public IActionResult GetUsers(string mssv, string path) { if (path.Length == 0) { return(BadRequest()); } var invalidTokens = new[] { ":", ".." }; if (invalidTokens.Any(path.Contains)) { return(BadRequest()); } var decrypted = RC4Encrypt.Decrypt(HexaEncode.Decode(path)); if (dbContext.Users.Any(x => x.Name == mssv)) { var file = Path.Combine(appConfig.SharedDocumentPath, decrypted); if (System.IO.File.Exists(file)) { var stream = System.IO.File.OpenRead(file); return(File(stream, "application/octet-stream", Path.GetFileName(file))); } return(NotFound()); } return(Forbid()); }
private string CreateFileToken(string fileName) { var fileDownload = new FileDownload() { FileName = fileName, ValidFrom = DateTime.Now }; var token = JsonConvert.SerializeObject(fileDownload); return(HexaEncode.Encode(RC4Encrypt.Encrypt(token))); }
public T DecryptCookie <T>(string cookieValue, Dictionary <string, string> parameters) { T result = default(T); string strEncCookieValue = string.Empty; string strContent = string.Empty; string strSHA1Sign = string.Empty; string strShA1Temp = string.Empty; string[] arrayCookieValue = new string[2]; try { if (cookieValue.Length < 40) { return(result); } // 取出签名和密文 strSHA1Sign = cookieValue.Substring(0, 40); strEncCookieValue = cookieValue.Substring(40); // 签名校验 strShA1Temp = HashEncrypt.SHA1Encrypt(HttpUtility.UrlDecode(strEncCookieValue).Trim() + parameters["hashkey"]); if (strSHA1Sign != strShA1Temp) { return(result); } strEncCookieValue = HttpUtility.UrlDecode(strEncCookieValue); // 还原成明文 strContent = RC4Encrypt.Decrypt(strEncCookieValue, parameters["rc4key"], RC4Encrypt.EncoderMode.HexEncoder); if (strContent.Length == 0) { return(result); } arrayCookieValue = JsonConvert.DeserializeObject <string[]>(strContent); if (arrayCookieValue != null && arrayCookieValue.Length == 3) { if (DateTime.Parse(arrayCookieValue[1]) > DateTime.Now && GetClientIP() == arrayCookieValue[2]) { result = JsonConvert.DeserializeObject <T>(arrayCookieValue[0]); //Cookie有效,则继续延续有效期 IocManager.Instance.IocContainer.Resolve <CookieHelper>().SaveCookie <T>(parameters["nodeName"], result); //CookieHelper.SaveCookie<T>(parameters["nodeName"], result); } } return(result); } catch { return(result); } }
private string DecryptToken(string token) { var decrypted = RC4Encrypt.Decrypt(HexaEncode.Decode(token)); var file = JsonConvert.DeserializeObject <FileDownload>(decrypted); if (DateTime.Now - file.ValidFrom > TimeSpan.FromHours(1)) { throw new BadRequestException("Invalid token"); } return(file.FileName); }
public string EncryptCookie <T>(T obj, Dictionary <string, string> parameters) { string strCookieValue = string.Empty; string strEncCookieValue = string.Empty; string strSHA1Sign = string.Empty; strCookieValue = SerializationUtility.JsonSerialize3(obj); strEncCookieValue = RC4Encrypt.Encrypt(strCookieValue, parameters["rc4key"], RC4Encrypt.EncoderMode.HexEncoder).Trim(); strSHA1Sign = HashEncrypt.SHA1Encrypt(strEncCookieValue + parameters["hashkey"]); strEncCookieValue = HttpUtility.UrlEncode(strEncCookieValue); strEncCookieValue = strSHA1Sign + strEncCookieValue; return(strEncCookieValue); }
public T DecryptCookie <T>(string cookieValue, Dictionary <string, string> parameters) { T result = default(T); string strEncCookieValue = string.Empty; string strContent = string.Empty; string strSHA1Sign = string.Empty; string strShA1Temp = string.Empty; try { if (cookieValue.Length < 40) { return(result); } // 取出签名和密文 strSHA1Sign = cookieValue.Substring(0, 40); strEncCookieValue = cookieValue.Substring(40); // 签名校验 strShA1Temp = HashEncrypt.SHA1Encrypt(HttpUtility.UrlDecode(strEncCookieValue).Trim() + parameters["hashkey"]); if (strSHA1Sign != strShA1Temp) { return(result); } strEncCookieValue = HttpUtility.UrlDecode(strEncCookieValue); // 还原成明文 strContent = RC4Encrypt.Decrypt(strEncCookieValue, parameters["rc4key"], RC4Encrypt.EncoderMode.HexEncoder); if (strContent.Length == 0) { return(result); } result = SerializationUtility.JsonDeserialize3 <T>(strContent); return(result); } catch { return(result); } }
public string EncryptCookie <T>(T obj, Dictionary <string, string> parameters) { string strCookieValue = string.Empty; string strEncCookieValue = string.Empty; string strSHA1Sign = string.Empty; string[] arrayCookieValue = new string[3]; int securityExpires = 0; int.TryParse(parameters["securityExpires"], out securityExpires); arrayCookieValue[0] = JsonConvert.SerializeObject(obj); arrayCookieValue[1] = DateTime.Now.AddMinutes(securityExpires).ToString(); arrayCookieValue[2] = GetClientIP(); strCookieValue = JsonConvert.SerializeObject(arrayCookieValue); strEncCookieValue = RC4Encrypt.Encrypt(strCookieValue, parameters["rc4key"], RC4Encrypt.EncoderMode.HexEncoder).Trim(); strSHA1Sign = HashEncrypt.SHA1Encrypt(strEncCookieValue + parameters["hashkey"]); strEncCookieValue = HttpUtility.UrlEncode(strEncCookieValue); strEncCookieValue = strSHA1Sign + strEncCookieValue; return(strEncCookieValue); }
public string Enc(string enc) { return(HexaEncode.Encode(RC4Encrypt.Encrypt(enc))); }
//[TypeFilter(typeof(IPFilterAttribute))] public IActionResult DownloadPdf(string fileName) { fileName = RC4Encrypt.Decrypt(HexaEncode.Decode(fileName)); return(GetFile(_webHostEnvironment.WebRootPath + "\\uploads\\", fileName)); }