//public UserAuthorizeMiddleware(RequestDelegate next, AuthServerConfig authServerConfig, IServiceProvider serviceProvider)
//{
// if (next == null)
// {
// throw new ArgumentNullException(nameof(next));
// }
// _next = next;
// _authServerConfig = authServerConfig;
// _serviceProvider = serviceProvider;
// var _emailRepository = serviceProvider.GetRequiredService<IHttpClientFactoryHelper>();
//}
/// <summary>
/// Scoped的接口只能从Invoke进行方法注入,否则无法获取到对象
/// </summary>
/// <param name="context"></param>
/// <param name="httpRequest"></param>
/// <returns></returns>
public async Task Invoke(HttpContext context, IHttpClientFactoryHelper httpClient)
{
string token = string.Empty;
token = context.Request.Headers["Authorization"];//先从请求头获取token
if (string.IsNullOrEmpty(token))
{
token = context.Session.GetString("token");//再从session中获取token
}
string url = $"{_authServerConfig.TokenServerUrl}/Security/Token/ValidateToken";
string posData = JsonConvert.SerializeObject(token);
TokenAuthorizeInfo tokenAuthorizeInfo = await httpClient.GetJsonResult <TokenAuthorizeInfo>(url, posData, HttpMethod.Get);
if (tokenAuthorizeInfo != null)
{
if (tokenAuthorizeInfo.Status)
{
await _next(context);
}
else
{
context.Response.StatusCode = 401;
}
}
else
{
context.Response.StatusCode = 401;
}
}
/// <summary>
/// 登录并获取token
/// </summary>
/// <param name="name"></param>
/// <param name="password"></param>
/// <returns></returns>
public TokenAuthorizeInfo LoginAndGetToken(LoginUserMode userModel)
{
UserInfo userInfo;
TokenAuthorizeInfo tokenAuthorizeInfo = new TokenAuthorizeInfo();
userInfo = _userService.QueryableToEntity(x => x.user_name.Equals(userModel.user_name));
if (userInfo == null)
{
tokenAuthorizeInfo.ErrorMessage = "未查找到用户";
}
else if (!userInfo.user_pwd.DecodeBase64().Equals(userModel.user_pwd))
{
tokenAuthorizeInfo.ErrorMessage = "用户密码错误";
}
else
{
tokenAuthorizeInfo.Status = true;
tokenAuthorizeInfo.AuthorizeType = "Bearer";
tokenAuthorizeInfo.UserId = userInfo.id;
tokenAuthorizeInfo.UserName = userInfo.user_name;
tokenAuthorizeInfo.Token = _tokenService.GetToken(userInfo);
tokenAuthorizeInfo.ValidTime = DateTime.Now.AddMinutes(_tokenService.TokenSetting.ExpireMins);
userInfo.last_login = DateTime.Now;
_userService.Update(userInfo);//更新最后一次登录时间
}
return(tokenAuthorizeInfo);
}
/// <summary>
/// 解析Token
/// </summary>
/// <param name="AuthToken"></param>
/// <returns></returns>
public TokenAuthorizeInfo ValidateToken(string AuthToken)
{
DateTime ValidTime;
TokenAuthorizeInfo tokenInfo = new TokenAuthorizeInfo();
if (string.IsNullOrEmpty(AuthToken) == false)
{
var tokenHandler = new JwtSecurityTokenHandler();
var validationParameters = GetValidationParameters();
SecurityToken validatedToken;
try
{
ClaimsPrincipal principal = tokenHandler.ValidateToken(AuthToken, validationParameters, out validatedToken);
JwtSecurityToken JwtVlidatedToken = validatedToken as JwtSecurityToken;
ValidTime = validatedToken.ValidTo.AddHours(8);//时区为零时区,需要加8小时
Claim claim = JwtVlidatedToken.Claims.First(x => x.Type.Equals("name"));
if (claim != null)
{
tokenInfo.UserName = claim.Value;
tokenInfo.ValidTime = ValidTime;
tokenInfo.Status = true;
}
else
{
tokenInfo.ErrorMessage = "错误,Token不含用户名称";
}
}
catch (Exception ex)//token过期会自动报错
{
tokenInfo.ErrorMessage = "错误,Token解析失败" + ex.Message;
}
}
return(tokenInfo);
}
public async Task <string> GetTokenAsync(string UserJsonString, CancellationToken cancellationToken)
{
LoginUserMode user = JsonConvert.DeserializeObject <LoginUserMode>(UserJsonString);
TokenAuthorizeInfo tokenAuthorizeInfo = _userLoginService.LoginAndGetToken(user);
string ResponseJson = JsonConvert.SerializeObject(tokenAuthorizeInfo);
return(ResponseJson);
}
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
string token = string.Empty;
token = context.HttpContext.Request.Headers["Authorization"];//先从请求头获取token
if (string.IsNullOrEmpty(token))
{
token = context.HttpContext.Session.GetString("token");//再从session中获取token
}
var objectResult = context.Result as ObjectResult;
string url = $"{_authServerConfig.TokenServerUrl}/security/Token/ValidateToken";
string posData = JsonConvert.SerializeObject(token);
TokenAuthorizeInfo tokenAuthorizeInfo = await _httpClient.GetJsonResult <TokenAuthorizeInfo>(url, posData, HttpMethod.Get);
if (tokenAuthorizeInfo != null)
{
if (tokenAuthorizeInfo.Status)
{
//continue;
//context.Result = objectResult;
await next.Invoke();
}
else
{
if (_IsRedirectToLogin)
{
context.HttpContext.Response.StatusCode = 401;
context.Result = new RedirectResult(_authServerConfig.LoginUrl);//跳转到登录页面
}
else
{
objectResult = new ObjectResult(new { code = 401, msg = "用户未有授权" });
context.Result = objectResult;
context.HttpContext.Response.StatusCode = 401;
}
}
}
else
{
if (_IsRedirectToLogin)
{
context.HttpContext.Response.StatusCode = 401;
context.Result = new RedirectResult(_authServerConfig.LoginUrl);//跳转到登录页面
}
else
{
objectResult = new ObjectResult(new { code = 401, msg = "用户未有授权" });
context.Result = objectResult;
context.HttpContext.Response.StatusCode = 401;
}
}
}
public IActionResult ValidateToken()//验证token结果
{
TokenAuthorizeInfo tokenParseResult = new TokenAuthorizeInfo();
if (HttpContext.Request.Headers.ContainsKey("Authorization"))
{
string token = HttpContext.Request.Headers["Authorization"];
tokenParseResult = _tokenService.ValidateToken(token);
}
return(new JsonResult(tokenParseResult));
}
public IActionResult ValidateToken([FromBody] string AuthToken)//验证token结果
{
string token = AuthToken;
if (token.Contains("Bearer"))
{
token = token.Replace("Bearer", string.Empty);
token = token.Trim();
}
_logWrite.WriteLog("Token", "ValidateToken", "请求验证token");
TokenAuthorizeInfo tokenParseResult = _tokenService.ValidateToken(token);
return(new JsonResult(tokenParseResult));
}
public async Task <IActionResult> LoginAsync(string name, string password)
{
string url = "http://172.21.168.5:8010/Authentication/Token/GetToken?name=admin&password=admin";
TokenAuthorizeInfo tokenAuthorizeInfo = await _httpClient.GetJsonResult <TokenAuthorizeInfo>(url, null, HttpMethod.Get);
if (tokenAuthorizeInfo != null)
{
var _session = _httpContextAccessor.HttpContext.Session;
_session.SetString("user_name", tokenAuthorizeInfo.UserName);
_session.SetString("token", tokenAuthorizeInfo.Token);
return(Content("OK"));
}
return(Content("Fail"));
}
public IActionResult ValidhHeaderToken()//验证token结果
{
TokenAuthorizeInfo tokenParseResult = new TokenAuthorizeInfo();
if (HttpContext.Request.Headers.ContainsKey("Authorization"))
{
string token = HttpContext.Request.Headers["Authorization"];
if (token.Contains("Bearer"))
{
token = token.Replace("Bearer", string.Empty);
token = token.Trim();
}
_logWrite.WriteLog("Token", "ValidhHeaderToken", "请求验证token");
tokenParseResult = _tokenService.ValidateToken(token);
}
return(new JsonResult(tokenParseResult));
}
public async Task <string> GetTokenAsync(string UserJsonString, CancellationToken cancellationToken)
{
TokenAuthorizeInfo tokenAuthorizeInfo = new TokenAuthorizeInfo();
UserInfo user = JsonConvert.DeserializeObject <UserInfo>(UserJsonString);
if (user.user_name != "admin" && user.user_pwd != "admin")//此代码临时处理,因为用户权限功能暂时无
{
user = _userService.QueryableToEntity(x => x.user_name.Equals(user.user_name));
if (user == null)
{
tokenAuthorizeInfo.ErrorMessage = "未查找到用户";
}
else if (!user.user_pwd.DecodeBase64().Equals(user.user_pwd))
{
tokenAuthorizeInfo.ErrorMessage = "用户密码错误";
}
}
else
{
user = new UserInfo()
{
id = 1, user_name = "admin"
};
}
if (user != null && user.id > 0)
{
tokenAuthorizeInfo.AuthorizeType = "Bearer";
tokenAuthorizeInfo.UserId = user.id;
tokenAuthorizeInfo.UserName = user.user_name;
tokenAuthorizeInfo.Token = _tokenService.GetToken(user);
tokenAuthorizeInfo.ValidTime = DateTime.Now.AddMinutes(_tokenService.TokenSetting.ExpireMins);
}
string ResponseJson = JsonConvert.SerializeObject(tokenAuthorizeInfo);
return(ResponseJson);
}
public IActionResult GetToken(string name, string password)
{
UserInfo user;
TokenAuthorizeInfo tokenAuthorizeInfo = new TokenAuthorizeInfo();
if (name != "admin" && password != "admin")//此代码临时处理,因为用户权限功能暂时无
{
user = _userService.QueryableToEntity(x => x.user_name.Equals(name));
if (user == null)
{
tokenAuthorizeInfo.ErrorMessage = "未查找到用户";
}
else if (!user.user_pwd.DecodeBase64().Equals(password))
{
tokenAuthorizeInfo.ErrorMessage = "用户密码错误";
}
}
else
{
user = new UserInfo()
{
id = 1, user_name = "admin"
};
}
if (user != null && user.id > 0)
{
tokenAuthorizeInfo.AuthorizeType = "Bearer";
tokenAuthorizeInfo.UserId = user.id;
tokenAuthorizeInfo.UserName = user.user_name;
tokenAuthorizeInfo.Token = _tokenService.GetToken(user);
tokenAuthorizeInfo.ValidTime = DateTime.Now.AddMinutes(_tokenService.TokenSetting.ExpireMins);
}
return(new JsonResult(tokenAuthorizeInfo));
// return JsonConvert.SerializeObject(tokenAuthorizeInfo);
}
public IActionResult ValidateToken(string AuthToken)//验证token结果
{
TokenAuthorizeInfo tokenParseResult = _tokenService.ValidateToken(AuthToken);
return(new JsonResult(tokenParseResult));
}
public async Task <string> ValidateTokenAsync(string AuthToken, CancellationToken cancellationToken)
{
TokenAuthorizeInfo tokenInfo = _tokenService.ValidateToken(AuthToken);
return(JsonConvert.SerializeObject(tokenInfo));
}
public IActionResult Login([FromBody] LoginUserMode userModel)
{
TokenAuthorizeInfo tokenAuthorizeInfo = _userLoginService.LoginAndGetToken(userModel);
return(new JsonResult(tokenAuthorizeInfo));
}