/// <summary>
/// token解密获取用户身份
/// </summary>
/// <returns></returns>
private TokenUserInfo GetCurrentUserFromToken()
{
if (currentHttpContext == null)
{
return(null);
}
var author = currentHttpContext.Request.Headers["Authorization"];
//var sysCode = _httpContext.Request.Query["SysCode"];
if (string.IsNullOrWhiteSpace(author) || !author.FirstOrDefault().Contains("Bearer")) //|| sysCode.ToString().IsNullOrWhiteSpace())
{
return(null);
}
var token = author.ToString().Substring("Bearer".Length).Trim();
List <string> list;
//token校验不通过或者token过期
if (!SSOHelper.IsTokenValid(token, out list) ||
Convert.ToDateTime(list[4]).AddMinutes(ConfigService.TokenOverTime) < DateTime.Now)
{
return(null);
}
//解析token获取用户信息
var tokenUserInfo = new TokenUserInfo {
UserID = Convert.ToInt32(list[0]), AccountName = list[1], UserName = list[2], IP = list[3], Token = token
};
return(tokenUserInfo);
}
public void OnActionExecuting(ActionExecutingContext context)
{
var author = context.HttpContext.Request.Headers["Authorization"];
var param = context.HttpContext.Request.GetRequestParam().JsonToObj <RequestBase>();
//author为空或不以bearer开头
if (string.IsNullOrWhiteSpace(author) || !author.FirstOrDefault().Contains("Bearer"))
{
context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Result = new JsonResult(new { msg = "未知身份" });
return;
}
//提取token
var token = author.ToString().Substring("Bearer".Length).Trim();
List <string> list;
//token无法解密,不再查询redis。
if (!SSOHelper.IsTokenValid(token, out list))
{
context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Result = new JsonResult(new { msg = "非法token" });
return;
}
//生成token 的时间加上token生效的时间
if (Convert.ToDateTime(list[4]).AddMinutes(Convert.ToDouble(BaseCore.Configuration.GetSection("AppSetting:TokenOverTime").Value)) < DateTime.Now)
{
context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Result = new JsonResult(new { msg = "token已过期" });
return;
}
//解析token获取用户信息
var tokenUserInfo = new TokenUserInfo {
UserID = Convert.ToInt32(list[0]), AccountName = list[1], UserName = list[2], IP = list[3], Token = token
};
((BaseController)context.Controller).CurrentUser = tokenUserInfo;
////token生成时的ip与当前请求ip不一致
//if (tokenUserInfo.IP != context.HttpContext.Connection.RemoteIpAddress.ToString())
//{
// context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
// context.Result = new JsonResult(new { msg = "非法请求" });
// return;
//}
//context.Controller
var redisCache = (RedisCache)context.HttpContext.RequestServices.GetService(typeof(RedisCache));
var userInfoKey = ConfigService.GetUserInfoRedisKey(token, param.SysCode);
//token+sysCode组成的key是否存在
if (!redisCache.Exists(userInfoKey))
{
context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Result = new JsonResult(new { msg = "无权限" });
return;
}
}
static void TokenTest( )
{
var token = SSOHelper.GenerateToken("1", "boo", "boo", "127.0.0.1");
Console.WriteLine($"token = {token} \r\n");
List <string> list = null;
var result = SSOHelper.IsTokenValid(token, out list);
Console.WriteLine($"Token Valid Result = {result} ,list = {list.ToJson()}");
}