public UserAccount TokenValidate(string authHeader) { var accessToken = AccessTokenGenerator.DecryptToken(authHeader); var cacheKeyPrefix = "FiiiShop:Token:"; var cacheKey = $"{cacheKeyPrefix}{accessToken.Identity}"; var cacheToken = RedisHelper.StringGet(Constant.REDIS_TOKEN_DBINDEX, cacheKey); if (string.IsNullOrEmpty(cacheToken)) { throw new AccessTokenExpireException(); } if (authHeader != cacheToken) { throw new UnauthorizedException(); } var id = Guid.Parse(accessToken.Identity); var account = new UserAccountDAC().GetById(id); if (account == null) { throw new UnauthorizedException(); } if (account.Status == 0) { //已经禁用的用户,删除token RedisHelper.KeyDelete(Constant.REDIS_TOKEN_DBINDEX, cacheKey); throw new CommonException(ReasonCode.ACCOUNT_DISABLED, "Invalid user"); } RedisHelper.StringSet(Constant.REDIS_TOKEN_DBINDEX, cacheKey, cacheToken, TimeSpan.FromSeconds(AccessTokenGenerator.DefaultExpiryTime)); return(account); }
/// <summary>Asynchronously authenticates the request.</summary> /// <returns>The task that completes the authentication.</returns> /// <param name="context">The authentication context.</param> /// <param name="cancellationToken">The cancellation token.</param> public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) { if (context == null) { throw new ArgumentNullException(nameof(context)); } HttpRequestMessage request = context.Request; if (request == null) { throw new InvalidOperationException("Request must not be null"); } if (context.ActionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Count > 0) { return; } if (context.Request.Headers.Authorization == null) { Unauthorized(context); return; } try { var authHeader = request.Headers.Authorization.Parameter; var accessToken = JsonConvert.DeserializeObject <AccessToken>(AccessTokenGenerator.DecryptToken(authHeader)); string cacheToken = RedisHelper.StringGet($"{SystemPlatform.FiiiCoinWork}:Investor:{accessToken.Username}"); if (authHeader == cacheToken) { var bc = new InvestorAccountComponent(); InvestorAccount account = bc.GetByUsername(accessToken.Username); if (account.Status == AccountStatus.Locked) { AccountLocked(context); return; } string lan = context.Request.Headers.AcceptLanguage.FirstOrDefault()?.Value ?? "en"; RedisHelper.StringSet($"{SystemPlatform.FiiiCoinWork}:Language:{account.Username}", lan); SetSecurityPrincipal(ref context, account); } else { Unauthorized(context); } } catch (Exception) { Unauthorized(context); } }
public UserAccount Token(string authHeader, string lang) { var accessToken = AccessTokenGenerator.DecryptToken(authHeader); var cacheKeyPrefix = "FiiiPay:Token:"; var cacheKey = $"{cacheKeyPrefix}{accessToken.Identity}"; var cacheToken = RedisHelper.StringGet(Constant.REDIS_TOKEN_DBINDEX, cacheKey); //var cacheManager = new FiiiPayRedisCacheManager(); //var cacheToken = cacheManager.GetToken(accessToken.Identity); if (string.IsNullOrEmpty(cacheToken)) { throw new AccessTokenExpireException(); } if (authHeader != cacheToken) { throw new UnauthorizedException(); } var id = Guid.Parse(accessToken.Identity); var account = new UserAccountComponent().GetById(id); //var account = cacheManager.GetUserAccount(accessToken.Identity); if (account == null) { throw new UnauthorizedException(); } if (account.Status == 0) { //已经禁用的用户,删除token RedisHelper.KeyDelete(Constant.REDIS_TOKEN_DBINDEX, cacheKey); //cacheManager.DeleteToken(accessToken.Identity); throw new CommonException(ReasonCode.ACCOUNT_DISABLED, MessageResources.AccountDisabled); } RedisHelper.StringSet(Constant.REDIS_TOKEN_DBINDEX, cacheKey, cacheToken, TimeSpan.FromSeconds(AccessTokenGenerator.DefaultExpiryTime)); if (!string.IsNullOrEmpty(lang)) { new UserAccountComponent().ChangeLanguage(account.Id, lang); } //account.Id = Guid.Parse(accessToken.Identity); //account.Language = lang; //cacheManager.ExpireToken(accessToken.Identity); //cacheManager.ChangeLanguage(accessToken.Identity, lang); return(account); }
public bool Auth(Guid clientId, string username, string password) { var accessModel = AccessTokenGenerator.DecryptToken(password); switch (accessModel.Platform) { case SystemPlatform.FiiiPay: return(Guid.TryParse(accessModel.Identity, out var userId) && clientId == userId); case SystemPlatform.FiiiPOS: return(accessModel.Identity == username); default: return(false); } }
/// <summary> /// 获取web token 里的userName /// </summary> /// <param name="token"></param> /// <param name="userName"></param> /// <returns></returns> public static bool GetWebTokenIndRedis(string token, out string userName) { userName = string.Empty; AccessToken accessToken = AccessTokenGenerator.DecryptToken(token); if (accessToken == null) { return(false); } string key = WebConfig.Redis_Key_Token + accessToken.Identity; string redisToken = RedisHelper.StringGet(WebConfig.RedisDB_Web, key); if (redisToken != token) { return(false); } userName = accessToken.Identity; return(true); }
/// <summary>Asynchronously authenticates the request.</summary> /// <returns>The task that completes the authentication.</returns> /// <param name="context">The authentication context.</param> /// <param name="cancellationToken">The cancellation token.</param> public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) { if (context == null) { throw new ArgumentNullException(nameof(context)); } HttpRequestMessage request = context.Request; if (request == null) { throw new InvalidOperationException("Request must not be null"); } if (context.ActionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Count > 0) { return(Task.FromResult(0)); } if (context.Request.Headers.Authorization == null) { return(Unauthorized(context)); } try { var authHeader = request.Headers.Authorization.Parameter; var accessToken = AccessTokenGenerator.DecryptToken <MerchantAccessToken>(authHeader); if (string.IsNullOrWhiteSpace(accessToken.Identity)) { var merchant = new MerchantAccountComponent().GetMerchantAccountBySN(accessToken.POSSN); if (merchant == null) { return(Unauthorized(context)); } accessToken.Identity = merchant.Username; } var cacheKey = $"{RedisKeys.FiiiPOS_APP_MerchantId}:{accessToken.Identity}"; var cacheToken = RedisHelper.StringGet(Constant.REDIS_TOKEN_DBINDEX, cacheKey); if (authHeader != cacheToken) { return(Unauthorized(context)); } var bc = new MerchantAccountComponent(); var account = bc.GetByPosSn(accessToken.POSSN, accessToken.Identity); if (account == null) { return(Unauthorized(context)); } bc.ChangeLanguage(account.Id, context.Request.Headers.AcceptLanguage.FirstOrDefault()?.Value); var webContext = new WebContext { Id = account.Id, CountrtId = account.CountryId, Name = account.MerchantName }; context.Principal = new WebPrincipal(new WebIdentity(webContext)); return(Task.FromResult(0)); } catch (CommonException ex) { return(CommonErrorResult(context, ex)); } catch (Exception) { return(Unauthorized(context)); } }