/// <summary> /// 生成用户登录身份信息 /// </summary> /// <param name="credentials"></param> /// <returns></returns> private KTApplicationIdentity CreateAppIdentity(Credentials credentials) { if (credentials == null || !credentials.Enabled || credentials.ExpireTime < DateTime.Now) { return(null); } KTApplicationIdentity applicationIdentity = new KTApplicationIdentity() { Id = credentials.UserId, Token = credentials.accesstoken, Name = credentials.UserName, RealName = credentials.RealName, OrgId = credentials.OrgId, OrgCode = credentials.OrgCode, OrgName = credentials.OrgName, FromCode = credentials.FromCode, FromName = credentials.FromName, FromToken = credentials.FromToken, TokenExpireTime = credentials.ExpireTime, CreateTime = credentials.CreateTime, // 初始化完成该对象, 认为已经完成认证?? IsAuthenticated = true }; return(applicationIdentity); }
/// <summary> /// 重写方法 /// </summary> /// <param name="actionContext"></param> public override void OnActionExecuting(HttpActionContext actionContext) { // 无需认证处理 if (actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any() || actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any()) { return; } // 通过cookie获取token信息 string token = CookieHelper.GetCookieByKey(Constants.TOKEN); if (string.IsNullOrWhiteSpace(token)) { actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); actionContext.Response.Headers.Location = new Uri("https://localhost:44331/login"); } // 判断服务器端token是否 if (HttpContext.Current != null && HttpContext.Current.User != null) { AuthenticationPrincipal authenticationPrincipal = HttpContext.Current.User as AuthenticationPrincipal; if (authenticationPrincipal == null) { actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); actionContext.Response.Headers.Location = new Uri("https://localhost:44331/login"); } else { KTApplicationIdentity ktApplicationIdentity = authenticationPrincipal.Identity as KTApplicationIdentity; if (ktApplicationIdentity.Token == null) { GetHttpActionContext(actionContext, returnUrl); } if (ktApplicationIdentity.Token != null && ktApplicationIdentity.Token != token) { GetHttpActionContext(actionContext, returnUrl); } } } else { GetHttpActionContext(actionContext, returnUrl); } if (roleList != RoleEnum.None) { // TODO 获取当前用户真实角色 RoleEnum userRole = RoleEnum.KTDepartmentLeader; if (((RoleEnum)this.roleList & userRole) == userRole) { // 有权限做某事 } else { // 无权限做某事 } } }