/// <summary>从Cookie加载用户信息</summary> /// <param name="provider">提供者</param> /// <param name="autologin">是否自动登录</param> /// <param name="context">Http上下文,兼容NetCore</param> /// <returns></returns> public static IManageUser LoadCookie(this IManageProvider provider, Boolean autologin, HttpContext context) { var key = "token"; var req = context?.Request; var token = req?.Cookies[key]; if (token.IsNullOrEmpty()) { return(null); } var jwt = GetJwt(); if (!jwt.TryDecode(token, out var msg)) { XTrace.WriteLine("令牌无效:{0}, token={1}", msg, token); return(null); } var user = jwt.Subject; if (user.IsNullOrEmpty()) { return(null); } //// 判断有效期 //if (jwt.Expire < DateTime.Now) //{ // XTrace.WriteLine("令牌过期:{0} {1}", jwt.Expire, token); // return null; //} var u = provider.FindByName(user); if (u == null || !u.Enable) { return(null); } // 保存登录信息 if (autologin && u is IAuthUser mu) { mu.SaveLogin(null); LogProvider.Provider.WriteLog("用户", "自动登录", true, $"{user} Time={jwt.IssuedAt} Expire={jwt.Expire} Token={token}", u.ID, u + "", ip: context.GetUserHost()); } return(u); }
/// <summary>从Cookie加载用户信息</summary> /// <param name="provider">提供者</param> /// <param name="autologin">是否自动登录</param> /// <param name="context">Http上下文,兼容NetCore</param> /// <returns></returns> public static IManageUser LoadCookie(this IManageProvider provider, Boolean autologin = true, IServiceProvider context = null) { var key = GetCookieKey(provider); if (context == null) { context = HttpContext.Current; } var req = context.GetService <HttpRequest>(); var cookie = req?.Cookies[key]; if (cookie == null) { return(null); } var m = new CookieModel(); if (!m.Read(cookie, SysConfig.Current.InstallTime.ToFullString())) { return(null); } var user = HttpUtility.UrlDecode(m.UserName); //var user = HttpUtility.UrlDecode(cookie["u"]); //var pass = cookie["p"]; //var exp = cookie["e"].ToInt(-1); if (user.IsNullOrEmpty() || m.Password.IsNullOrEmpty()) { return(null); } // 判断有效期 //var expire = exp.ToDateTime(); if (m.Expire < DateTime.Now) { return(null); } var u = provider.FindByName(user); if (u == null || !u.Enable) { return(null); } var mu = u as IAuthUser; if (!m.Password.EqualIgnoreCase(mu.Password.MD5())) { return(null); } // 保存登录信息 if (autologin) { mu.SaveLogin(null); LogProvider.Provider.WriteLog("用户", "自动登录", $"{user} Time={m.Time} Expire={m.Expire}", u.ID, u + "", ip: req.RequestContext.HttpContext.GetUserHost()); } return(u); }
/// <summary>从Cookie加载用户信息</summary> /// <param name="provider">提供者</param> /// <param name="autologin">是否自动登录</param> /// <param name="context">Http上下文,兼容NetCore</param> /// <returns></returns> public static IManageUser LoadCookie(this IManageProvider provider, Boolean autologin, HttpContext context) { var key = "token"; var req = context?.Request; var token = req?.Cookies[key]; // 尝试从url中获取token if (token.IsNullOrEmpty() || token.Split(".").Length != 3) { token = req?.Query["token"]; } if (token.IsNullOrEmpty() || token.Split(".").Length != 3) { token = req?.Query["jwtToken"]; } // 尝试从头部获取token if (token.IsNullOrEmpty() || token.Split(".").Length != 3) { token = req?.Headers[HeaderNames.Authorization]; } if (token.IsNullOrEmpty() || token.Split(".").Length != 3) { return(null); } token = token.Replace("Bearer ", "", StringComparison.OrdinalIgnoreCase); var jwt = GetJwt(); if (!jwt.TryDecode(token, out var msg)) { XTrace.WriteLine("令牌无效:{0}, token={1}", msg, token); return(null); } var user = jwt.Subject; if (user.IsNullOrEmpty()) { return(null); } // 判断有效期 if (jwt.Expire < DateTime.Now) { XTrace.WriteLine("令牌过期:{0} {1}", jwt.Expire, token); return(null); } var u = provider.FindByName(user); if (u == null || !u.Enable) { return(null); } // 保存登录信息。如果是json请求,不用记录自动登录 if (autologin && u is IAuthUser mu && !req.IsAjaxRequest()) { mu.SaveLogin(null); LogProvider.Provider.WriteLog("用户", "自动登录", true, $"{user} Time={jwt.IssuedAt} Expire={jwt.Expire} Token={token}", u.ID, u + "", ip: context.GetUserHost()); } return(u); }