protected virtual int GetUserIdByToken() { //return true; var headerCustomerId = WebApiValidate.ValidateToken(Request.Headers.Authorization.Parameter); return(headerCustomerId); }
/// <summary> /// 检查token中的用户信息是否与获取数据的用户id为同一个用户 /// </summary> /// <param name="customerId"></param> /// <returns></returns> protected virtual bool CheckTokenUser(int customerId) { //return true; var headerCustomerId = WebApiValidate.ValidateToken(Request.Headers.Authorization.Parameter); if (headerCustomerId == 0) { return(false); } else if (headerCustomerId != customerId) { return(false); } else { return(true); } }
public HttpResponseMessage PostLogin(CustomerLoginModel value) { if (string.IsNullOrWhiteSpace(value.UserName) || string.IsNullOrWhiteSpace(value.Password)) { return(ReturnResult(string.Empty, 1, "不能传入空的参数值")); } try { var checkResult = ValidateSignature(value.Signature, value.timestamp, value.Nonce, value.AppCode); if (!checkResult) { return(ReturnResult(string.Empty, 1, "不合法的登录方式,您的IP将会被限制访问")); } var loginResult = _customerRegistrationService.ValidateCustomer(value.UserName, value.Password); var errorMessge = string.Empty; Customer customer = new Customer(); switch (loginResult) { case CustomerLoginResults.Successful: { //if (customer == null){ customer = _customerService.GetCustomerByUsername(value.UserName); //} //sign in new customer _authenticationService.SignIn(customer, true); } break; case CustomerLoginResults.CustomerNotExist: errorMessge = _localizationService.GetResource("Account.Login.WrongCredentials.CustomerNotExist"); break; case CustomerLoginResults.Deleted: errorMessge = _localizationService.GetResource("Account.Login.WrongCredentials.Deleted"); break; case CustomerLoginResults.NotActive: errorMessge = _localizationService.GetResource("Account.Login.WrongCredentials.NotActive"); break; case CustomerLoginResults.NotRegistered: errorMessge = _localizationService.GetResource("Account.Login.WrongCredentials.NotRegistered"); break; case CustomerLoginResults.WrongPassword: default: errorMessge = _localizationService.GetResource("Account.Login.WrongCredentials"); break; } if (!string.IsNullOrWhiteSpace(errorMessge)) { return(ReturnResult(string.Empty, 1, errorMessge)); } else { var result = new { token = WebApiValidate.GetApiValidateToken(customer.Id), id = customer.Id, username = customer.Username, email = customer.Email.ConvertToString(), firstname = customer.GetAttribute <string>(SystemCustomerAttributeNames.FirstName).ConvertToString(), lastname = customer.GetAttribute <string>(SystemCustomerAttributeNames.LastName).ConvertToString(), imageurl = _pictureService.GetPictureUrl( customer.GetAttribute <int>(SystemCustomerAttributeNames.AvatarPictureId), _mediaSettings.AvatarPictureSize, false).ConvertToString() }; return(ReturnResult(result, 0, string.Empty)); } } catch (Exception ex) { LogException(ex); return(ReturnResult(string.Empty, 1, "读取数据出现错误")); } }