Beispiel #1
0
        //public static bool CheckIsAdmin(string userToken)
        //{
        //    try
        //    {
        //        return UserTokenHandler.IsAdmin(userToken);
        //    }
        //    catch (Exception ex)
        //    {
        //        throw new AuthException("用户身份验证失败,请检查是否已登录", ex);
        //    }
        //}
        public string GetAdminToken(string userId)
        {
            var dic = new Dictionary <string, string>();

            dic.Add("LI", userId);
            dic.Add("IA", "IA");
            return(UserTokenHandler.GetUserToken(dic));
        }
 public static void ValidateAuthentication_new(string userToken, out string userId)
 {
     try
     {
         var rlt = UserTokenHandler.AnalyzeUserToken(userToken);
         if (!rlt.ContainsKey("LI"))
         {
             throw new Exception("UserToken不完整,缺少UserId信息");
         }
         userId = rlt["LI"];
     }
     catch (Exception ex)
     {
         throw new Exception("用户身份验证失败,请检查是否已登录", ex);
     }
 }
Beispiel #3
0
 /// <summary>
 /// 验证用户身份及权限,并返回用户名称
 /// </summary>
 public static void ValidateAuthentication(string userToken, string needRight, string functionId, out string userId)
 {
     try
     {
         var rlt = UserTokenHandler.ValidateAuthentication(userToken, needRight, functionId, "LI");
         if (!rlt.ContainsKey("LI"))
         {
             throw new AuthException("UserToken不完整,缺少UserId信息");
         }
         userId = rlt["LI"];
     }
     catch (Exception ex)
     {
         throw new AuthException("用户身份验证失败,请检查是否已登录", ex);
     }
 }
        /// <summary>
        /// 验证用户身份及权限,并返回用户名称
        /// </summary>
        public static Dictionary <string, string> ValidateAuthentication(string userToken, string needRight, string functionId, params string[] keys)
        {
            var dic = UserTokenHandler.AnalyzeUserToken(userToken);

            if (!dic.ContainsKey("IA") || dic["IA"] != "IA")
            {
                if (!dic[functionId].Contains(needRight))
                {
                    throw new Exception("权限不足");
                }
            }
            var rlt = new Dictionary <string, string>(keys.Length);

            foreach (var key in keys)
            {
                rlt.Add(key, dic[key]);
            }
            return(rlt);
        }
        public string GetUserToken(string userId, IList <AccessControlItem> acl)
        {
            var dic = new Dictionary <string, string>(acl.Count);

            foreach (var item in acl)
            {
                if (item.Status != EnableStatus.Enable)
                {
                    throw new Exception("被禁止的权限控制项不能出现在此");
                }
                if (!dic.ContainsKey(item.FunctionId))
                {
                    dic.Add(item.FunctionId, item.Mode);
                }
                else
                {
                    dic[item.FunctionId] = MergeFunctionMode(dic[item.FunctionId], item.Mode);
                }
            }
            dic.Add("LI", userId);
            return(UserTokenHandler.GetUserToken(dic));
        }