public static VolunteerToken GetToken(string token) { DbEntity db = new DbEntity(); VolunteerToken volunteerToken = db.VolunteerTokens.FirstOrDefault(s => s.Token == token); db.Dispose(); return(volunteerToken); }
public bool IsTokenValid(TokenModel token) { var volunteerToken = new VolunteerToken { Id = token.TokenId, Volunteer_ID = token.VolunteerId, Token_VC = token.Token }; return(_tokenSpecification.IsTokenActive(volunteerToken) && token.IsFormatValid); }
public IHttpActionResult PostLogout() { Guid volunteerId = VolunteerService.GetVolunteerIdFromIdentity(); VolunteerToken volunteerToken = db.VolunteerTokens.FirstOrDefault(s => s.VolunteerId == volunteerId); try { volunteerToken.Validity = 0; db.Entry(volunteerToken).State = EntityState.Modified; db.SaveChanges(); } catch { db.Entry(volunteerToken).State = EntityState.Unchanged; return(BadRequest("操作发生错误")); } return(Ok()); }
public static bool UpdateTokenActiveTime(Guid Id) { try { DbEntity db = new DbEntity(); VolunteerToken volunteerToken = db.VolunteerTokens.FirstOrDefault(s => s.VolunteerId == Id); if (volunteerToken == null) { return(false); } volunteerToken.ActiveTime = DateTime.UtcNow; db.SaveChanges(); db.Dispose(); return(true); } catch { return(false); } }
public override void OnActionExecuting(HttpActionContext actionContext) { IEnumerable <string> tokenItem = null; actionContext.Request.Headers.TryGetValues("token", out tokenItem); //没有token if (tokenItem == null) { throwUnanthorizedException(); } string token = tokenItem.ToList()[0]; VolunteerToken volunteerToken = VolunteerService.GetToken(token); //数据库没有此token if (volunteerToken == null) { throwUnanthorizedException(); } //token过期 if (volunteerToken.ExpiredTime < DateTime.UtcNow) { throwUnanthorizedException(); } Volunteer volunteer = VolunteerService.GetVolunteer(volunteerToken.VolunteerId); //volunteer是否存在或有效 if (volunteer == null || volunteer.Status == EnumUserStatus.注销 || volunteer.Status == EnumUserStatus.密码输入错误临时锁定 || volunteer.Status == EnumUserStatus.注册未验证手机) { throwUnanthorizedException(); } SetPrincipal(new VolunteerPrincipal(volunteer)); if (!VolunteerService.UpdateTokenActiveTime(volunteer.Id)) { throwUnanthorizedException(); } base.OnActionExecuting(actionContext); }
public string GenerateToken(GenerateTokenModel model) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString(CultureInfo.InvariantCulture)), new Claim("vId", SecurityBase.Encrypt(model.VolunterId.ToString())), new Claim("oId", SecurityBase.Encrypt(model.OrganisationId.ToString())), new Claim(JwtRegisteredClaimNames.Email, SecurityBase.Encrypt(model.Email)) }; var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(model.Key)); var signingCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256Signature, "http://www.w3.org/2001/04/xmlenc#sha256"); var jwtSecurityToken = new JwtSecurityToken( issuer: model.Issuer, audience: model.Audience, claims: claims, //expires: DateTime.UtcNow,//DateTime.UtcNow.AddDays(1), signingCredentials: signingCredentials ); var jwtSecurityTokenHandler = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken); var tokenId = claims.First(claim => claim.Type == JwtRegisteredClaimNames.Jti).Value; var volunteerToken = new VolunteerToken { Id = new Guid(tokenId), Volunteer_ID = model.VolunterId, Token_VC = jwtSecurityTokenHandler, Active_BT = true }; _volunteerTokenRepository.SaveToken(volunteerToken); return(jwtSecurityTokenHandler); }
public IHttpActionResult PostLogin(Login model) { //验证Android手机终端 IEnumerable <string> headerUuid = null; ActionContext.Request.Headers.TryGetValues("uuid", out headerUuid); if (headerUuid == null) { return(BadRequest("请从Android手机操作")); } string uuid = null; if (headerUuid != null) { uuid = headerUuid.ToList()[0]; } //验证数据 if (model == null) { return(BadRequest("请填写登录信息")); } if (!ModelState.IsValid) { return(BadRequest(ModelState.Values.First(s => s.Errors.Count > 0).Errors[0].ErrorMessage)); } Volunteer volunteer = db.Volunteers.FirstOrDefault(s => s.MobileNumber == model.MobileNumber && s.Status != EnumUserStatus.注销); //应为0个或1个 //验证是否已注册 if (volunteer == null) { return(BadRequest("该手机号码未注册")); } //验证账户是否锁定 if (volunteer.Status == EnumUserStatus.密码输入错误临时锁定) { if (volunteer.LockoutEndTime < DateTime.Now) { volunteer.Status = EnumUserStatus.正常; volunteer.LockoutStartTime = null; volunteer.LockoutDuration = 0; db.SaveChanges(); } else { return(BadRequest("账户被锁定")); } } //验证密码 if (volunteer.Password != SecurityHelper.MD5Hash(model.PassWord)) { return(BadRequest("密码不正确")); } //更新uuid if (uuid != null) { volunteer.Uuid = uuid; } VolunteerToken volunteerToken = db.VolunteerTokens.FirstOrDefault(s => s.VolunteerId == volunteer.Id); DateTime now = DateTime.UtcNow; string token = SecurityHelper.MD5Hash(volunteer.Id.ToString() + now.ToString() + Guid.NewGuid().ToString()); if (volunteerToken == null) { volunteerToken = new VolunteerToken { VolunteerId = volunteer.Id, CreateTime = now, ActiveTime = now, Token = token, Validity = 30 }; try { db.VolunteerTokens.Add(volunteerToken); db.Entry(volunteerToken).State = EntityState.Added; db.SaveChanges(); } catch { db.Entry(volunteerToken).State = EntityState.Unchanged; return(BadRequest("操作发生错误")); } } else { volunteerToken.ActiveTime = now; volunteerToken.Token = token; volunteerToken.Validity = 30; db.Entry(volunteerToken).State = EntityState.Modified; try { db.SaveChanges(); } catch { db.Entry(volunteerToken).State = EntityState.Unchanged; return(BadRequest("操作发生错误")); } } return(Ok(new { Token = token, Volunteer = VolunteerService.FormatUser(volunteer) })); }
public IHttpActionResult PostRegister(Register model) { DateTime now = DateTime.Now; //验证Andriod手机端 IEnumerable <string> headUuid = null; ActionContext.Request.Headers.TryGetValues("uuid", out headUuid); string uuid = null; if (headUuid != null) { uuid = headUuid.ToList()[0]; } //验证数据 if (model == null) { return(BadRequest("请填写注册信息")); } if (!ModelState.IsValid) { return(BadRequest(ModelState.Values.First(s => s.Errors.Count > 0).Errors[0].ErrorMessage)); } Volunteer volunteer = db.Volunteers.FirstOrDefault(s => s.MobileNumber == model.MobileNumber && s.Status != EnumUserStatus.注销); //未点击获取验证码 if (volunteer == null) { return(BadRequest("请获取验证码")); } //手机号码已注册 if (volunteer.Status == EnumUserStatus.注册未验证手机) { return(BadRequest("该手机号码已注册")); } //数据库中不存在验证码 if (string.IsNullOrEmpty(volunteer.SmsCaptcha)) { return(BadRequest("请获取验证码")); } //验证码用途不正确 if (!volunteer.SmsCaptchaUsedFor.HasValue || volunteer.SmsCaptchaUsedFor != EnumCaptchaUsedFor.志愿者注册) { return(BadRequest("验证码无效,请重新获取验证码")); } //验证码失效 if (volunteer.SmsCaptchaExpiredTime > now) { return(BadRequest("验证码失效,请重新获取")); } //验证码错误 if (volunteer.SmsCaptcha != model.Captcha) { return(BadRequest("验证码错误")); } //注册,生成token volunteer.Uuid = uuid; volunteer.Password = SecurityHelper.MD5Hash(model.PassWord); volunteer.SmsCaptcha = null; volunteer.SmsCaptchaExpiredTime = null; volunteer.SmsCaptchaUsedFor = null; volunteer.Status = EnumUserStatus.注册中; volunteer.RegisterTime = now; db.Entry(volunteer).State = EntityState.Modified; try { db.SaveChanges(); VolunteerToken volunteerToken = db.VolunteerTokens.FirstOrDefault(s => s.VolunteerId == volunteer.Id); string token = SecurityHelper.MD5Hash(volunteer.Id.ToString() + now.ToString() + Guid.NewGuid().ToString()); if (volunteerToken == null) { volunteerToken = new VolunteerToken { VolunteerId = volunteer.Id, Token = token, CreateTime = now, ActiveTime = now, Validity = 30 }; db.VolunteerTokens.Add(volunteerToken); db.SaveChanges(); } else { volunteerToken.ActiveTime = now; volunteerToken.Token = token; volunteerToken.Validity = 30; db.Entry(volunteerToken).State = EntityState.Modified; db.SaveChanges(); } return(Ok( new { Token = token, Volunteer = VolunteerService.FormatUser(volunteer) } )); } catch (Exception ex) { db.Entry(volunteer).State = EntityState.Unchanged; return(BadRequest("操作发生错误")); } }
public bool IsTokenActive(VolunteerToken volunteerToken) { return(_volunteerTokenRepository.IsTokenActive(volunteerToken)); }