//插入单个
public int Insert(ref M_TokenTable Obj, ref string ErrMsg)
{
SqlConnection conn;
using (conn = CreatConn())
{
SqlCommand cmd = new SqlCommand($"insert into {TableName} (User_ID,Token,MType,Exp,AesKey,AesIV,Sign) values (@User_ID,@Token,@MType,@Exp,@AesKey,@AesIV,@Sign);select @@IDENTITY as int", conn);
SqlParameter par = new SqlParameter("@User_ID", SqlDbType.Int);
par.Value = Obj.User_ID;
cmd.Parameters.Add(par);
par = new SqlParameter("@Token", SqlDbType.Char, 50);
if (Obj.Token == null) { par.Value = string.Empty; } else { par.Value = Obj.Token; }
cmd.Parameters.Add(par);
par = new SqlParameter("@MType", SqlDbType.SmallInt);
par.Value = Obj.MType;
cmd.Parameters.Add(par);
par = new SqlParameter("@Exp", SqlDbType.BigInt);
par.Value = Obj.Exp;
cmd.Parameters.Add(par);
par = new SqlParameter("@AesKey", SqlDbType.Char, 50);
par.Value = Obj.AesKey;
cmd.Parameters.Add(par);
par = new SqlParameter("@AesIV", SqlDbType.Char, 50);
par.Value = Obj.AesIV;
cmd.Parameters.Add(par);
par = new SqlParameter("@Sign", SqlDbType.Char, 50);
par.Value = Obj.Sign;
cmd.Parameters.Add(par);
try
{
conn.Open();
decimal d = (decimal)cmd.ExecuteScalar();
Obj.ID = (int)d;
if (Obj.ID > 0)
{
return 1;
}
else
{
return -1;
}
}
catch (Exception ex)
{
ErrMsg = ex.Message;
return -1;
}
finally
{
cmd.Dispose();
}
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
Random random = new Random();
M_Online obj = new M_Online();
M_TokenTable t_obj = new M_TokenTable();
RefreshToken refreshToken = new RefreshToken();
string ErrMsg = string.Empty;
bool bl = false;
var user_agent = filterContext.HttpContext.Request.Headers.Get("User-Agent");
var token = filterContext.HttpContext.Session["Token"];
var refroken = filterContext.HttpContext.Request.Cookies["RefreshToken"];
var oid = filterContext.HttpContext.Session["id"];
var uid = filterContext.HttpContext.Session["uid"];
if (uid is null)
{
uid = filterContext.HttpContext.Request.Cookies["uid"]; //如果Session没有uid就去Cookie拿
}
if (uid is null)
{
filterContext.HttpContext.Response.Redirect("/Home/login"); //如果Cookie没有uid就跳转登录界面
}
if (oid is null)
{
oid = filterContext.HttpContext.Request.Cookies["id"]; //Session没有oid就去Cookie拿
}
if (oid is null)
{
bl = true;
}
else
{
obj.ID = (int)oid;
int i = (int)oid;
if (B_Online.Select(ref obj, obj.ID, ref ErrMsg) != -1)
{
string tmpstr = RefreshToken.CreateToken(obj.ID, user_agent, obj.Token);
if (!string.Equals(tmpstr, token.ToString()))
{
bl = true;
}
}
}
if (refroken is null)
{
filterContext.HttpContext.Response.Redirect("/Home/login");
}
long now = (long)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds;
if (now > t_obj.Exp)
{
filterContext.HttpContext.Response.Redirect("/Home/login");
}
if (RefreshToken.AuthenticationRefToken(refroken.Value, t_obj.AesKey, t_obj.AesIV, ref refreshToken, ref ErrMsg))
{
base.OnActionExecuting(filterContext);
}
}
//查询多个(查ID)
public int Select(ref List<M_TokenTable> Obj, List<int> ID, ref string ErrMsg)
{
SqlConnection conn;
using (conn = CreatConn())
{
SqlCommand cmd = new SqlCommand($"select ID,User_ID,Token,MType,Exp,AesKey,AesIV,Sign from {TableName} where ID = @ID", conn);
SqlDataReader sdr;
SqlParameter par = new SqlParameter("@ID", SqlDbType.Int);
cmd.Parameters.Add(par);
int tmpOut = 0;
try
{
conn.Open();
foreach (int i in ID)
{
cmd.Parameters["@ID"].Value = i;
sdr = cmd.ExecuteReader();
while (sdr.Read())
{
M_TokenTable TmpObj = new M_TokenTable();
TmpObj.ID = (int)sdr["ID"];
TmpObj.AesIV = (string)sdr["AesIV"];
TmpObj.AesKey = (string)sdr["AesKey"];
TmpObj.Exp = (long)sdr["Exp"];
if (sdr["MType"] == DBNull.Value) { TmpObj.MType = null; } else { TmpObj.MType = (Int16)sdr["MType"]; }
TmpObj.Sign = (string)sdr["Sign"];
if (sdr["Token"] == DBNull.Value) { TmpObj.Token = string.Empty; } else { TmpObj.Token = (string)sdr["Token"]; }
TmpObj.User_ID = (int)sdr["User_ID"];
Obj.Add(TmpObj);
tmpOut++;
}
sdr.Close();
}
}
catch (Exception ex)
{
ErrMsg = ex.Message;
return -1;
}
finally
{
cmd.Dispose();
}
if (ID.Count() == tmpOut)
{
return 1;
}
else
{
return -1;
}
}
}
public ActionResult Login(Models.LoginViewModel model)
{
Random r = new Random();
RefreshToken rt = new RefreshToken();
M_TokenTable mtt = new M_TokenTable();
M_EmployeeLogin obj = new M_EmployeeLogin();
M_Online mol = new M_Online();
string ErrMsg = string.Empty;
if (B_EmployeeLogin.Login(ref obj, model.LoginTel, model.Password, ref ErrMsg) != -1)
{
try
{
mol.PastTime = (long)DateTime.UtcNow.AddMinutes(30).Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds;
mol.LastLogin = DateTime.Now;
mol.Admin_BL = 1;
mol.Token = r.NextDouble().ToString();
B_Online.Insert(ref mol, ref ErrMsg);
rt.iss = "lzfyhgm";
rt.exp = (long)DateTime.UtcNow.AddDays(30).Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds;
rt.iat = (long)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds;;
byte[] key = AES.Md5((rt.exp * r.NextDouble()).ToString(), AES.Md5DataType.t32);
byte[] IV = AES.Md5((rt.iat * r.NextDouble()).ToString(), AES.Md5DataType.t16);
mtt.AesIV = Convert.ToBase64String(key);
mtt.AesKey = Convert.ToBase64String(IV);
mtt.Exp = rt.exp;
mtt.User_ID = obj.ID;
mtt.Sign = RefreshToken.Sign(rt);
B_TokenTable.Insert(ref mtt, ref ErrMsg);
string refreshtoken = RefreshToken.CreateReftoken(rt, key, IV, obj.ID);
string user_agent = HttpContext.Request.Headers.Get("User-Agent");
string token = RefreshToken.CreateToken(obj.ID, user_agent, mol.Token);
UseCookie.Add("UserName", model.LoginTel, DateTime.Now.AddMinutes(30));
UseSession.Add("UserName", model.LoginTel);
UseCookie.Add("UserID", obj.ID.ToString(), DateTime.Now.AddMinutes(30));
UseSession.Add("UserID", obj.ID.ToString());
UseCookie.Add("token", token, DateTime.Now.AddMinutes(30));
UseSession.Add("token", token);
UseCookie.Add("RefreshToken", refreshtoken, DateTime.Now.AddDays(30));
}
catch (Exception ex)
{
Response.Write(ex.Message);
return(View());
}
return(RedirectToAction("Index"));
}
Response.Write(ErrMsg);
return(View());
}
// GET: Test
public ActionResult Index()
{
string ErrMsg = string.Empty;
I_TokenTable u = new D_TokenTable();
List <M_TokenTable> l = new List <M_TokenTable>();
M_TokenTable m = new M_TokenTable();
m.AesIV = "a33300";
m.AesKey = "a33300a";
m.Exp = 53330;
m.MType = 13;
m.Sign = "s03333000";
m.Token = "1033333001";
m.User_ID = 10222220;
m.ID = 5;
l.Add(m);
m = new M_TokenTable();
m.AesIV = "a022220";
m.AesKey = "a22200a";
m.Exp = 1222200;
m.MType = 12;
m.Sign = "s0222200";
m.Token = "1033333001";
m.User_ID = 122220;
m.ID = 6;
l.Add(m);
m = new M_TokenTable();
m.AesIV = "a111100";
m.AesKey = "111100";
m.Exp = 11110;
m.MType = 111;
m.Sign = "1110";
m.Token = "1033333001";
m.User_ID = 110;
m.ID = 8;
l.Add(m);
//if (u.Delete(m,ref ErrMsg) > -1)
//{
//}
//else
//{
// return Content(ErrMsg);
//}
return(Json(m, JsonRequestBehavior.AllowGet));
}
//查询单个(查ID)
public int Select(ref M_TokenTable Obj, int ID, ref string ErrMsg)
{
SqlConnection conn;
using (conn = CreatConn())
{
SqlCommand cmd = new SqlCommand($"select ID,User_ID,Token,MType,Exp,AesKey,AesIV,Sign from {TableName} where ID = {ID}", conn);
SqlDataReader sdr;
try
{
conn.Open();
sdr = cmd.ExecuteReader();
while (sdr.Read())
{
Obj.ID = (int)sdr["ID"];
Obj.AesIV = (string)sdr["AesIV"];
Obj.AesKey = (string)sdr["AesKey"];
Obj.Exp = (long)sdr["Exp"];
Obj.MType = (Int16)sdr["MType"];
Obj.Sign = (string)sdr["Sign"];
if (sdr["Token"] == null) { Obj.Token = string.Empty; } else { Obj.Token = (string)sdr["Token"]; }
Obj.User_ID = (int)sdr["User_ID"];
return 1;
}
return -1;
}
catch (Exception ex)
{
ErrMsg = ex.Message;
return -1;
}
finally
{
cmd.Dispose();
}
}
}
//更新单个(查ID)
public int Update(M_TokenTable Obj, ref string ErrMsg)
{
SqlConnection conn;
using (conn = CreatConn())
{
SqlCommand cmd = new SqlCommand($"update {TableName} set User_ID = @User_ID, Token = @Token, MType = @MType, Exp = @Exp, AesKey = @AesKey, AesIV = @AesIV, Sign = @Sign where ID = @ID", conn);
SqlParameter par = new SqlParameter("@User_ID", SqlDbType.Int);
par.Value = Obj.User_ID;
cmd.Parameters.Add(par);
par = new SqlParameter("@Token", SqlDbType.Char, 50);
if (Obj.Token == null) { par.Value = string.Empty; } else { par.Value = Obj.Token; }
cmd.Parameters.Add(par);
par = new SqlParameter("@MType", SqlDbType.SmallInt);
par.Value = Obj.MType;
cmd.Parameters.Add(par);
par = new SqlParameter("@Exp", SqlDbType.BigInt);
par.Value = Obj.Exp;
cmd.Parameters.Add(par);
par = new SqlParameter("@AesKey", SqlDbType.Char, 50);
par.Value = Obj.AesKey;
cmd.Parameters.Add(par);
par = new SqlParameter("@AesIV", SqlDbType.Char, 50);
par.Value = Obj.AesIV;
cmd.Parameters.Add(par);
par = new SqlParameter("@Sign", SqlDbType.Char, 50);
par.Value = Obj.Sign;
cmd.Parameters.Add(par);
par = new SqlParameter("@ID", SqlDbType.Int);
par.Value = Obj.ID;
cmd.Parameters.Add(par);
try
{
conn.Open();
if (cmd.ExecuteNonQuery() > 0)
{
return 1;
}
else
{
return -1;
}
}
catch (Exception ex)
{
ErrMsg = ex.Message;
return -1;
}
finally
{
cmd.Dispose();
}
}
}
//查询单个(查ID)
public static int Select(ref M_TokenTable Obj, int ID, ref string ErrMsg)
{
I_TokenTable I = (D_TokenTable)SimpleFactory.CreateObject(DBType.TokenTable);
return I.Select(ref Obj, ID, ref ErrMsg);
}
//更新单个(查ID)
public static int Update(M_TokenTable Obj, ref string ErrMsg)
{
I_TokenTable I = (D_TokenTable)SimpleFactory.CreateObject(DBType.TokenTable);
return I.Update(Obj, ref ErrMsg);
}
