private void SaveToken2DB(HttpContext context, string username, TokenModel token)
{
ITokenInfoService tokenService = (ITokenInfoService)context.RequestServices.GetService(typeof(ITokenInfoService));
TokenInfo ti = new TokenInfo()
{
Token = token.AccessToken,
IP = context.Request.Host.Host,
Expiry = DateTime.Now.AddMinutes(1),
UserName = username
};
tokenService.SaveToken(ti);
}
private void CheckSignature(HttpContext context)
{
TokenModel token = this.GetTokenInfo(context);
if (token == null)
{
return;
}
String info = $"{token.UserName}-{token.ApplicationId}-{token.Expiry}-{token.Nonce}";
if (!info.Equals(AESCoding.Decrypt(token.Token)))
{
ReturnNoAuthorized(context);
return;
}
if (!String.IsNullOrEmpty(token.Expiry))
{
double current_stamp = (DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds;
double expiry = 0;
if (double.TryParse(token.Expiry, out expiry))
{
if (expiry < current_stamp)
{
ReturnTimeOut(context);
return;
}
}
}
ITokenInfoService tokenSerivce = context.RequestServices.GetService(typeof(ITokenInfoService)) as ITokenInfoService;
TokenInfo tInfo = tokenSerivce.GetTokenInfo(token.Token);
if (tInfo == null)
{
return;
}
IUserService userService = context.RequestServices.GetService(typeof(IUserService)) as IUserService;
User user = userService.GetUser(token.UserName);
var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme);
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.UserName),
new Claim(ClaimTypes.Role, "Member")
};
identity.AddClaims(claims);
context.User = new ClaimsPrincipal(identity);
}
public UserController(ITokenInfoService tokenInfoService, IUserService userService)
{
this.tokenInfoService = tokenInfoService;
this.userService = userService;
}
