/// <summary>是否续期Token</summary> public static bool IsRenewToken(this HttpContextBase context, IPKSPrincipal principal, ISecurityService service) { var tokenExpireSettings = service.GetTokenExpireSettings(); var loginInterval = DateTime.Now - principal.CreateTime; return(loginInterval.TotalMinutes >= tokenExpireSettings.RenewInterval.TotalMinutes); }
/// <summary>自动认证登录</summary> private bool AutoLogin(string returnUrl) { var context = this.Context.GetHttpContextWrapper(); string token = null; IPKSPrincipal principal = null; if (!context.IsLogined(null, ref token, out principal)) { var redirectUrl = context.GetRedirectUrlToPortalLogin(returnUrl); this.Context.Response.Redirect(redirectUrl); this.Context.Response.End(); return(true); } var userName = principal.Identity.Name; var user = Users.GetUserInfo(userName); var config = GeneralConfigs.GetConfig(); if (user == null) { user = context.CreateUser(config, principal, false); } ForumUtils.WriteUserCookie(user.Uid, ForumExtension.ExpireMinutes, config.Passwordkey); if (user.Groupid == 1) { var admin = user; var adminGroup = AdminUserGroups.AdminGetUserGroupInfo(admin.Groupid); this.Context.AddAdminCookie(config, admin.Uid, admin.Password, admin.Secques, ForumExtension.ExpireMinutes); //AdminVistLogs.InsertLog(admin.Uid, admin.Username, admin.Groupid, adminGroup.Grouptitle, DNTRequest.GetIP(), "后台管理员登陆", ""); } else { this.Context.Response.AppendCookie(new HttpCookie("dntadmin")); } return(false); }
/// <summary>When overridden, provides an entry point for custom authorization checks.</summary> /// <returns>true if the user is authorized; otherwise, false.</returns> /// <param name="context">The HTTP context, which encapsulates all HTTP-specific information about an individual HTTP request.</param> /// <exception cref="T:System.ArgumentNullException">The <paramref name="context" /> parameter is null.</exception> protected override bool AuthorizeCore(HttpContextBase context) { if (context.Request.Url.AbsolutePath.StartsWith("/Account/Login", StringComparison.OrdinalIgnoreCase)) { return(true); } string token = null; IPKSPrincipal principal = null; if (!context.IsLogined(this.SecurityService, ref token, out principal)) { return(false); } return(true); }
/// <summary>单点登录</summary> public ActionResult Login(string token, string returnUrl) { returnUrl = returnUrl.UrlDecode(); IPKSPrincipal principal = null; if (returnUrl.IsNullOrEmpty()) { returnUrl = this.HttpContext.Request.Url.GetDomainUrl(); } if (token.IsNullOrEmpty() || !this.HttpContext.IsLogined(_securityService, ref token, out principal)) { var redirectUrl = this.HttpContext.GetRedirectUrlToPortalLogin(returnUrl); return(Redirect(redirectUrl)); } if (returnUrl.IsNullOrEmpty()) { returnUrl = "/"; } return(Redirect(returnUrl)); }
/// <summary>When overridden, provides an entry point for custom authorization checks.</summary> /// <returns>true if the user is authorized; otherwise, false.</returns> /// <param name="httpContext">The HTTP context, which encapsulates all HTTP-specific information about an individual HTTP request.</param> /// <exception cref="T:System.ArgumentNullException">The <paramref name="httpContext" /> parameter is null.</exception> protected override bool AuthorizeCore(HttpContextBase httpContext) { string token = null; IPKSPrincipal principal = null; if (!httpContext.IsLogined(this.SecurityService, ref token, out principal)) { return(false); } if (httpContext.Request.IsAjaxRequest()) { return(true); } // TODO: 用于测试 if (httpContext.Request.IsLocal) { return(true); } var requestUrl = httpContext.GetControllerContext().GetAuthorizeUrl(); return(this.SecurityService.HasMenuPermission(principal.Identity.Id.ToInt32(), requestUrl)); }
/// <summary>检查是否登录</summary> public static bool OnAuthorization(HttpContext httpContext, OnlineUserInfo userInfo) { var context = httpContext.GetHttpContextWrapper(); string token = null; IPKSPrincipal principal = null; if (!context.IsLogined(null, ref token, out principal)) { var redirectUrl = context.GetForumRedirectUrlToPortalLogin(); httpContext.Response.Redirect(redirectUrl); httpContext.Response.End(); return(false); } if (userInfo == null || userInfo.Userid <= 0 || userInfo.Username != principal.Identity.Name) { var redirectUrl = context.GetForumRedirectUrlToAuth(); httpContext.Response.Redirect(redirectUrl); httpContext.Response.End(); return(false); } return(true); }
/// <summary>登录</summary> public ActionResult Login(bool?autoLogin, string returnUrl) { returnUrl = returnUrl.UrlDecode(); var isAutoLogin = false; if (autoLogin.HasValue) { isAutoLogin = autoLogin.Value; } else if (!returnUrl.IsNullOrEmpty()) { isAutoLogin = true; } if (isAutoLogin) { string token = null; IPKSPrincipal principal = null; if (this.HttpContext.IsLogined(_securityService, ref token, out principal)) { var redirectUrl = this.HttpContext.GetPortalLoginReturnUrl(_securityService, token, principal, returnUrl); return(Redirect(redirectUrl)); } if (PKSMvcExtension.AuthenticationConfig.IsWindowsAuthentication) { var result = this.HttpContext.WindowsAutoLogin(_securityService); if (result != null && result.Succeed) { var redirectUrl = this.HttpContext.GetPortalLoginReturnUrl(_securityService, result.Token, result.Principal, returnUrl); return(Redirect(redirectUrl)); } } } ViewBag.UserName = this.HttpContext.GetLoginUserName(); ViewBag.ReturnUrl = returnUrl; ViewBag.IsAutoLogin = isAutoLogin; ViewBag.IsWindowsAuthentication = PKSMvcExtension.AuthenticationConfig.IsMixedAuthentication; return(View()); }
/// <summary>加入授权Cookie</summary> public static void AddAuthCookie(this HttpContextBase context, string token, IPKSPrincipal principal, bool?isPersistent = null) { var ticket = context.Items[PKSWebConsts.HttpContext_FormsAuthenticationTicket].As <FormsAuthenticationTicket>(); if (ticket == null) { ticket = new FormsAuthenticationTicket("", false, 0); } var persistent = isPersistent.HasValue ? isPersistent.Value : ticket.IsPersistent; var newTicket = new FormsAuthenticationTicket(ticket.Version, principal.Identity.Name, principal.CreateTime, principal.ExpireTime, persistent, token); string text = FormsAuthentication.Encrypt(newTicket); var httpCookie = new HttpCookie(FormsAuthentication.FormsCookieName, text); httpCookie.HttpOnly = true; httpCookie.Path = FormsAuthentication.FormsCookiePath; httpCookie.Secure = FormsAuthentication.RequireSSL; httpCookie.Domain = FormsAuthentication.CookieDomain; if (persistent) { httpCookie.Expires = newTicket.Expiration; } context.Response.Cookies.Remove(FormsAuthentication.FormsCookieName); context.Response.Cookies.Add(httpCookie); }
/// <summary>续期</summary> /// <param name="request"></param> /// <returns></returns> public async Task <LoginResult> RenewAsync(string token, IPKSPrincipal principal, TimeSpan tokenExpireInterval) { var userAuthSessionsRepository = GetService <IRepository <UserAuthSessions> >(); var userSession = await LoadSessionFromToken(userAuthSessionsRepository, token); if (userSession == null || !userSession.Valid) { return(null); } var userInfo = await GetUserInfo(userSession.UserName); var newPrincipal = BuildPrincipal(userInfo, userSession.AuthenticationType); var newToken = Guid.NewGuid().ToString(); var now = DateTime.Now; var newUserSession = new UserAuthSessions { SessionKey = newToken, AppKey = userSession.AppKey, UserName = userInfo.USERNAME, AuthenticationType = userSession.AuthenticationType, Valid = true, CreateTime = now, InvalidTime = now + tokenExpireInterval, IPAddress = userSession.IPAddress, }; userAuthSessionsRepository.Add(newUserSession); newPrincipal.CreateTime = newUserSession.CreateTime; newPrincipal.ExpireTime = newUserSession.InvalidTime; var result = new LoginResult(); result.Token = newToken; result.Principal = newPrincipal; result.Succeed = true; return(result); }
/// <summary>检查Cookies中是否存在认证票据</summary> public static bool ExistsTicketFromCookies(this HttpContextBase context, IPKSPrincipal principal) { FormsAuthenticationTicket ticket; if (context.User != null && context.User.Identity is FormsIdentity) { var identity = context.User.Identity.As <FormsIdentity>(); if (identity.Name != principal.Identity.Name) { return(false); } ticket = identity.Ticket; } else { ticket = context.Request.Cookies.ExtractTicketFromCookie(); if (ticket == null || ticket.Name != principal.Identity.Name) { return(false); } } context.Items[PKSWebConsts.HttpContext_FormsAuthenticationTicket] = ticket; return(true); }
/// <summary>获得门户登录返回地址</summary> public static string GetPortalLoginReturnUrl(this HttpContextBase context, ISecurityService service, string token, IPKSPrincipal principal, string returnUrl) { if (returnUrl.IsNullOrEmpty()) { returnUrl = GetRoleDefaultUrl(context, service, principal); } return(GetRedirectUrlToReturnUrl(context, service, token, returnUrl)); }
/// <summary>获得某个角色默认地址</summary> public static string GetRoleDefaultUrl(this HttpContextBase context, ISecurityService service, IPKSPrincipal principal) { var portalMenu = GetPortalMenu(context, service, principal); return(portalMenu.DefaultUrl); }
/// <summary>获得某个角色门户菜单</summary> public static PortalMenu GetPortalMenu(this HttpContextBase context, ISecurityService service, IPKSPrincipal principal) { if (service == null) { service = GetService <ISecurityService>(); } var sRoleId = principal.Roles.First().Id; var iRoleId = 1; if (sRoleId.IsNullOrEmpty() || !int.TryParse(sRoleId, out iRoleId)) { iRoleId = 1; } return(service.GetPortalMenu(iRoleId)); }
/// <summary>是否已登录</summary> public static bool IsLogined(this HttpContextBase context, ISecurityService service, ref string token, out IPKSPrincipal principal) { principal = null; var refreshSessionToken = false; var refreshCookiesToken = false; var checkCookiesToken = true; if (token.IsNullOrEmpty()) { token = context.GetTokenFromSession(); if (token.IsNullOrEmpty()) { refreshSessionToken = true; token = context.GetTokenFromCookies(); if (token.IsNullOrEmpty()) { return(false); } checkCookiesToken = false; } } else { refreshSessionToken = true; } if (service == null) { service = GetService <ISecurityService>(); } principal = context.GetPrincipal(service, token); if (principal == null) { return(false); } if (!principal.NewToken.IsNullOrEmpty()) { principal = context.GetPrincipal(service, principal.NewToken); if (principal == null) { return(false); } token = principal.NewToken; refreshSessionToken = true; context.Items[PKSWebConsts.HttpContext_Principal] = principal; } if (!context.Request.IsAjaxRequest() && context.IsRenewToken(principal, service)) { var result = service.Renew(token); if (result != null && result.Succeed) { token = result.Token; principal = result.Principal; refreshSessionToken = true; refreshCookiesToken = true; context.Items[PKSWebConsts.HttpContext_Principal] = principal; } } if (refreshSessionToken) { context.Session[PKSWebConsts.Session_Authentication] = token; } if (!refreshCookiesToken && checkCookiesToken && !ExistsTicketFromCookies(context, principal)) { refreshCookiesToken = true; } if (refreshCookiesToken) { AddAuthCookie(context, token, principal); } return(true); }
/// <summary>创建用户</summary> public static UserInfo CreateUser(this HttpContextBase context, GeneralConfigInfo config, IPKSPrincipal principal, bool isAdmin) { var userInfo = CreateUser(config, principal, isAdmin); #region 发送欢迎信息 if (config.Welcomemsg == 1) { // 收件箱 PrivateMessageInfo privatemessageinfo = new PrivateMessageInfo(); privatemessageinfo.Message = config.Welcomemsgtxt; privatemessageinfo.Subject = "欢迎您的加入! (请勿回复本信息)"; privatemessageinfo.Msgto = userInfo.Username; privatemessageinfo.Msgtoid = userInfo.Uid; privatemessageinfo.Msgfrom = PrivateMessages.SystemUserName; privatemessageinfo.Msgfromid = 0; privatemessageinfo.New = 1; privatemessageinfo.Postdatetime = userInfo.Joindate; privatemessageinfo.Folder = 0; PrivateMessages.CreatePrivateMessage(privatemessageinfo, 0); } #endregion //发送同步数据给应用程序 Sync.UserRegister(userInfo.Uid, userInfo.Username, userInfo.Password, ""); //SetUrl("index.aspx"); //SetShowBackLink(false); //SetMetaRefresh(config.Regverify == 0 ? 2 : 5); Statistics.ReSetStatisticsCache(); //if (inviteCode != null) //{ // Invitation.UpdateInviteCodeSuccessCount(inviteCode.InviteId); // if (config.Regstatus == 3) // { // if (inviteCode.SuccessCount + 1 >= inviteCode.MaxCount) // Invitation.DeleteInviteCode(inviteCode.InviteId); // } //} var oluserinfo = OnlineUsers.UpdateInfo(config.Passwordkey, config.Onlinetimeout); if (config.Regverify == 0) { UserCredits.UpdateUserCredits(userInfo.Uid); //ForumUtils.WriteUserCookie(user, -1, config.Passwordkey); OnlineUsers.UpdateAction(oluserinfo.Olid, UserAction.Register.ActionID, 0, config.Onlinetimeout); //MsgForward("register_succeed"); //AddMsgLine("注册成功, 返回登录页"); } else { if (config.Regverify == 1) { //AddMsgLine("注册成功, 请您到您的邮箱中点击激活链接来激活您的帐号"); } else if (config.Regverify == 2) { //AddMsgLine("注册成功, 但需要系统管理员审核您的帐户后才可登录使用"); } } //ManyouApplications.AddUserLog(userInfo.Uid, UserLogActionEnum.Add); return(userInfo); }
/// <summary> /// 菜单Url /// </summary> /// <returns></returns> private string GetPortalMenuUrl(string siteUrl, IPKSPrincipal principal) { return(siteUrl + "/api/SecurityService/GetPortalMenu?roleId=" + principal.Roles.FirstOrDefault().Id); }
/// <summary>创建用户信息</summary> private static UserInfo CreateUser(GeneralConfigInfo config, IPKSPrincipal principal, bool isAdmin) { var tmpUsername = principal.Identity.Name; // 如果找不到0积分的用户组则用户自动成为待验证用户 UserInfo userinfo = new UserInfo(); userinfo.Username = tmpUsername; userinfo.Nickname = tmpUsername; userinfo.Password = Guid.NewGuid().ToString(); userinfo.Secques = ""; userinfo.Gender = 0; userinfo.Adminid = isAdmin ? 1 : 0; userinfo.Groupexpiry = 0; userinfo.Extgroupids = ""; userinfo.Regip = DNTRequest.GetIP(); userinfo.Joindate = Discuz.Common.Utils.GetDateTime(); userinfo.Lastip = userinfo.Regip; userinfo.Lastvisit = userinfo.Joindate; userinfo.Lastactivity = userinfo.Joindate; userinfo.Lastpost = userinfo.Joindate; userinfo.Lastpostid = 0; userinfo.Lastposttitle = ""; userinfo.Posts = 0; userinfo.Digestposts = 0; userinfo.Oltime = 0; userinfo.Pageviews = 0; userinfo.Credits = 0; userinfo.Extcredits1 = Scoresets.GetScoreSet(1).Init; userinfo.Extcredits2 = Scoresets.GetScoreSet(2).Init; userinfo.Extcredits3 = Scoresets.GetScoreSet(3).Init; userinfo.Extcredits4 = Scoresets.GetScoreSet(4).Init; userinfo.Extcredits5 = Scoresets.GetScoreSet(5).Init; userinfo.Extcredits6 = Scoresets.GetScoreSet(6).Init; userinfo.Extcredits7 = Scoresets.GetScoreSet(7).Init; userinfo.Extcredits8 = Scoresets.GetScoreSet(8).Init; //userinfo.Avatarshowid = 0; userinfo.Email = principal.Identity.Email ?? ""; userinfo.Bday = ""; userinfo.Sigstatus = 1; userinfo.Tpp = 0; userinfo.Ppp = 0; userinfo.Templateid = 0; userinfo.Pmsound = 0; userinfo.Showemail = 0; userinfo.Salt = ""; int receivepmsetting = 3;//关于短信息枚举值的设置看ReceivePMSettingType类型注释,此处不禁止用户接受系统短信息 //foreach (string rpms in DNTRequest.GetString("receivesetting").Split(',')) //{ // if (!Utils.StrIsNullOrEmpty(rpms)) // receivepmsetting = receivepmsetting | int.Parse(rpms); //} //if (config.Regadvance == 0) // receivepmsetting = 7; userinfo.Newsletter = (ReceivePMSettingType)receivepmsetting; userinfo.Invisible = 0; userinfo.Newpm = config.Welcomemsg == 1 ? 1 : 0; userinfo.Medals = ""; userinfo.Accessmasks = 0; userinfo.Website = ""; userinfo.Icq = ""; userinfo.Qq = ""; userinfo.Yahoo = ""; userinfo.Msn = ""; userinfo.Skype = ""; userinfo.Location = ""; userinfo.Customstatus = ""; //userinfo.Avatar = @"avatars\common\0.gif"; //userinfo.Avatarwidth = 0; //userinfo.Avatarheight = 0; userinfo.Bio = ""; userinfo.Signature = ""; var usergroupid = isAdmin ? 1 : 7; var usergroupinfo = UserGroups.GetUserGroupInfo(usergroupid); PostpramsInfo postpramsinfo = new PostpramsInfo(); postpramsinfo.Usergroupid = usergroupid; postpramsinfo.Attachimgpost = config.Attachimgpost; postpramsinfo.Showattachmentpath = config.Showattachmentpath; postpramsinfo.Hide = 0; postpramsinfo.Price = 0; postpramsinfo.Sdetail = userinfo.Signature; postpramsinfo.Smileyoff = 1; postpramsinfo.Bbcodeoff = 1 - usergroupinfo.Allowsigbbcode; postpramsinfo.Parseurloff = 1; postpramsinfo.Showimages = usergroupinfo.Allowsigimgcode; postpramsinfo.Allowhtml = 0; postpramsinfo.Smiliesinfo = Smilies.GetSmiliesListWithInfo(); postpramsinfo.Customeditorbuttoninfo = Editors.GetCustomEditButtonListWithInfo(); postpramsinfo.Smiliesmax = config.Smiliesmax; userinfo.Sightml = UBB.UBBToHTML(postpramsinfo); userinfo.Authtime = userinfo.Joindate; if (isAdmin) { userinfo.Authstr = ""; userinfo.Authflag = 0; userinfo.Groupid = usergroupid; } //邮箱激活链接验证 else if (config.Regverify == 1) { userinfo.Authstr = ForumUtils.CreateAuthStr(20); userinfo.Authflag = 1; userinfo.Groupid = 8; //SendEmail(tmpUsername, DNTRequest.GetString("password").Trim(), DNTRequest.GetString(config.Antispamregisteremail).Trim(), userinfo.Authstr); //Emails.DiscuzSmtpMail(tmpUsername, emailaddress, password, authstr); } //系统管理员进行后台验证 else if (config.Regverify == 2) { userinfo.Authstr = ""; userinfo.Groupid = 8; userinfo.Authflag = 1; } else { userinfo.Authstr = ""; userinfo.Authflag = 0; userinfo.Groupid = UserCredits.GetCreditsUserGroupId(0).Groupid; } userinfo.Realname = ""; userinfo.Idcard = ""; userinfo.Mobile = ""; userinfo.Phone = principal.Identity.PhoneNumber; //第三方加密验证模式 if (config.Passwordmode > 1 && PasswordModeProvider.GetInstance() != null) { userinfo.Uid = PasswordModeProvider.GetInstance().CreateUserInfo(userinfo); } else { userinfo.Password = Discuz.Common.Utils.MD5(userinfo.Password); userinfo.Uid = Users.CreateUser(userinfo); } return(userinfo); }