public override void OnActionExecuting(ActionExecutingContext context)
{
string ClientToken = string.Empty;
string JseSessionId = CookiesOperation.GetCookies(context.HttpContext, "JSESSIONID");
if (context.HttpContext.Request.Method == "POST")
{
ClientToken = context.HttpContext.Request.Form["token"].ToString();
}
else
{
ClientToken = context.HttpContext.Request.Query["token"].ToString();
}
if (!string.IsNullOrEmpty(ClientToken) && !string.IsNullOrEmpty(JseSessionId))
{
StackExchangeHelper stackExchangeHelper = new StackExchangeHelper();
//key值剩余时间
TimeSpan?KeyRemainTime = stackExchangeHelper.GetRemainTime(JseSessionId + AppConfig.TokenStr);
if (KeyRemainTime != null)
{
string ServerToken = stackExchangeHelper.StringGet(JseSessionId + AppConfig.TokenStr);
if (ClientToken == ServerToken)
{
//key值剩余分钟数
int RemainMinutes = Convert.ToInt32(((TimeSpan)KeyRemainTime).TotalMinutes);
//如果key值即将过期,需要对Token进行延时
if (RemainMinutes < 5)
{
//服务端存储Token密钥
stackExchangeHelper.KeyExpire(JseSessionId + AppConfig.DESKeyStr, ExpiresTime.AddtionExpiresTime);
//服务端存储Token
stackExchangeHelper.KeyExpire(JseSessionId + AppConfig.TokenStr, ExpiresTime.AddtionExpiresTime);
//服务端注册本次登陆的域名
stackExchangeHelper.KeyExpire(JseSessionId + AppConfig.DomainStr, ExpiresTime.AddtionExpiresTime);
}
}
else
{
//token匹配错误
context.Result = new JsonResult(new ResponseModel(ResponseStatus.ErrorParameters, "Token错误!"));
}
}
else
{
//服务端token已过期
context.Result = new JsonResult(new ResponseModel(ResponseStatus.Redirect, "Token过期!"));
}
}
else
{
//缺少参数
context.Result = new JsonResult(new ResponseModel(ResponseStatus.Warnning, "缺少重要参数!"));
}
}
/// <summary>
/// 用户登陆
/// </summary>
/// <param name="Name">用户名</param>
/// <param name="Password">密码</param>
/// <param name="Context">HTTP请求上下文</param>
/// <param name="Redirect">回调URL</param>
/// <returns></returns>
public ResponseModel Login(string Name, string Password, HttpContext Context, out string Redirect)
{
var User = _usersRepository.Get(new { Name = Name }, new List <string>()
{
"Id", "Name", "PassWord"
});
Redirect = "";
if (User != null)
{
if (User.PassWord == Password)
{
StackExchangeHelper stackExchangeHelper = new StackExchangeHelper();
string JseSessionId = CookiesOperation.GetCookies(Context, "JSESSIONID");
string UA = Context.Request.Headers["User-Agent"].ToString();
string Key = Helper.GeneratorDesKey();
//获取回调的URL
Redirect = ServiceHelper.GetRollBackUrl(Context);
if (!string.IsNullOrEmpty(Redirect))
{
//获取回调的URL的域名
string Domain = Helper.GetDomain(Redirect);
//生成Token
string Token = Helper.GeneratorToken(User.Id, UA, Key);
//服务端存储Token密钥
stackExchangeHelper.StringSet(JseSessionId + AppConfig.DESKeyStr, Key, ExpiresTime.ServerExpiresTime);
//服务端存储Token
stackExchangeHelper.StringSet(JseSessionId + AppConfig.TokenStr, Token, ExpiresTime.ServerExpiresTime);
//服务端注册本次登陆的域名,并设置过期时间
stackExchangeHelper.ListRightPush(JseSessionId + AppConfig.DomainStr, Domain);
stackExchangeHelper.KeyExpire(JseSessionId + AppConfig.DomainStr, ExpiresTime.ServerExpiresTime);
return(new ResponseModel(ResponseStatus.OK, "登陆成功!", new { token = Token, redirect = Redirect }));
}
else
{
return(new ResponseModel(ResponseStatus.Warnning, "未找到回调URL"));
}
}
else
{
return(new ResponseModel(ResponseStatus.Warnning, "密码错误!"));
}
}
else
{
return(new ResponseModel(ResponseStatus.Warnning, "未找到相应用户信息!"));
}
}
public override void OnActionExecuting(ActionExecutingContext context)
{
string JseSessionId = CookiesOperation.GetCookies(context.HttpContext, "JSESSIONID");
string Referrence = context.HttpContext.Request.Headers["Referer"].ToString();
if (string.IsNullOrEmpty(JseSessionId))
{
//设置登陆标识
CookiesOperation.SetCookies(context.HttpContext, "JSESSIONID", Helper.GenerateGuid(), ExpiresTime.ServerExpiresTime);
//如果没有登陆,重定向
context.HttpContext.Response.Redirect("/Account/Login?redirect=" + Helper.UrlEncode(Referrence));
}
else
{
//已经登陆
StackExchangeHelper stackExchangeHelper = new StackExchangeHelper();
string Domain = Helper.GetDomain(Referrence);
//获取所有已注册的域名
var RegisterUrl = stackExchangeHelper.ListRange(JseSessionId + AppConfig.DomainStr);
//拿到之前登陆的令牌
string Token = stackExchangeHelper.StringGet(JseSessionId + AppConfig.TokenStr);
//判断该域名是否已在服务端注册
if (!string.IsNullOrEmpty(Token))
{
if (!RegisterUrl.Contains(Domain))
{
//服务端注册本次登陆的域名,并设置过期时间
stackExchangeHelper.ListRightPush(JseSessionId + AppConfig.DomainStr, Domain);
stackExchangeHelper.KeyExpire(JseSessionId + AppConfig.DomainStr, ExpiresTime.ServerExpiresTime);
}
//发放令牌并重定向
context.HttpContext.Response.Redirect(Referrence + "?token=" + Token);
}
else
{
//Token过期或者没有登陆
context.HttpContext.Response.Redirect("/Account/Login?redirect=" + Helper.UrlEncode(Referrence));
}
}
}
/// <summary>
/// 获取用户信息
/// </summary>
/// <param name="Token">Token</param>
/// <returns></returns>
public ResponseModel GetUserName(string Token, HttpContext Context)
{
StackExchangeHelper stackExchangeHelper = new StackExchangeHelper();
string JseSessionId = CookiesOperation.GetCookies(Context, "JSESSIONID");
string DESKey = stackExchangeHelper.StringGet(JseSessionId + AppConfig.DESKeyStr);
string DecryptClientToken = Helper.DESDecrypt(Token, DESKey);
//解析Token,数组第一个元素是UserId,第二个元素是时间戳
string[] ClientTokenArray = DecryptClientToken.Split(AppConfig.SplitCode);
if (ClientTokenArray != null && ClientTokenArray.Length > 0)
{
string UserId = ClientTokenArray[0];
var User = _usersRepository.Get(new { Id = UserId }, new List <string>()
{
"Id", "Name", "Phone", "Email"
});
return(new ResponseModel(ResponseStatus.OK, "", User));
}
else
{
return(new ResponseModel(ResponseStatus.ErrorParameters, "Token解析错误!"));
}
}
