Example #1
0
        /// <summary>
        /// 验证token的有效性
        /// </summary>
        public bool ValidateToken(string token, out int errorCode, out string errorMsg, out User currentUser)
        {
            currentUser = null;
            errorCode   = 0;
            errorMsg    = "";

            if (string.IsNullOrWhiteSpace(token))
            {
                errorCode = 40;
                errorMsg  = "token不可为空";
                return(false);
            }

            string desc = string.Empty;

            try
            {
                desc = Secure.DecryptStringByDES(token);
            }
            catch
            {
                errorCode = 41;
                errorMsg  = "作废的token";
                return(false);
            }

            string[] sr = desc.Split(':');
            if (sr.Length != 2)
            {
                errorCode = 44;
                errorMsg  = "过时的token";
                return(false);
            }
            int    oid = Convert.ToInt32(sr[0]);
            string pwd = sr[1];

            var _dbContext = new ModelEntity();

            var user = _dbContext.User.Find(oid);

            //var user = _dbContext.GetEntity<User>(oid);
            if (user == null)
            {
                errorCode = 42;
                errorMsg  = "无效的token";
                return(false);
            }

            if (!user.Password.Equals(pwd))
            {
                errorCode = 43;
                errorMsg  = "错误的token";
                return(false);
            }

            currentUser = user;

            return(true);
        }