Esempio n. 1
0
        public void OnActionExecuting(ActionExecutingContext filterContext)
        {
            #region 白名单部分,设置部分路由不参与拦截
            string s = filterContext.HttpContext.Request.Path.Value;
            if (s.StartsWith("/Login"))
            {
                return;
            }
            #endregion

            if (string.IsNullOrWhiteSpace(filterContext.HttpContext.Request.Headers["UID"]))
            {
                filterContext.Result = new UnauthorizedResult();
                return;
            }

            string str = filterContext.HttpContext.Request.Headers["UID"].ToString();
            try
            {
                string m2 = AESTools.AESDecrypt(str).Replace("\0", "");
                if (string.IsNullOrWhiteSpace(m2))
                {
                    filterContext.Result = new UnauthorizedResult();
                    return;
                }
                CWTUserModel obj = JsonSerializer.Deserialize <CWTUserModel>(m2);
                if (obj == null || obj.Expired < DateTime.Now)
                {
                    filterContext.Result = new UnauthorizedResult();
                    return;
                }
            }
            catch
            {
                filterContext.Result = new UnauthorizedResult();
                return;
            }
        }
Esempio n. 2
0
        public Task BindModelAsync(ModelBindingContext bindingContext)
        {
            if (string.IsNullOrWhiteSpace(bindingContext.HttpContext.Request.Headers["UID"]))
            {
                return(Task.CompletedTask);
            }
            else
            {
                string str = bindingContext.HttpContext.Request.Headers["UID"].ToString();
                try
                {
                    string m2 = AESTools.AESDecrypt(str).Replace("\0", "");
                    if (string.IsNullOrWhiteSpace(m2))
                    {
                        return(Task.CompletedTask);
                    }
                    CWTUserModel obj = JsonSerializer.Deserialize <CWTUserModel>(m2);
                    if (obj == null || obj.Expired < DateTime.Now)
                    {
                        return(Task.CompletedTask);
                    }
                    //将obj的部分信息映射成供controller可用的数据,可以从redis中拿数据
                    //不建议从db中获取数据,有性能问题
                    CWTUser re = new CWTUser()
                    {
                        UID = obj.UID
                    };

                    //合法
                    bindingContext.Result = ModelBindingResult.Success(re);
                }
                catch
                {
                }
            }
            return(Task.CompletedTask);
        }
Esempio n. 3
0
        public static string toToken(CWTUserModel obj)
        {
            string json = JsonSerializer.Serialize(obj);

            return(AESTools.AESEncrypt(json));
        }