public object validatetoken(string token)
{
if (string.IsNullOrEmpty(token) == false)
{
AuthResult ar = SsoHelper.ValidateToken(token);
if (string.IsNullOrEmpty(ar.ErrorMsg))
{
return new { flag = true, username = ar.User.UserName, token = ar.token }
}
;
return(new { flag = false, username = "" });
}
return(new { flag = false, username = "" });
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
var stopWatch = new Stopwatch();
actionContext.Request.Properties[Key] = stopWatch;
stopWatch.Start();
WebApiGlobal.ShowMsg("开始执行:" + actionContext.Request.RequestUri.LocalPath);
if (actionContext.Request.RequestUri.AbsolutePath.ToLower().IndexOf("/Login/submit".ToLower()) == -1 && WebApiGlobal.IsToken == true)
{
try
{
string token = null;
string[] qs = actionContext.Request.RequestUri.Query.ToLower().Split(new char[] { '?', '&' });
foreach (var s in qs)
{
string[] kv = s.Split(new char[] { '=' });
if (kv.Length == 2 && kv[0] == "token")
{
token = kv[1];
break;
}
}
if ((token != null))
{
AuthResult result = SsoHelper.ValidateToken(token);
if (!string.IsNullOrEmpty(result.ErrorMsg))
{
throw new Exception(result.ErrorMsg);
}
actionContext.Request.Properties[tokenKey] = result.User;
}
else
{
throw new Exception("token is empty");
}
}
catch (Exception e)
{
WebApiGlobal.ShowMsg("执行失败:token failed to " + actionContext.Request.RequestUri.LocalPath);
throw new Exception("token failed !" + e.Message);
}
}
base.OnActionExecuting(actionContext);
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
if (WebApiFrame.WebApiGlobal.IsToken == true)
{
//登陆之外的请求验证token
if (actionContext.Request.RequestUri.AbsolutePath.ToLower().IndexOf("/efwplusApi/coresys/login/userlogin".ToLower()) == -1)
{
string token = null;
string[] qs = actionContext.Request.RequestUri.Query.ToLower().Split(new char[] { '?', '&' });
foreach (var s in qs)
{
string[] kv = s.Split(new char[] { '=' });
if (kv.Length == 2 && kv[0] == "token")
{
token = kv[1];
break;
}
}
if (token == null)
{
throw new Exception("no token");
}
AuthResult result = SsoHelper.ValidateToken(token);
if (result.ErrorMsg != null)
{
throw new Exception(result.ErrorMsg);
}
SysLoginRight loginInfo = new SysLoginRight();
loginInfo.EmpId = result.User.EmpId;
//loginInfo.UserId =;
loginInfo.EmpName = result.User.UserName;
loginInfo.DeptId = result.User.DeptId;
loginInfo.DeptName = result.User.DeptName;
loginInfo.WorkId = result.User.WorkId;
loginInfo.WorkName = result.User.WorkName;
loginInfo.IsAdmin = result.User.IsAdmin;
loginInfo.token = Guid.Parse(result.token);
actionContext.Request.Properties[Key] = loginInfo;
}
}
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
if (EFWCoreLib.WcfFrame.ServerController.WcfServerManage.IsDebug == false)
{
//登陆之外的请求验证token
if (actionContext.Request.RequestUri.AbsolutePath.ToLower().IndexOf("/efwplusApi/coresys/login/userlogin".ToLower()) == -1)
{
string token = null;
string[] qs = actionContext.Request.RequestUri.Query.ToLower().Split(new char[] { '?', '&' });
foreach (var s in qs)
{
string[] kv = s.Split(new char[] { '=' });
if (kv.Length == 2 && kv[0] == "token")
{
token = kv[1];
break;
}
}
if (token == null)
{
throw new Exception("no token");
}
AuthResult result = SsoHelper.ValidateToken(token);
if (result.ErrorMsg != null)
{
throw new Exception(result.ErrorMsg);
}
SysLoginRight loginInfo = new SysLoginRight();
loginInfo.UserId = Convert.ToInt32(result.User.UserId);
loginInfo.EmpName = result.User.UserName;
actionContext.Request.Properties[Key] = loginInfo;
}
}
}
//每次请求的身份验证,分布式情况下验证麻烦
private static bool IsAuth(string pname, string cname, string methodname, string token)
{
ModulePlugin mp;
WcfControllerAttributeInfo cattr = AppPluginManage.GetPluginWcfControllerAttributeInfo(pname, cname, out mp);
if (cattr == null)
{
throw new Exception("插件中没有此控制器名");
}
WcfMethodAttributeInfo mattr = cattr.MethodList.Find(x => x.methodName == methodname);
if (mattr == null)
{
throw new Exception("控制器中没有此方法名");
}
if (mattr.IsAuthentication)
{
if (token == null)
{
throw new Exception("no token");
}
AuthResult result = SsoHelper.ValidateToken(token);
if (result.ErrorMsg != null)
{
throw new Exception(result.ErrorMsg);
}
SysLoginRight loginInfo = new SysLoginRight();
loginInfo.UserId = Convert.ToInt32(result.User.UserId);
loginInfo.EmpName = result.User.UserName;
//clientinfo.LoginRight = loginInfo;
}
return(true);
}