public async Task <string> RefreshToken(LyciumToken token)
{
if (IsLegal)
{
var localToken = _tokenService.GetToken(Uid, Gid);
if (localToken == null)
{
return(null);
}
if (token.Content == localToken.Content)
{
if (TokenOperator.CanFlush(token))
{
TokenOperator.Flush(token);
if (_tokenService.ModifyToken(token))
{
await _tokenNotify.NotifyTokensModify(Gid, token);
return(JsonResult(token));
}
else
{
//二次重试
if (_tokenService.ModifyToken(token))
{
await _tokenNotify.NotifyTokensModify(Gid, token);
return(JsonResult(token));
}
else
{
HttpContext.Response.StatusCode = 500;
LyciumConfiguration.ReturnMessage(HttpContext, 4211, "服务端Token更新失败!");
return(null);
}
}
}
}
return(null);
}
else
{
HttpContext.Response.StatusCode = 401;
LyciumConfiguration.ReturnMessage(HttpContext, 4016, "主机校验不合法!");
return(null);
}
}
public async Task PipelineDelegate(HttpContext context, Func <Task> next)
{
//获取路由资源
var endpoint = context.GetEndpoint();
if (endpoint == null)
{
await next.Invoke();
}
var routeEndpoint = (RouteEndpoint)endpoint;
if (routeEndpoint != null)
{
//拿到资源
var resource = $"{context.Request.Method}:{routeEndpoint.RoutePattern.RawText}";
//检测路由是否在白名单中,在的话放行
if (!_resourceService.IsInAllowlist(resource))
{
//检测该主机是否已经同步过
if (!HasSync(context))
{
return;
}
#region Token认证
//从上下文中获取Token
var tokenString = _infoService.GetTokenFromContext(context);
if (tokenString == null || tokenString == "")
{
//没有Token返回登录
context.Response.StatusCode = 401;
ReturnMessage(context, 4011, "未从请求中获取到Token,Token认证失败!");
return;
}
var uid = _infoService.GetUidFromContext(context);
var gid = _infoService.GetGidFromContext(context);
var localToken = _tokenService.GetToken(uid, gid);
//获取本地Token
if (localToken != null)
{
//Token本地认证
if (tokenString == localToken.Content)
{
//本地Token如果没有存活
if (!TokenOperator.IsAlive(localToken))
{
//Token在刷新期
if (TokenOperator.CanFlush(localToken))
{
//向服务器请求并刷新Token
var serverToken = _tokenService.RefreshToken(localToken, uid, gid);
if (serverToken != null)
{
//将Token设置到上下文中
if (_tokenService.ModifyToken(serverToken))
{
_infoService.PutTokenToContext(context, serverToken);
}
else
{
if (_tokenService.ModifyToken(serverToken))
{
_infoService.PutTokenToContext(context, serverToken);
await next();
}
else
{
context.Response.StatusCode = 500;
ReturnMessage(context, 4012, "客户端 Token 刷新成功,写入失败!");
}
}
}
else
{
//没有请求到Token返回登录
context.Response.StatusCode = 401;
ReturnMessage(context, 4013, "客户端 Token 刷新失败!");
}
}
else
{
//没申请到
context.Response.StatusCode = 401;
ReturnMessage(context, 4014, "Token已经过期,请重新登陆!");
}
}
else
{
await next();
}
}
else
{
//请求远程刷新
var serverToken = _tokenService.GetServerToken(uid, gid);
if (serverToken != null)
{
if (tokenString == serverToken.Content)
{
//将Token设置到上下文中
if (_tokenService.ModifyToken(serverToken))
{
_infoService.PutTokenToContext(context, serverToken);
}
else
{
if (_tokenService.ModifyToken(serverToken))
{
_infoService.PutTokenToContext(context, serverToken);
await next();
}
else
{
// 没申请到
context.Response.StatusCode = 401;
ReturnMessage(context, 4110, "Token 写入失败!");
}
}
}
else
{
context.Response.StatusCode = 401;
ReturnMessage(context, 4111, "Token远程认证失败!");
}
}
else
{
context.Response.StatusCode = 401;
ReturnMessage(context, 4112, "Token 未从服务端获取到,请重新登录!");
}
//if (ClientConfiguration.NeedAuth)
//{
// var code = _notifier.AuthAllow(serverToken.Uid, resource);
// if (code == System.Net.HttpStatusCode.OK)
// {
// await next.Invoke();
// }
// else if (code == System.Net.HttpStatusCode.Forbidden)
// {
// context.Response.StatusCode = 403;
// await context.Response.WriteAsync("您没有权限访问此资源,请联系管理员!");
// }
// else
// {
// context.Response.StatusCode = (int)code;
// await context.Response.WriteAsync(
// JsonSerializer.Serialize(
// new { code = 5000, msg = "程序异常,请联系管理员!" }
// )
// );
// }
//}
//else
//{
// await next.Invoke();
//}
}
}
else
{
context.Response.StatusCode = 401;
ReturnMessage(context, 4010, "未从客户端获取到Token, 请检查UID和数据库,Token认证失败!");
}
#endregion
}
else
{
//白名单放行
await next();
}
}
else
{
//空资源/静态资源放行
await next();
}
}
