/// <summary> /// 解码 /// </summary> /// <param name="token"></param> /// <returns></returns> public UserIdSessionData Decrypt(string token) { //验证用户信息 UserIdSessionData sessionData = null; try { sessionData = SessionKeyHelper.Decrypt(token); } catch { Logger.Error(String.Format("{0}解密失败 ", token)); } return(sessionData); }
protected override object GetModelInstance(string token) { if (String.IsNullOrWhiteSpace(token)) { return(null); } var userSessionData = SessionKeyHelper.Decrypt(token); if (userSessionData == null) { return(null); } if (userSessionData.Expired) { return(null); } try { return(this._userService.Get(Int32.Parse(userSessionData.UserId))); } catch (Exception ex) { if (HttpContext.Current != null) { Logger.Error("httpurl:" + HttpContext.Current.Request.Url.ToString()); } while (ex != null) { Logger.Error(ex); ex = ex.InnerException; } throw new ArgumentException("在binder时获取用户信息失败"); } }
public virtual void ExecActionExecuting(ActionExecutingContext filterContext) { //获取SessionKey var httpContext = filterContext.HttpContext; var token = httpContext.Request[Define.Token]; if (String.IsNullOrEmpty(token) && !_holdon) { //filterContext.HttpContext.ClearError(); filterContext.Result = new RestfulResult { Data = new ExecuteResult { StatusCode = StatusCode.ClientError, Message = String.Format("{0}为空", Define.Token) } }; return; //return false; } //验证用户信息 try { _sessionData = SessionKeyHelper.Decrypt(token); } catch { _log.Error(String.Format("{0}解密失败 ", token)); } // 解密失败返回结果 if (_sessionData == null && !_holdon) { filterContext.Result = new RestfulResult { Data = new ExecuteResult { StatusCode = StatusCode.Unauthorized, Message = "您的身份验证失败." } }; return; } // Session过期 if (_sessionData != null && _sessionData.Expired && !_holdon) { filterContext.Result = new RestfulResult { Data = new ExecuteResult { StatusCode = StatusCode.Unauthorized, Message = "您已经很长时候没有使用啦,为保证你的账户安全,请重新登录." } }; return; } //TODO:可以通过ActionDescriptor获取参数的类型,这里约定好就可以了,没有必要去那样做 var output = 0; if (_sessionData != null) { Int32.TryParse(_sessionData.UserId, out output); } if (_sessionData != null) { this._authUser = ServiceLocator.Current.Resolve <IUserService>().Get(Int32.Parse(_sessionData.UserId)); if (this._authUser == null) { filterContext.Result = new RestfulResult { Data = new ExecuteResult { StatusCode = StatusCode.Unauthorized, Message = "您的身份验证失败." } }; return; } filterContext.ActionParameters[Define.AuthUser] = this._authUser; ////// 设置参数userId的值 ////httpContext.Request. httpContext.Request.RequestContext.RouteData.Values.Add(Define.AuthUserId, output.ToString(CultureInfo.InvariantCulture)); //httpContext.Request.Params.Add(Define.AuthUserId, output.ToString(CultureInfo.InvariantCulture)); filterContext.ActionParameters[Define.AuthUserId] = output; } else { filterContext.ActionParameters[Define.AuthUser] = null; filterContext.ActionParameters[Define.AuthUserId] = null; } ExecActionRoleAuthorizeing(filterContext); }