public override void OnAuthorization(HttpActionContext actionContext) { if (SkipAuthorization(actionContext)) { return; } AuthenticationHeaderValue authRequest = actionContext.Request.Headers.Authorization; if (authRequest == null || authRequest.Scheme != "Bearer") { var body = ExceptionHelper.FormatExceptionMessage(new System.Exception("jwt auth error")); HttpResponseMessage responseMessage = actionContext.Request.CreateResponse(HttpStatusCode.OK, body); actionContext.Response = responseMessage; return; } string token = authRequest.Parameter; if (string.IsNullOrWhiteSpace(token)) { var body = ExceptionHelper.FormatExceptionMessage(new System.Exception("miss jwt token")); HttpResponseMessage responseMessage = actionContext.Request.CreateResponse(HttpStatusCode.OK, body); actionContext.Response = responseMessage; return; } try { JwtPayload payload = JsonConvert.DeserializeObject <JwtPayload>(JwtHelper.VerifyToken(token).ToString()); if (payload.Exp <= TimeStampHelper.ToTimeStamp(DateTime.Now)) { var body = ExceptionHelper.FormatExceptionMessage(new System.Exception("jwt token expired")); HttpResponseMessage responseMessage = actionContext.Request.CreateResponse(HttpStatusCode.OK, body); actionContext.Response = responseMessage; return; } else if (payload.Iss != JwtHelper.JwtIss || payload.Aud != JwtHelper.JwtAud) { var body = ExceptionHelper.FormatExceptionMessage(new System.Exception("jwt token illegal")); HttpResponseMessage responseMessage = actionContext.Request.CreateResponse(HttpStatusCode.OK, body); actionContext.Response = responseMessage; return; } else { } } catch (System.Exception) { var body = ExceptionHelper.FormatExceptionMessage(new System.Exception("jwt token illegal")); HttpResponseMessage responseMessage = actionContext.Request.CreateResponse(HttpStatusCode.OK, body); actionContext.Response = responseMessage; return; } base.OnAuthorization(actionContext); }
public Response Login(LoginVO vo) { if (vo.Phone == "administrator") { //反转字符串 var array = vo.Noncestr.ToCharArray(); Array.Reverse(array); var key = new string(array); // md5加密 var md5 = new MD5CryptoServiceProvider(); byte[] output1 = md5.ComputeHash(Encoding.Default.GetBytes(key)); var keyStr = BitConverter.ToString(output1).Replace("-", "").ToLower(); var ivChar = keyStr.ToCharArray(); Array.Reverse(ivChar); var iv = new string(ivChar); byte[] output2 = md5.ComputeHash(Encoding.Default.GetBytes(iv)); var ivStr = BitConverter.ToString(output2).Replace("-", "").ToLower().Substring(0, 16); //密码解密 var password = AES256Helper.Decrypt(vo.Password, Encoding.Default.GetBytes(keyStr), Encoding.Default.GetBytes(ivStr)); var isSuccess = BouncyCastleHashing.ValidatePassword(password, ADMIN_DEFAULT_SALT, ADMIN_DEFAULT_PWD); if (isSuccess) { var token = JwtHelper.GenerateToken(-1, "administrator", 2); var user = new { userId = -1, userName = "******", channelName = "系统管理员", roleId = -1, channelId = -1, XCXOPENID = "-1", auth = AuthorityService.GenerateVueMenu(0, true) }; //生成keyStr var nonceStr = TimeStampHelper.ToTimeStamp(DateTime.Now) / 50 * 90; byte[] output3 = md5.ComputeHash(Encoding.UTF8.GetBytes(nonceStr.ToString())); var keyStr2 = BitConverter.ToString(output3).Replace("-", "").ToLower(); //反转keyStr 生成 ivStr var ivChar2 = keyStr2.ToCharArray(); Array.Reverse(ivChar2); var iv2 = new string(ivChar2); byte[] output4 = md5.ComputeHash(Encoding.UTF8.GetBytes(iv2)); var ivStr2 = BitConverter.ToString(output4).Replace("-", "").ToLower().Substring(0, 16); //加密 var payload = AES256Helper.Encrypt(JsonConvert.SerializeObject(user), Encoding.UTF8.GetBytes(keyStr2), Encoding.UTF8.GetBytes(ivStr2)); return(new Response { Result = new { token, payload, noncestr = nonceStr, vueRouter = AuthorityService.GenerateVueRouter(0, true) } }); } else { return(new Response { Errcode = ExceptionHelper.UNKNOWN, Errmsg = "密码错误!" }); } } else { dynamic staff = StaffService.QuerySystemUserByPhoneNumber(vo.Phone); if (staff == null) { return(new Response { Errcode = 10000, Errmsg = "用户不存在或已被禁用" }); } else { //反转字符串 var array = vo.Noncestr.ToCharArray(); Array.Reverse(array); var key = new string(array); // md5加密 var md5 = new MD5CryptoServiceProvider(); byte[] output1 = md5.ComputeHash(Encoding.Default.GetBytes(key)); var keyStr = BitConverter.ToString(output1).Replace("-", "").ToLower(); var ivChar = keyStr.ToCharArray(); Array.Reverse(ivChar); var iv = new string(ivChar); byte[] output2 = md5.ComputeHash(Encoding.Default.GetBytes(iv)); var ivStr = BitConverter.ToString(output2).Replace("-", "").ToLower().Substring(0, 16); //密码解密 var password = AES256Helper.Decrypt(vo.Password, Encoding.Default.GetBytes(keyStr), Encoding.Default.GetBytes(ivStr)); var isSuccess = BouncyCastleHashing.ValidatePassword(password, (string)staff["SALT"], (string)staff["PASSWORD"]); if (isSuccess) { var token = JwtHelper.GenerateToken((int)staff["FID"], (string)staff["FJOB"], 2); var user = new { userId = (int)staff["FID"], userName = (string)staff["FNAME"], channelName = (string)staff["CHANNELNAME"], channelCode = (string)staff["FCHANNELCODE"], channelId = (int)staff["FCHANNELID"], customerId = (int)staff["FCUSTOMERID"], channelTypeId = (int)staff["FCHANNELTYPEID"], channelTypeName = (string)staff["FCHANNELTYPENAME"], roleId = (int)staff["FROLEID"], modules = BaseDataDao.QueryRoleHasModules((int)staff["FROLEID"]).Select(x => x.FNAME).ToList(), pers = BaseDataDao.QueryRoleHasPermissions((int)staff["FROLEID"]), auth = AuthorityService.GenerateVueMenu((int)staff["FROLEID"], false), XCXOPENID = (string)staff["XCXOPENID"], FMOBILE = (string)staff["FMOBILE"] }; //生成keyStr var nonceStr = TimeStampHelper.ToTimeStamp(DateTime.Now) / 50 * 90; byte[] output3 = md5.ComputeHash(Encoding.UTF8.GetBytes(nonceStr.ToString())); var keyStr2 = BitConverter.ToString(output3).Replace("-", "").ToLower(); //反转keyStr 生成 ivStr var ivChar2 = keyStr2.ToCharArray(); Array.Reverse(ivChar2); var iv2 = new string(ivChar2); byte[] output4 = md5.ComputeHash(Encoding.UTF8.GetBytes(iv2)); var ivStr2 = BitConverter.ToString(output4).Replace("-", "").ToLower().Substring(0, 16); //加密 var payload = AES256Helper.Encrypt(JsonConvert.SerializeObject(user), Encoding.UTF8.GetBytes(keyStr2), Encoding.UTF8.GetBytes(ivStr2)); return(new Response { Result = new { token, payload, noncestr = nonceStr, vueRouter = AuthorityService.GenerateVueRouter(user.roleId, false) } }); } else { return(new Response { Errcode = ExceptionHelper.UNKNOWN, Errmsg = "密码错误!" }); } } } }