Beispiel #1
0
        /// <summary>
        /// 创建MD5签名 字典按ASCII码升序排序后 拼接成url params格式进行MD5加密
        /// </summary>
        /// <param name="dic">要签名参数字典</param>
        /// <returns>md5加密后的字符串</returns>
        public static string CreateSign(Dictionary <string, string> dic)
        {
            var stringA   = "";
            var resultDic = from obj in dic orderby obj.Key select obj;

            foreach (var keyValue in resultDic)
            {
                if (string.IsNullOrEmpty(keyValue.Value.Trim()))
                {
                    continue;
                }
                stringA += keyValue.Key.Trim() + "=" + keyValue.Value.Replace("\r\n", "").Replace(" ", "").Replace("\\", "").Trim() + "&";
            }
            var stringSignTemp = stringA + "key=" + key;
            var sign           = StaticInfo.MD5Encrypt32(stringSignTemp).ToUpper();

            return(sign);
        }
Beispiel #2
0
        /// <summary>
        /// 创建一个Token
        /// </summary>
        /// <param name="jsonStr"></param>
        /// <returns></returns>
        public static ReturnClass CreatToken(string jsonStr)
        {
            ReturnClass rc = new ReturnClass();

            try
            {
                JObject jObj = new JObject();
                jObj = JObject.Parse(jsonStr);
                if (string.IsNullOrEmpty(jObj["UserName"].ToString()) || string.IsNullOrEmpty(jObj["Password"].ToString()))
                {
                    rc.Msg  = "参数为空";
                    rc.Code = Code.ERR_Sign;
                    rc.Data = "";
                    return(rc);
                }
                string userName = jObj["UserName"].ToString();                          //用户名
                string password = StaticInfo.MD5Encrypt32(jObj["Password"].ToString()); //密码

                //去数据库查询是否有合法
                MySqlParameter[] sp = new MySqlParameter[2];
                sp[0] = new MySqlParameter("@account", userName);
                sp[1] = new MySqlParameter("@password", password);
                var sqlselect1 = string.Format("select * from ws_system_admin where account=@account and pwd=@password");
                //DataRow result=MySqlHelper.GetDataSet(MySqlHelper.Conn,CommandType.Text,sqlselect1,sp).Tables[0].Rows[0];
                //DataTable dtneed=MySqlHelper.GetDataSet(MySqlHelper.Conn,CommandType.Text,sqlselect1,sp).Tables[0];
                DataTable dataTable = MySqlHelper.GetDataSet(MySqlHelper.Conn, CommandType.Text, sqlselect1, sp).Tables[0];
                if (dataTable.Rows.Count < 1)
                {
                    rc.Msg  = "用户名或密码错误";
                    rc.Code = Code.ERR_Sign;
                    rc.Data = "";
                    return(rc);
                }
                DataRow result = dataTable.Rows[0]; //MySqlHelper.GetDataSet(MySqlHelper.Conn,CommandType.Text,sqlselect1,sp).Tables[0].Rows[0];  //SqlHelper.ExecuteDataRow( System.Data.CommandType.Text, "select * from [Base_Users] where UserName='******' and Password='******'");

                if (result == null)                 //说明不存在
                {
                    rc.Msg  = "用户不存在";
                    rc.Code = Code.ERR_Sign;
                    rc.Data = "";
                    return(rc);
                }

                // //只要是一登陆先清除token
                // MemoryCachingHelper._cache.Remove(result["UserID"].ToString());
                //  //先判断下缓存中是否存在  这个地方必须拿token去获取

                // if(MemoryCachingHelper.Exists(result["UserID"].ToString()))
                // {
                //     rc.Msg = "成功!";
                //     rc.Code = Code.SUCCED;
                //     rc.Data = (Token)MemoryCachingHelper.Get(result["UserID"].ToString());
                // }
                // else//不存在才会去生成Token

                //登陆时先删除
                var redisTokenFlag = result["id"].ToString() + result["account"].ToString();
                if (RedisStaticHelper.Exists(redisTokenFlag))
                {
                    //先删除
                    var jwtTokenStr = RedisStaticHelper.Get(redisTokenFlag);
                    RedisStaticHelper.Del(jwtTokenStr);
                    RedisStaticHelper.Del(redisTokenFlag);
                }
                {
                    //生成JWT

                    //生成token
                    Token tk = new Token();
                    tk.userName = result["account"].ToString();
                    tk.userID   = result["id"].ToString();
                    tk.sub      = "Client";
                    //距离上次登录的毫秒数
                    tk.Timestamp = Convert.ToString(DateTimeToStamp(DateTime.Now)); //DateTime.Now.ToString("yyyyMMddHHmmss");
                    //token生成规则 用户名 密码 时间戳 MD5加密
                    //tk.AccessToken = MD5Encrypt32(EmpID, password, tk.Timestamp);
                    //存一下token

                    DateTime UTC    = DateTime.UtcNow;
                    Claim[]  claims = new Claim[]
                    {
                        new Claim(JwtRegisteredClaimNames.Sub, tk.sub),                                    //Subject,
                        new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),                 //JWT ID,JWT的唯一标识
                        new Claim(JwtRegisteredClaimNames.Iat, UTC.ToString(), ClaimValueTypes.Integer64), //Issued At,JWT颁发的时间,采用标准unix时间,用于验证过期
                    };

                    JwtSecurityToken jwt = new JwtSecurityToken(
                        issuer: "TianTao",                                                                                                            //jwt签发者,非必须
                        audience: tk.userName,                                                                                                        //jwt的接收该方,非必须
                        claims: claims,                                                                                                               //声明集合
                        expires: UTC.AddHours(12),                                                                                                    //指定token的生命周期,unix时间戳格式,非必须
                        signingCredentials: new Microsoft.IdentityModel.Tokens
                        .SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes("RayPI's Secret Key")), SecurityAlgorithms.HmacSha256)); //使用私钥进行签名加密

                    var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);                                                                   //生成最后的JWT字符串
                    tk.AccessToken = encodedJwt;
                    // int count = SqlHelper.ExecuteNonQuery(System.Data.CommandType.Text, "update [Emp] set Token='" + tk.AccessToken + "' where EmpID='" + EmpID + "' and Pwd='" + password + "'");
                    // if (count < 1)
                    // {
                    //     rc.Msg = "失败,重试";
                    //     rc.Code = Code.SystemError;
                    //     rc.Data = "";
                    //     return rc;
                    // }
                    rc.Msg  = "成功!";
                    rc.Code = Code.SUCCED;
                    rc.Data = tk;
                    //将token 存入缓存
                    //MemoryCachingHelper.addMemoryCache(tk.AccessToken,tk,new TimeSpan(0,10,0),new TimeSpan(0,10,0));
                    RedisStaticHelper.Set(tk.AccessToken, tk.ToJson());
                    RedisStaticHelper.Set(tk.userID + tk.userName, tk.AccessToken);
                }
                return(rc);
            }
            catch (Exception ex)
            {
                StaticInfo.Log(ex.ToString());
                rc.Msg  = "违反了中央八项纪律";
                rc.Code = Code.SystemError;
                rc.Data = "";
                return(rc);
            }
        }