void AppInfo() { long appID; if (!Form.TryGet("app_id", out appID)) { WrapResult(false, "invalid param!"); return; } var app = RowAdapter.LoadFirstOrDefault <App>(p => p.ID == appID && p.Deleted == false); if (app == null) { WrapResult(false, "not found app!"); return; } var json = new JsonObject(); json["name"] = app.Name; json["domain"] = app.Domain; json["icon"] = app.IconURL; WrapResult(true, json); }
void UserInfo() { var token = Form.Find("access_token"); var access = RowAdapter.LoadFirstOrDefault <Access>(p => p.AccessToken == token); if (access == null) { WrapResult(false, "invaild access_token!"); return; } if (!access.Available) { WrapResult(false, "access_token expire!"); return; } var account = RowAdapter.LoadFirstOrDefault <Account>(p => p.ID == access.OwnerID); var json = new JsonObject(); json["app_id"] = access.AppID; json["open_id"] = account.OpenID; json["nick_name"] = account.Nickname; json["real_name"] = account.Realname; json["gender"] = account.Gender; json["phone"] = account.Phone; WrapResult(true, json); }
void Refresh() { var token = Form.Find("refresh_token"); var access = RowAdapter.LoadFirstOrDefault <Access>(p => p.RefreshToken == token); if (access == null) { WrapResult(false, "invaild access!"); return; } access.Refresh(); access.Save(); if (!access.Available) { WrapResult(false, "invaild access!"); return; } var json = new JsonObject(); json["access_token"] = access.AccessToken; json["expires_in"] = (access.DeathLine - DateTime.Now).TotalSeconds; WrapResult(true, json); }
void Update() { var id = Form.Find <long>("ID"); var account = RowAdapter.LoadFirstOrDefault <Account>(p => p.ID == id && p.Deleted == false); if (account == null) { WrapResult(false, "未找到指定账号!"); return; } var view = EntitySchemaManager.GetSchema <Account>(true); foreach (var column in view.Columns) { string str; if (Form.TryGet(column.Name, out str)) { var json = Json.Parse(str); var value = JsonSerializer.Deserialize(json, column.PropertyType); column.SetValue(account, value); } } account.Save(); var myaccount = JsonSerializer.Deserialize <Account>(Session["account"]); if (account.ID == myaccount.ID) { Session["account"] = JsonSerializer.Serialize(account); } WrapResult(true, FromAccount(account)); }
void GetFirendList() { var token = Form.Find("access_token"); var openStrings = Form.Find("opens"); JsonArray opens; if (!Json.TryParse <JsonArray>(openStrings, out opens)) { WrapResult(false, "invaild param: opens!"); return; } if (string.IsNullOrEmpty(token)) { WrapResult(false, "nvaild param: access_token"); return; } if (opens.Count == 0) { WrapResult(false, "opens length error!"); return; } var access = RowAdapter.LoadFirstOrDefault <Access>(p => p.AccessToken == token); if (access == null) { WrapResult(false, "invaild access_token!"); return; } if (!access.Available) { WrapResult(false, "access_token expire!"); return; } var view = EntitySchemaManager.GetSchema <Account>(true); var dbProvider = DbFactory.Gain(view.ConnectKey); var commandStruct = dbProvider.CreateCommand <Account>(view.Name, DbCommandMode.Select); var member = SqlExpression.Member(view.Columns.First(p => p.Name == "OpenID").Name); var newArray = SqlExpression.NewArray(opens.Select(p => SqlExpression.Constant((string)p)).ToArray()); commandStruct.Condition = SqlExpression.In(member, newArray); var accounts = RowAdapter.Load <Account>(dbProvider, commandStruct); var array = new JsonArray(); foreach (var account in accounts) { var json = new JsonObject(); json["open_id"] = account.OpenID; json["nick_name"] = account.Nickname; json["real_name"] = account.Realname; json["gender"] = account.Gender; json["available"] = account.Available; array.Add(json); } WrapResult(true, array); }
void Login() { string token, name; long appID, timestamp; if (!Form.TryGet("token", out token) || !Form.TryGet("account", out name) || !Form.TryGet("app_id", out appID) || !Form.TryGet("timestamp", out timestamp)) { WrapResult(ResultCode.InvalidParam, "invalid param!"); return; } if (string.IsNullOrEmpty(name)) { WrapResult(ResultCode.InvalidParam, "账号不能为空!"); return; } if (string.IsNullOrEmpty(token)) { WrapResult(ResultCode.InvalidParam, "Token 不能为空!"); return; } var time = DateTimeExtension.ConvertFromTimestamp(timestamp); if (Math.Abs((DateTime.Now - time).TotalSeconds) > Interval.TotalSeconds) { WrapResult(ResultCode.InvalidParam, "Token 已过期!"); return; } var app = RowAdapter.LoadFirstOrDefault <App>(p => p.ID == appID && p.Deleted == false); if (app == null) { WrapResult(ResultCode.InvalidParam, "指定应用未找到!"); return; } if (!app.AccessRestriction.Security(Request.RemoteEndPoint.Address)) { WrapResult(ResultCode.InvalidParam, "限制访问!"); return; } var account = RowAdapter.LoadFirstOrDefault <Account>(p => p.Name == name); if (account == null) { WrapResult(ResultCode.InvalidParam, "指定帐号不存在!"); return; } if (!account.Available) { WrapResult(ResultCode.InvalidAction, "该帐号不可用!"); return; } account.CheckErrorReset(); if (account.TodayErrorTimes >= MaxErrorTimes) { WrapResult(ResultCode.InvalidAction, "您的账号已被限制登录!"); return; } var credentials = new Framework.Security.ServerCredentials(account.Password); var authorization = new Framework.Security.Authorization(name, timestamp, token); if (!credentials.Authenticate(authorization)) { account.TodayErrorTimes++; account.TotalErrorTimes++; account.Save(); WrapResult(ResultCode.InvalidAction, "无效的Token!"); return; } if (string.IsNullOrEmpty(account.Realname)) { WrapResult((byte)ResultError.Incompletion, "帐号信息不完善,请先完善帐号信息!"); return; } var auth = RowAdapter.LoadFirstOrDefault <Authorization>(p => p.OwnerID == account.ID && p.AppID == app.ID); if (auth == null) { auth = RowAdapter.Create <Authorization>(); auth.OwnerID = account.ID; auth.AppID = appID; } else { auth.Reset(); } if (account.TodayErrorTimes > 0) { account.ResetError(); account.Save(); } auth.Save(); var json = new JsonObject(); json["auth_token"] = auth.Token; json["expires_in"] = (auth.DeathLine - DateTime.Now).TotalSeconds; WrapResult(ResultCode.OK, json); }
void Authorization() { var appID = Form.Find <long>("app_id"); var appKey = Form.Find("app_key"); var authToken = Form.Find("auth_token"); var app = RowAdapter.LoadFirstOrDefault <App>(p => p.ID == appID && p.Deleted == false); if (app == null) { WrapResult(false, "not found app!"); return; } if (!app.AccessRestriction.Security(Request.RemoteEndPoint.Address)) { WrapResult(ResultCode.InvalidParam, "restricted access!"); return; } if (!app.Key.Equals(appKey)) { WrapResult(false, "invaild app key!"); return; } var auth = RowAdapter.LoadFirstOrDefault <Authorization>(p => p.AppID == appID && p.Token == authToken); logger.Info("ID:{0} Key:{1} Token:{2}", appID, appKey, authToken); if (auth == null) { WrapResult(false, "invaild code!"); return; } if (!auth.Available) { WrapResult(false, "code expire!"); return; } var access = RowAdapter.LoadFirstOrDefault <Access>(p => p.AppID == appID && p.OwnerID == auth.OwnerID); if (access == null) { access = RowAdapter.Create <Access>(); access.OwnerID = auth.OwnerID; access.AppID = appID; } access.Reset(); access.Save(); if (!access.Available) { WrapResult(false, "invaild access!"); return; } var json = new JsonObject(); json["access_token"] = access.AccessToken; json["refresh_token"] = access.RefreshToken; json["expires_in"] = (access.DeathLine - DateTime.Now).TotalSeconds; WrapResult(true, json); }
void Token() { var appID = Form.Find <long>("app_id"); var name = Form.Find("account"); var timestamp = Form.Find <long>("timestamp"); var token = Form.Find("token"); if (string.IsNullOrEmpty(name)) { WrapResult(false, "账号不能为空!"); return; } if (string.IsNullOrEmpty(token)) { WrapResult(false, "Token 不能为空!"); return; } var time = DateTimeExtension.ConvertFromTimestamp(timestamp); if (Math.Abs((DateTime.Now - time).TotalSeconds) > Interval.TotalSeconds) { WrapResult(false, "Token 已过期!"); return; } var app = RowAdapter.LoadFirstOrDefault <App>(p => p.ID == appID && p.Deleted == false); if (app == null) { WrapResult(false, "not found app!"); return; } if (!app.AccessRestriction.Security(Request.RemoteEndPoint.Address)) { WrapResult(ResultCode.InvalidParam, "限制访问!"); return; } var account = RowAdapter.LoadFirstOrDefault <Account>(p => p.Name == name); if (account == null) { WrapResult(false, "指定帐号不存在!"); return; } if (!account.Available) { WrapResult(false, "该帐号不可用!"); return; } account.CheckErrorReset(); if (account.TodayErrorTimes >= MaxErrorTimes) { WrapResult(false, "您的账号已被限制登录!"); return; } var credentials = new Framework.Security.ServerCredentials(account.Password); var authorization = new Framework.Security.Authorization(name, timestamp, token); if (!credentials.Authenticate(authorization)) { account.TodayErrorTimes++; account.TotalErrorTimes++; account.Save(); WrapResult(false, "无效的Token!"); return; } if (account.TodayErrorTimes > 0) { account.ResetError(); account.Save(); } var access = RowAdapter.LoadFirstOrDefault <Access>(p => p.AppID == appID && p.OwnerID == account.ID); if (access == null) { access = RowAdapter.Create <Access>(); access.OwnerID = account.ID; access.AppID = appID; } access.Reset(); access.Save(); var json = new JsonObject(); json["access_token"] = access.AccessToken; json["expires_in"] = (access.DeathLine - DateTime.Now).TotalSeconds; WrapResult(true, json); }
void Login() { var name = Form.Find("account"); var timestamp = Form.Find <long>("timestamp"); var token = Form.Find("token"); if (string.IsNullOrEmpty(name)) { WrapResult(false, "账号不能为空!"); return; } if (string.IsNullOrEmpty(token)) { WrapResult(false, "Token 不能为空!"); return; } var time = DateTimeExtension.ConvertFromTimestamp(timestamp); if (Math.Abs((DateTime.Now - time).TotalSeconds) > Interval.TotalSeconds) { WrapResult(false, "Token 已过期!"); return; } var account = RowAdapter.LoadFirstOrDefault <Account>(p => p.Deleted == false && p.Name == name); if (account == null) { WrapResult(false, "指定帐号不存在!"); return; } if (!account.Available) { WrapResult(false, "该帐号不可用!"); return; } account.CheckErrorReset(); if (account.TodayErrorTimes >= MaxErrorTimes) { WrapResult(false, "您的账号已被限制登录!"); return; } var credentials = new ServerCredentials(account.Password); var authorization = new Framework.Security.Authorization(name, timestamp, token); if (!credentials.Authenticate(authorization)) { account.TodayErrorTimes++; account.TotalErrorTimes++; account.Save(); WrapResult(false, "密码错误!"); return; } if (account.TodayErrorTimes > 0) { account.ResetError(); account.Save(); } StartSession(); Session["has-login"] = true; Session["account"] = JsonSerializer.Serialize(account); WrapResult(true, "ok"); }