/// <summary> /// token解密获取用户身份 /// </summary> /// <returns></returns> private TokenUserInfo GetCurrentUserFromToken() { if (currentHttpContext == null) { return(null); } var author = currentHttpContext.Request.Headers["Authorization"]; //var sysCode = _httpContext.Request.Query["SysCode"]; if (string.IsNullOrWhiteSpace(author) || !author.FirstOrDefault().Contains("Bearer")) //|| sysCode.ToString().IsNullOrWhiteSpace()) { return(null); } var token = author.ToString().Substring("Bearer".Length).Trim(); List <string> list; //token校验不通过或者token过期 if (!SSOHelper.IsTokenValid(token, out list) || Convert.ToDateTime(list[4]).AddMinutes(ConfigService.TokenOverTime) < DateTime.Now) { return(null); } //解析token获取用户信息 var tokenUserInfo = new TokenUserInfo { UserID = Convert.ToInt32(list[0]), AccountName = list[1], UserName = list[2], IP = list[3], Token = token }; return(tokenUserInfo); }
public void OnActionExecuting(ActionExecutingContext context) { var author = context.HttpContext.Request.Headers["Authorization"]; var param = context.HttpContext.Request.GetRequestParam().JsonToObj <RequestBase>(); //author为空或不以bearer开头 if (string.IsNullOrWhiteSpace(author) || !author.FirstOrDefault().Contains("Bearer")) { context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized; context.Result = new JsonResult(new { msg = "未知身份" }); return; } //提取token var token = author.ToString().Substring("Bearer".Length).Trim(); List <string> list; //token无法解密,不再查询redis。 if (!SSOHelper.IsTokenValid(token, out list)) { context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized; context.Result = new JsonResult(new { msg = "非法token" }); return; } //生成token 的时间加上token生效的时间 if (Convert.ToDateTime(list[4]).AddMinutes(Convert.ToDouble(BaseCore.Configuration.GetSection("AppSetting:TokenOverTime").Value)) < DateTime.Now) { context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized; context.Result = new JsonResult(new { msg = "token已过期" }); return; } //解析token获取用户信息 var tokenUserInfo = new TokenUserInfo { UserID = Convert.ToInt32(list[0]), AccountName = list[1], UserName = list[2], IP = list[3], Token = token }; ((BaseController)context.Controller).CurrentUser = tokenUserInfo; ////token生成时的ip与当前请求ip不一致 //if (tokenUserInfo.IP != context.HttpContext.Connection.RemoteIpAddress.ToString()) //{ // context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized; // context.Result = new JsonResult(new { msg = "非法请求" }); // return; //} //context.Controller var redisCache = (RedisCache)context.HttpContext.RequestServices.GetService(typeof(RedisCache)); var userInfoKey = ConfigService.GetUserInfoRedisKey(token, param.SysCode); //token+sysCode组成的key是否存在 if (!redisCache.Exists(userInfoKey)) { context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized; context.Result = new JsonResult(new { msg = "无权限" }); return; } }
public ServiceBase(IServiceProvider serviceProvider) { _serviceProvider = serviceProvider; readOnlyContext = (BizReadOnlyContext)serviceProvider.GetService(typeof(BizReadOnlyContext)); masterContext = (BizMasterContext)serviceProvider.GetService(typeof(BizMasterContext)); logContext = (LogContext)serviceProvider.GetService(typeof(LogContext)); currentHttpContext = ((IHttpContextAccessor)serviceProvider.GetService(typeof(IHttpContextAccessor))).HttpContext; redisCache = (RedisCache)serviceProvider.GetService(typeof(RedisCache)); currentUser = GetCurrentUserFromToken(); masterDbSet = masterContext.Set <T>(); readOnlyDbSet = readOnlyContext.Set <T>(); }
/// <summary> /// 验证令牌,生成用户 /// </summary> /// <param name="strUserToken">令牌</param> /// <param name="user">返回用户对象</param> /// <returns>true/false</returns> public static bool ValidateUserToken(string userToken, out TokenUserInfo user) { user = null; try { string[] userInfoArray = null; if (!string.IsNullOrEmpty(userToken)) { userToken = System.Web.HttpUtility.UrlDecode(userToken, System.Text.Encoding.UTF8); userToken = userToken.Replace("-", "+").Replace("_", "/").Replace("*", "="); userToken = NiuCryptoService.DecryptToken(userToken); userInfoArray = userToken.Split(Separator); if (userInfoArray.Length == 9) { user = new TokenUserInfo() { userId = ObjectConvert.ChangeType <long>(userInfoArray[1], 0), nickName = userInfoArray[3], tokenType = (tokenType)ObjectConvert.ChangeType <long>(userInfoArray[0], 0), type = (userType)ObjectConvert.ChangeType <int>(userInfoArray[2], 0), status = ObjectConvert.ChangeType <int>(userInfoArray[4], 0), channelId = ObjectConvert.ChangeType <int>(userInfoArray[5], 0), roleId = ObjectConvert.ChangeType <int>(userInfoArray[6], 0), roleName = userInfoArray[7], isManage = ObjectConvert.ChangeType <int>(userInfoArray[8], 0) }; } } } catch (Exception ex) { logRecord.WriteSingleLog("ValidateUserToken.log", string.Format("error:{0}", ex.Message)); } return(true); }