public override void OnAuthorization(HttpActionContext actionContext) { // var token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3VzZXJkYXRhIjoie1xyXG4gIFwiJGlkXCI6IFwiMVwiLFxyXG4gIFwiQ29tcENkXCI6IG51bGwsXHJcbiAgXCJDb21wU2hvcnRcIjogbnVsbCxcclxuICBcIlVzZXJJZFwiOiBcIkFtb25cIixcclxuICBcIlVzZXJOYW1lXCI6IG51bGwsXHJcbiAgXCJOaWNrbmFtZVwiOiBudWxsLFxyXG4gIFwiUm9sZUlkXCI6IG51bGwsXHJcbiAgXCJab0NkXCI6IG51bGwsXHJcbiAgXCJWZW5kZXJDZFwiOiBudWxsLFxyXG4gIFwiVmVuZGVyTmFtZVwiOiBudWxsLFxyXG4gIFwiU3RvcmVDZFwiOiBudWxsLFxyXG4gIFwiU3RvcmVOYW1lXCI6IG51bGwsXHJcbiAgXCJFbWFpbFwiOiBudWxsLFxyXG4gIFwiUGFzc3dvcmRcIjogXCIxMjg3NjI2NlwiLFxyXG4gIFwiVGVsTm9cIjogbnVsbCxcclxuICBcIkZheE5vXCI6IG51bGwsXHJcbiAgXCJNb2JpbGVUZWxcIjogbnVsbCxcclxuICBcIklkU3RzXCI6IGZhbHNlLFxyXG4gIFwiQ3JlYXRlX1VzZXJcIjogbnVsbCxcclxuICBcIkNyZWF0ZV9EYXRlXCI6IFwiMDAwMS0wMS0wMVQwMDowMDowMFwiLFxyXG4gIFwiVXBkYXRlX1VzZXJcIjogbnVsbCxcclxuICBcIlVwZGF0ZV9EYXRlXCI6IG51bGwsXHJcbiAgXCJUb2tlblwiOiBudWxsLFxyXG4gIFwiRGV2aWNlSURcIjogXCJub25lXCIsXHJcbiAgXCJSZWdpc3RyYXRpb25JRFwiOiBudWxsLFxyXG4gIFwiUGFnZUF1dGhcIjogbnVsbCxcclxuICBcIlJvbGVBdXRoXCI6IG51bGwsXHJcbiAgXCJVc2VyUGFnZUF1dGhcIjoge30sXHJcbiAgXCJEYXRhUmFuZ2VcIjogbnVsbFxyXG59IiwibmJmIjoxNDk2MjQzNTI5LCJleHAiOjE1Mjc3Nzk1MjksImlhdCI6MTQ5NjI0MzUyOSwiaXNzIjoic2VsZiIsImF1ZCI6Imh0dHBzOi8vd3d3Lm15d2Vic2l0ZS5jb20ifQ.1ykpD48w49nVa2zcZnMh-edk-eYHckL1m33miY0Sp24"; var token = HttpUtility.ParseQueryString(actionContext.Request.RequestUri.Query).Get("token"); if (token == null) { actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Forbidden); } else { var tokenHandler = new JwtSecurityTokenHandler(); var securityKey = GetBytes("anyoldrandomtext"); var validationParameters = new TokenValidationParameters() { ValidAudience = "https://www.mywebsite.com", ValidateLifetime = true, IssuerSigningKeys = new List <SecurityKey> { new SymmetricSecurityKey(securityKey) }, ValidAudiences = new List <string> { "https://www.mywebsite.com" }, ValidIssuer = "self" }; try { SecurityToken securityToken; var principal = tokenHandler.ValidateToken(token, validationParameters, out securityToken); var userData = principal.Claims.FirstOrDefault(); if (userData != null) { //解析token var input = JsonConvert.DeserializeObject <UserBase>(userData.Value); var con = new Conditions <DataBase.TUSRMST>(); var password = Identity.ClearPassword.GetMd5Hash(input.Password.ToUpper()).ToUpper(); con.And(x => x.User_Id == input.UserId && x.TUSRDTL.Pass_Wd == password); con.Include(x => x.TUSRDTL); Tusrmst user = _usermstRepo.Get(con); //查无使用者 if (user == null) { throw new Exception($"no find user info"); } //使用者未審核通過 if (!user.IdSts) { throw new Exception($"user info is not IdSts"); } // 裝置不同 if (user.DeviceID != input.DeviceID) { throw new Exception($"different device"); } // 密碼修改 if (user.TUSRDTL.PassWd != password) { throw new Exception($"Password is changed"); } var identity = new AspnetMvc.Models.PtcIdentity( System.Threading.Thread.CurrentPrincipal.Identity, new UserBase() { CompCd = user.CompCd, //公司代號 RoleId = user.RoleId, //角色 UserName = user.UserName, //使用者姓名 UserId = user.UserId, //使用者帳號 Password = input.Password, //使用者密碼 }, "phone", null); SetPrincipal(new GenericPrincipal(identity, null)); } else { HandleUnauthorizedRequest(actionContext); } } catch (Exception) { HandleUnauthorizedRequest(actionContext); } } //base.OnAuthorization(actionContext); }
public override void OnAuthorization(HttpActionContext actionContext) { var token = HttpUtility.ParseQueryString(actionContext.Request.RequestUri.Query).Get("token"); if (token == null) { actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Forbidden); } else { var tokenHandler = new JwtSecurityTokenHandler(); var securityKey = GetBytes("anyoldrandomtext"); var validationParameters = new TokenValidationParameters() { ValidAudience = "https://www.mywebsite.com", ValidateLifetime = true, IssuerSigningKeys = new List <SecurityKey> { new SymmetricSecurityKey(securityKey) }, ValidAudiences = new List <string> { "https://www.mywebsite.com" }, ValidIssuer = "self" }; try { SecurityToken securityToken; var principal = tokenHandler.ValidateToken(token, validationParameters, out securityToken); var userData = principal.Claims.FirstOrDefault(); if (userData != null) { //解析token var input = JsonConvert.DeserializeObject <TvenderTechnician>(userData.Value); var con = new Conditions <DataBase.TVenderTechnician>(); var password = Identity.ClearPassword.GetMd5Hash(input.Password).ToUpper(); con.And(x => x.Account == input.Account && x.Password == password); TvenderTechnician user = _userRepo.Get(con); //查无使用者 if (user == null) { throw new Exception("no find user info"); } //使用者已關閉 if (user.Enable == false) { throw new Exception("user info is not Enable"); } var tusrvenlation = new Conditions <DataBase.TUSRVENRELATION>(); tusrvenlation.And(x => x.Comp_Cd == user.CompCd); tusrvenlation.And(x => x.Vender_Cd == user.VenderCd); var resault = _TUSRVENRELATIONRepo.Get(tusrvenlation); if (resault == null) { throw new Exception("Vender is not find"); } //廠商已關閉 var conUser = new Conditions <DataBase.TUSRMST>(); conUser.And(x => x.Comp_Cd == user.CompCd || x.Comp_Cd == ""); conUser.And(x => x.User_Id == resault.User_Id); conUser.And(x => x.Role_Id == "VENDER" || x.Role_Id == "CafeVender" || x.Role_Id == "APPVENDER"); conUser.And(x => x.Id_Sts == "Y"); if (_usermstRepo.Count(conUser) == 0) { throw new Exception("user vender is close"); } // 裝置不同 if (user.DeviceID != input.DeviceID) { throw new Exception("different device"); } var identity = new AspnetMvc.Models.PtcIdentity( System.Threading.Thread.CurrentPrincipal.Identity, new UserBase() { VenderCd = user.VenderCd, CompCd = user.CompCd, UserName = user.Name, UserId = user.Account, Password = input.Password }, "phone", null); SetPrincipal(new GenericPrincipal(identity, null)); } else { HandleUnauthorizedRequest(actionContext); } } catch (Exception) { HandleUnauthorizedRequest(actionContext); } } //base.OnAuthorization(actionContext); }