private string AuthExtendTime(TokenApplyPlace apiToken, string token, int _tokenExtendedTime_, AuthStatus authStatus)
{
if (AutoTokenExtended && !String.IsNullOrWhiteSpace(token) && authStatus == AuthStatus.Authorized)
{
//無cache 及 過期前 (_tokenExtendedTime/10)秒 提早SQL update
int SlidingExpiration = -1 * (int)Math.Round(_tokenExtendedTime_ / 10.0);
if (apiToken == null || apiToken.ExpireDateTime.AddSeconds(SlidingExpiration) < DateTime.Now)
{
using (SqlConnection conn = new SqlConnection(_DBconfig)) {
string sqlStr = @"UPDATE TOP (1) dbo.Token
SET RefreshDateTime = GETDATE(),
ExpireDateTime = DATEADD(s, @tokenExtendedTime, GETDATE())
OUTPUT INSERTED.RefreshDateTime, INSERTED.ExpireDateTime
WHERE Token = @token";
conn.Open();
var updateTmp = conn.Query <TokenApplyPlace>(sqlStr, new { token = token, tokenExtendedTime = _tokenExtendedTime_ }).SingleOrDefault();
if (updateTmp != null)
{
_apiToken.RefreshDateTime = updateTmp.RefreshDateTime;
_apiToken.ExpireDateTime = updateTmp.ExpireDateTime;
if (_apiToken != null && _apiToken.ExpireDateTime != null)
{
NetCacheHelper.Add(token, _apiToken, _apiToken.ExpireDateTime);
}
}
}
}
return(_apiToken.ExpireDateTime.ToString("yyyy-MM-ddTHH:mm:ssK"));
}
return(null);
}
private AuthStatus TokenAuthentication(string token, string ipAddress)
{
AuthStatus authStatus = AuthStatus.None;
_apiToken = NetCacheHelper.GetValue(token) as TokenApplyPlace;
if (_apiToken == null || DateTime.Now > _apiToken.ExpireDateTime)
{
using (SqlConnection conn = new SqlConnection(_DBconfig)) {
String strQuery = @"SELECT top 1 Token, ExpireDateTime, ApplicationName, AllowIPs
from dbo.Token LEFT JOIN dbo.Application ON dbo.Application.Id = dbo.Token.ApplicationID
where Token = @token";
conn.Open();
_apiToken = conn.Query <TokenApplyPlace>(strQuery, new { token = token }).SingleOrDefault();
if (_apiToken != null && DateTime.Now < _apiToken.ExpireDateTime)
{
//token未過期才緩存
//set cache
//NetCacheHelper.Add(token, _apiToken, _apiToken.ExpireDateTime);
}
}
}
if (_apiToken == null)
{
//ToKen是否已存在
authStatus = AuthStatus.Revoked_TokenNotExists;
}
else if (DateTime.Now > _apiToken.ExpireDateTime)
{
//ToKen是否過期
authStatus = AuthStatus.Revoked_Expired;
}
else if (String.IsNullOrWhiteSpace(_apiToken.ApplicationName))
{
//ToKen是否有相關的系統在使用
authStatus = AuthStatus.Revoked_AppNotExists;
}
else if (!String.IsNullOrWhiteSpace(ipAddress) && !String.IsNullOrWhiteSpace(_apiToken.AllowIPs) &&
!ipAddress.Equals("::1") && !ipAddress.Equals("127.0.0.1") && !_apiToken.AllowIPs.Contains(ipAddress)
)
{
//IP權限判斷,判斷使用者IP是否可以使用此API
authStatus = AuthStatus.Revoked_NotAllowIP;
}
else
{
//驗證通過
authStatus = AuthStatus.Authorized;
}
return(authStatus);
}
