public async Task <IHttpActionResult> Register([FromBody] LoginModel model)
{
try
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
ServiceResultMessage resultMessage = await AccountService.CreateAccountModel(model.UserName, model.Password);
if (resultMessage.code == ServiceResultCode.Success)
{
var message = await AccountService.CheckAccountVilidate(model.UserName, model.Password);
if (message.ResulType == ValidateType.None)
{
#if DEBUG
string header = JsonConvert.SerializeObject(message.Cookie);
#else
string header = AesEncryptHelper.DecryptAes(JsonConvert.SerializeObject(message.Cookie));
#endif
var result = new { authHeader = header, respMessage = message.Message };
return(Json(result));
}
return(BadRequest(message.Message));
}
return(BadRequest(resultMessage.Message));
}
catch (Exception e)
{
var errorId = Guid.NewGuid().Str();
LogHelper.Error(errorId, e);
return(Json(new { message = $@"发生未知错误,请联系管理员,错误代码:{errorId}" }));
}
}
public async Task <IHttpActionResult> Login([FromBody] LoginModel model)
{
try
{
var message = await AccountService.CheckAccountVilidate(model.UserName, model.Password);
if (message.ResulType == ValidateType.None)
{
#if DEBUG
string header = JsonConvert.SerializeObject(message.Cookie);
#else
string header = AesEncryptHelper.EncryptAes(EncryptUtils.Base64Encrypt(JsonConvert.SerializeObject(message.Cookie)));
#endif
var result = new TokenModel()
{
AuthHeader = header, RespMessage = message.ResulType.ToString()
};
return(Json(result));
}
return(BadRequest(message.Message));
}
catch (Exception e)
{
var errorId = Guid.NewGuid().Str();
LogHelper.Error(errorId, e);
return(Json(new { message = $@"发生未知错误,请联系管理员,错误代码:{errorId}" }));
}
}
public void DesEncrypt_Encrypt()
{
var source = "abcefg";
var ciphertext = AesEncryptHelper.EncryptAes(source);
var text = AesEncryptHelper.DecryptAes(ciphertext);
Assert.AreEqual <string>(source, text);
}
/// <summary>
/// 读取加密cookie
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="strName">名称</param>
/// <param name="cryptType">加密方式</param>
/// <returns>加密前的对象</returns>
public static T GetCryptCookie <T>(string strName, CryptType cryptType = CryptType.Aes)
{
try
{
string jsonString = null;
string cryptString = GetCookie(strName);
#if DEBUG
jsonString = cryptString;
if (string.IsNullOrWhiteSpace(jsonString))
{
return(default(T));
}
return(JsonConvert.DeserializeObject <T>(jsonString));
#endif
switch (cryptType)
{
case CryptType.Aes:
{
jsonString = AesEncryptHelper.DecryptAes(cryptString);
break;
}
case CryptType.Des:
{
jsonString = DesEncryptHelper.DecryptDes(cryptString);
break;
}
default:
{
jsonString = EncryptUtils.Base64Decrypt(cryptString);
break;
}
}
if (string.IsNullOrWhiteSpace(jsonString))
{
return(default(T));
}
return(JsonConvert.DeserializeObject <T>(jsonString));
}
catch (Exception e)
{
LogHelper.Error($@"CookieHelper ReadError {e.Message}", e);
return(default(T));
}
}
private void HandleUserAuthorization(HttpActionContext actionContext)
{
var headerString = default(string);
if (actionContext.Request.Headers.Contains(ConfigurationValue.ApiAuthHeaderName))
{
headerString = actionContext.Request.Headers.GetValues(ConfigurationValue.ApiAuthHeaderName).First();
}
if (string.Equals(headerString, "HEADER_NULL"))
{
HandleUnauthorizedRequest(actionContext);
return;
}
if (string.IsNullOrEmpty(headerString))
{
HandleUnauthorizedRequest(actionContext);
return;
}
AuthCookieModel header = null;
try
{
#if DEBUG
var result = headerString;// CspCrossPlatformExchangeWrapper.UnWrapKey(headerString);
#else
var result = EncryptUtils.Base64Decrypt(AesEncryptHelper.DecryptAes(headerString));
#endif
header = JsonConvert.DeserializeObject <AuthCookieModel>(result);
}
catch (Exception ex)
{
throw;
}
//todo:判断账号超时
if (header == null || string.IsNullOrEmpty(header.UserName) || string.IsNullOrEmpty(header.Token) || DateTime.Now > header.Expired)
{
HandleUnauthorizedRequest(actionContext);
return;
}
ThreadStaticObject.UserId = header.Id;
ThreadStaticObject.UserName = header.UserName;
ThreadStaticObject.Token = header.Token;
}
/// <summary>
/// 添加加密cookie
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="strName">名称</param>
/// <param name="value">需要加密的对象</param>
/// <param name="expires">过期时间(分钟)</param>
/// <param name="cryptType">加密方式</param>
public static void WriteCryptCookie <T>(string strName, T value, int expires = 8 *60, CryptType cryptType = CryptType.Aes)
{
string json = JsonConvert.SerializeObject(value);
string cryptString = null;
switch (cryptType)
{
case CryptType.Aes:
{
cryptString = AesEncryptHelper.EncryptAes(json);
break;
}
case CryptType.Des:
{
cryptString = DesEncryptHelper.EncryptDes(json);
break;
}
case CryptType.Sha1:
{
cryptString = UnDecryptableEncryptHelpers.Sha1Encrypt(json);
break;
}
case CryptType.Md5:
{
cryptString = UnDecryptableEncryptHelpers.Md5Encrypt(json);
break;
}
default:
{
cryptString = EncryptUtils.Base64Encrypt(json);
break;
}
}
#if DEBUG
cryptString = json;
#endif
WriteCookie(strName, cryptString, expires);
}