private string AuthExtendTime(TokenApplyPlace apiToken, string token, int _tokenExtendedTime_, AuthStatus authStatus) { if (AutoTokenExtended && !String.IsNullOrWhiteSpace(token) && authStatus == AuthStatus.Authorized) { //無cache 及 過期前 (_tokenExtendedTime/10)秒 提早SQL update int SlidingExpiration = -1 * (int)Math.Round(_tokenExtendedTime_ / 10.0); if (apiToken == null || apiToken.ExpireDateTime.AddSeconds(SlidingExpiration) < DateTime.Now) { using (SqlConnection conn = new SqlConnection(_DBconfig)) { string sqlStr = @"UPDATE TOP (1) dbo.Token SET RefreshDateTime = GETDATE(), ExpireDateTime = DATEADD(s, @tokenExtendedTime, GETDATE()) OUTPUT INSERTED.RefreshDateTime, INSERTED.ExpireDateTime WHERE Token = @token"; conn.Open(); var updateTmp = conn.Query <TokenApplyPlace>(sqlStr, new { token = token, tokenExtendedTime = _tokenExtendedTime_ }).SingleOrDefault(); if (updateTmp != null) { _apiToken.RefreshDateTime = updateTmp.RefreshDateTime; _apiToken.ExpireDateTime = updateTmp.ExpireDateTime; if (_apiToken != null && _apiToken.ExpireDateTime != null) { NetCacheHelper.Add(token, _apiToken, _apiToken.ExpireDateTime); } } } } return(_apiToken.ExpireDateTime.ToString("yyyy-MM-ddTHH:mm:ssK")); } return(null); }
private AuthStatus TokenAuthentication(string token, string ipAddress) { AuthStatus authStatus = AuthStatus.None; _apiToken = NetCacheHelper.GetValue(token) as TokenApplyPlace; if (_apiToken == null || DateTime.Now > _apiToken.ExpireDateTime) { using (SqlConnection conn = new SqlConnection(_DBconfig)) { String strQuery = @"SELECT top 1 Token, ExpireDateTime, ApplicationName, AllowIPs from dbo.Token LEFT JOIN dbo.Application ON dbo.Application.Id = dbo.Token.ApplicationID where Token = @token"; conn.Open(); _apiToken = conn.Query <TokenApplyPlace>(strQuery, new { token = token }).SingleOrDefault(); if (_apiToken != null && DateTime.Now < _apiToken.ExpireDateTime) { //token未過期才緩存 //set cache //NetCacheHelper.Add(token, _apiToken, _apiToken.ExpireDateTime); } } } if (_apiToken == null) { //ToKen是否已存在 authStatus = AuthStatus.Revoked_TokenNotExists; } else if (DateTime.Now > _apiToken.ExpireDateTime) { //ToKen是否過期 authStatus = AuthStatus.Revoked_Expired; } else if (String.IsNullOrWhiteSpace(_apiToken.ApplicationName)) { //ToKen是否有相關的系統在使用 authStatus = AuthStatus.Revoked_AppNotExists; } else if (!String.IsNullOrWhiteSpace(ipAddress) && !String.IsNullOrWhiteSpace(_apiToken.AllowIPs) && !ipAddress.Equals("::1") && !ipAddress.Equals("127.0.0.1") && !_apiToken.AllowIPs.Contains(ipAddress) ) { //IP權限判斷,判斷使用者IP是否可以使用此API authStatus = AuthStatus.Revoked_NotAllowIP; } else { //驗證通過 authStatus = AuthStatus.Authorized; } return(authStatus); }