private LoginAuthResult ValidateParams(LoginRequestInfo loginInfo)
{
if (loginInfo.Attachments == null || loginInfo.Attachments.Count == 0)
{
LogDebug("Login validate: no login infomation.");
return(CreateFailedLoginAuthResult(null, 100, "No login infomation."));
}
if (!loginInfo.Attachments.ContainsKey(DefaultLoginAuthConstants.TimestampKey))
{
LogDebug("Login validate: no timestamp.");
return(CreateFailedLoginAuthResult(null, 101, "No timestamp."));
}
if (!loginInfo.Attachments.ContainsKey(DefaultLoginAuthConstants.NoncestrKey))
{
LogDebug("Login validate: no noncestr.");
return(CreateFailedLoginAuthResult(null, 102, "No noncestr."));
}
if (!loginInfo.Attachments.ContainsKey(DefaultLoginAuthConstants.SignatureKey))
{
LogDebug("Login validate: no signature.");
return(CreateFailedLoginAuthResult(null, 103, "No signature."));
}
if (!loginInfo.Attachments.ContainsKey(DefaultLoginAuthConstants.AccountNameKey))
{
LogDebug("Login validate: no accountName.");
return(CreateFailedLoginAuthResult(null, 104, "No accountName."));
}
return(null);
}
/// <summary>
/// 登录验证
/// </summary>
/// <param name="loginInfo">登录信息</param>
/// <returns></returns>
public async Task <LoginAuthResult> Validate(LoginRequestInfo loginInfo)
{
var config = validatorConfig;
if (config == null || config.Accounts == null)
{
LogInformation("Login validate completed. Result pass, use guest because config is null.");
return(CreateSuccessLoginAuthResult("Guest"));
}
var paramsResult = ValidateParams(loginInfo);
if (paramsResult != null)
{
LogInformation("Login validate completed. Result reject, params failed validation.");
return(paramsResult);
}
//验证账号是否存在
var accountName = (string)await Serializer.DeserializeAsync(typeof(string), loginInfo.Attachments[DefaultLoginAuthConstants.AccountNameKey]);
var accountInfo = config.Accounts.Where((info) => info.AccountName == accountName).FirstOrDefault();
if (accountInfo == null)
{
LogInformation($"Login validate completed. Result reject, account is not exist. AccountName={accountName}");
return(CreateFailedLoginAuthResult(accountName, 110, $"Account is not exist. AccountName={accountName}"));
}
//验证IP
if (!ValidateIP(loginInfo.RemoteAddress, accountInfo))
{
LogInformation($"Login validate completed. Result reject, IP rejected. AccountName={accountInfo.AccountName} IP={loginInfo.RemoteAddress.Address.ToIPString()}");
return(CreateFailedLoginAuthResult(accountInfo.AccountName, 111, $"IP rejected. IP={loginInfo.RemoteAddress.Address.ToIPString()}"));
}
//时间戳:1970年至今的毫秒数
var timestamp = (string)await Serializer.DeserializeAsync(typeof(string), loginInfo.Attachments[DefaultLoginAuthConstants.TimestampKey]);
//随机字符串
var noncestr = (string)await Serializer.DeserializeAsync(typeof(string), loginInfo.Attachments[DefaultLoginAuthConstants.NoncestrKey]);
//签名
var signature = (string)await Serializer.DeserializeAsync(typeof(string), loginInfo.Attachments[DefaultLoginAuthConstants.SignatureKey]);
//验证签名
if (!ValidateSignature(accountInfo.AccountName, timestamp, noncestr, signature, accountInfo))
{
LogInformation("Login validate completed. Result reject, signature invalid.");
return(CreateFailedLoginAuthResult(accountInfo.AccountName, 112, "Signature invalid."));
}
LogInformation($"Login validate completed. Result pass. AccountName={accountInfo.AccountName}");
return(CreateSuccessLoginAuthResult(accountInfo.AccountName));
}