public async Task <string> RefreshToken(LyciumToken token) { if (IsLegal) { var localToken = _tokenService.GetToken(Uid, Gid); if (localToken == null) { return(null); } if (token.Content == localToken.Content) { if (TokenOperator.CanFlush(token)) { TokenOperator.Flush(token); if (_tokenService.ModifyToken(token)) { await _tokenNotify.NotifyTokensModify(Gid, token); return(JsonResult(token)); } else { //二次重试 if (_tokenService.ModifyToken(token)) { await _tokenNotify.NotifyTokensModify(Gid, token); return(JsonResult(token)); } else { HttpContext.Response.StatusCode = 500; LyciumConfiguration.ReturnMessage(HttpContext, 4211, "服务端Token更新失败!"); return(null); } } } } return(null); } else { HttpContext.Response.StatusCode = 401; LyciumConfiguration.ReturnMessage(HttpContext, 4016, "主机校验不合法!"); return(null); } }
public async Task PipelineDelegate(HttpContext context, Func <Task> next) { //获取路由资源 var endpoint = context.GetEndpoint(); if (endpoint == null) { await next.Invoke(); } var routeEndpoint = (RouteEndpoint)endpoint; if (routeEndpoint != null) { //拿到资源 var resource = $"{context.Request.Method}:{routeEndpoint.RoutePattern.RawText}"; //检测路由是否在白名单中,在的话放行 if (!_resourceService.IsInAllowlist(resource)) { //检测该主机是否已经同步过 if (!HasSync(context)) { return; } #region Token认证 //从上下文中获取Token var tokenString = _infoService.GetTokenFromContext(context); if (tokenString == null || tokenString == "") { //没有Token返回登录 context.Response.StatusCode = 401; ReturnMessage(context, 4011, "未从请求中获取到Token,Token认证失败!"); return; } var uid = _infoService.GetUidFromContext(context); var gid = _infoService.GetGidFromContext(context); var localToken = _tokenService.GetToken(uid, gid); //获取本地Token if (localToken != null) { //Token本地认证 if (tokenString == localToken.Content) { //本地Token如果没有存活 if (!TokenOperator.IsAlive(localToken)) { //Token在刷新期 if (TokenOperator.CanFlush(localToken)) { //向服务器请求并刷新Token var serverToken = _tokenService.RefreshToken(localToken, uid, gid); if (serverToken != null) { //将Token设置到上下文中 if (_tokenService.ModifyToken(serverToken)) { _infoService.PutTokenToContext(context, serverToken); } else { if (_tokenService.ModifyToken(serverToken)) { _infoService.PutTokenToContext(context, serverToken); await next(); } else { context.Response.StatusCode = 500; ReturnMessage(context, 4012, "客户端 Token 刷新成功,写入失败!"); } } } else { //没有请求到Token返回登录 context.Response.StatusCode = 401; ReturnMessage(context, 4013, "客户端 Token 刷新失败!"); } } else { //没申请到 context.Response.StatusCode = 401; ReturnMessage(context, 4014, "Token已经过期,请重新登陆!"); } } else { await next(); } } else { //请求远程刷新 var serverToken = _tokenService.GetServerToken(uid, gid); if (serverToken != null) { if (tokenString == serverToken.Content) { //将Token设置到上下文中 if (_tokenService.ModifyToken(serverToken)) { _infoService.PutTokenToContext(context, serverToken); } else { if (_tokenService.ModifyToken(serverToken)) { _infoService.PutTokenToContext(context, serverToken); await next(); } else { // 没申请到 context.Response.StatusCode = 401; ReturnMessage(context, 4110, "Token 写入失败!"); } } } else { context.Response.StatusCode = 401; ReturnMessage(context, 4111, "Token远程认证失败!"); } } else { context.Response.StatusCode = 401; ReturnMessage(context, 4112, "Token 未从服务端获取到,请重新登录!"); } //if (ClientConfiguration.NeedAuth) //{ // var code = _notifier.AuthAllow(serverToken.Uid, resource); // if (code == System.Net.HttpStatusCode.OK) // { // await next.Invoke(); // } // else if (code == System.Net.HttpStatusCode.Forbidden) // { // context.Response.StatusCode = 403; // await context.Response.WriteAsync("您没有权限访问此资源,请联系管理员!"); // } // else // { // context.Response.StatusCode = (int)code; // await context.Response.WriteAsync( // JsonSerializer.Serialize( // new { code = 5000, msg = "程序异常,请联系管理员!" } // ) // ); // } //} //else //{ // await next.Invoke(); //} } } else { context.Response.StatusCode = 401; ReturnMessage(context, 4010, "未从客户端获取到Token, 请检查UID和数据库,Token认证失败!"); } #endregion } else { //白名单放行 await next(); } } else { //空资源/静态资源放行 await next(); } }