer = db.Volunteers.FirstOrDefault(s => s.MobileNumber == model.MobileNumber && s.Status != EnumUserStatus.注销); //应为0个或1个

            //验证是否已注册
            if (volunteer == null)
            {
                return(BadRequest("该手机号码未注册"));
            }
            //验证账户是否锁定
            if (volunteer.Status == EnumUserStatus.密码输入错误临时锁定)
            {
                if (volunteer.LockoutEndTime < DateTime.Now)
                {
                    volunteer.Status           = EnumUserStatus.正常;
                    volunteer.LockoutStartTime = null;
                    volunteer.LockoutDuration  = 0;
                    db.SaveChanges();
                }
                else
                {
                    return(BadRequest("账户被锁定"));
                }
            }
            //验证密码
            if (volunteer.Password != SecurityHelper.MD5Hash(model.PassWord))
            {
                return(BadRequest("密码不正确"));
            }
            //更新uuid
            if (uuid != null)
            {
                volunteer.Uuid = uuid;
            }

            VolunteerToken volunteerToken = db.VolunteerTokens.FirstOrDefault(s => s.VolunteerId == volunteer.Id);
            DateTime       now            = DateTime.UtcNow;
            string         token          = SecurityHelper.MD5Hash(volunteer.Id.ToString() + now.ToString() + Guid.NewGuid().ToString());

            if (volunteerToken == null)
            {
                volunteerToken = new VolunteerToken
                {
                    VolunteerId = volunteer.Id,
                    CreateTime  = now,
                    ActiveTime  = now,
                    Token       = token,
                    Validity    = 30
                };
                try
                {
                    db.VolunteerTokens.Add(volunteerToken);
                    db.Entry(volunteerToken).State = EntityState.Added;
                    db.SaveChanges();
                }
                catch
                {
                    db.Entry(volunteerToken).State = EntityState.Unchanged;
                    return(BadRequest("操作发生错误"));
                }
            }
            else
            {
                volunteerToken.ActiveTime      = now;
                volunteerToken.Token           = token;
                volunteerToken.Validity        = 30;
                db.Entry(volunteerToken).State = EntityState.Modified;
                try
                {
                    db.SaveChanges();
                }
                catch
                {
                    db.Entry(volunteerToken).State = EntityState.Unchanged;
                    return(BadRequest("操作发生错误"));
                }
            }
            return(Ok(new
            {
                Token = token,
                Volunteer = VolunteerService.FormatUser(volunteer)
            }));
        }
        public IHttpActionResult PostRegister(Register model)
        {
            DateTime now = DateTime.Now;
            //验证Andriod手机端
            IEnumerable <string> headUuid = null;

            ActionContext.Request.Headers.TryGetValues("uuid", out headUuid);
            string uuid = null;

            if (headUuid != null)
            {
                uuid = headUuid.ToList()[0];
            }
            //验证数据
            if (model == null)
            {
                return(BadRequest("请填写注册信息"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState.Values.First(s => s.Errors.Count > 0).Errors[0].ErrorMessage));
            }
            Volunteer volunteer = db.Volunteers.FirstOrDefault(s => s.MobileNumber == model.MobileNumber && s.Status != EnumUserStatus.注销);

            //未点击获取验证码
            if (volunteer == null)
            {
                return(BadRequest("请获取验证码"));
            }
            //手机号码已注册
            if (volunteer.Status == EnumUserStatus.注册未验证手机)
            {
                return(BadRequest("该手机号码已注册"));
            }
            //数据库中不存在验证码
            if (string.IsNullOrEmpty(volunteer.SmsCaptcha))
            {
                return(BadRequest("请获取验证码"));
            }
            //验证码用途不正确
            if (!volunteer.SmsCaptchaUsedFor.HasValue || volunteer.SmsCaptchaUsedFor != EnumCaptchaUsedFor.志愿者注册)
            {
                return(BadRequest("验证码无效,请重新获取验证码"));
            }
            //验证码失效
            if (volunteer.SmsCaptchaExpiredTime > now)
            {
                return(BadRequest("验证码失效,请重新获取"));
            }
            //验证码错误
            if (volunteer.SmsCaptcha != model.Captcha)
            {
                return(BadRequest("验证码错误"));
            }

            //注册,生成token
            volunteer.Uuid                  = uuid;
            volunteer.Password              = SecurityHelper.MD5Hash(model.PassWord);
            volunteer.SmsCaptcha            = null;
            volunteer.SmsCaptchaExpiredTime = null;
            volunteer.SmsCaptchaUsedFor     = null;
            volunteer.Status                = EnumUserStatus.注册中;
            volunteer.RegisterTime          = now;
            db.Entry(volunteer).State       = EntityState.Modified;
            try
            {
                db.SaveChanges();
                VolunteerToken volunteerToken = db.VolunteerTokens.FirstOrDefault(s => s.VolunteerId == volunteer.Id);
                string         token          = SecurityHelper.MD5Hash(volunteer.Id.ToString() + now.ToString() + Guid.NewGuid().ToString());
                if (volunteerToken == null)
                {
                    volunteerToken = new VolunteerToken
                    {
                        VolunteerId = volunteer.Id,
                        Token       = token,
                        CreateTime  = now,
                        ActiveTime  = now,
                        Validity    = 30
                    };
                    db.VolunteerTokens.Add(volunteerToken);
                    db.SaveChanges();
                }
                else
                {
                    volunteerToken.ActiveTime      = now;
                    volunteerToken.Token           = token;
                    volunteerToken.Validity        = 30;
                    db.Entry(volunteerToken).State = EntityState.Modified;
                    db.SaveChanges();
                }
                return(Ok(
                           new { Token = token, Volunteer = VolunteerService.FormatUser(volunteer) }
                           ));
            }
            catch (Exception ex)
            {
                db.Entry(volunteer).State = EntityState.Unchanged;
                return(BadRequest("操作发生错误"));
            }
        }
Beispiel #9
0
 public bool IsTokenActive(VolunteerToken volunteerToken)
 {
     return(_volunteerTokenRepository.IsTokenActive(volunteerToken));
 }