private TokenObjApiRequest GetMemoryCacheToken(string api_key)
{
TokenObjApiRequest tokenObj = null;
bool tokenCacheIsNotNull = memoryCache.TryGetValue(api_key, out tokenObj);
return(tokenObj);
}
private void SetMemoryCacheToken(string api_key, ApiResponse <TokenResultApiRequest> apiResponse)
{
TokenObjApiRequest tokenObj = apiResponse.Result.Obj.FirstOrDefault();
bool expireDateIsNull = (string.IsNullOrWhiteSpace(tokenObj.ExpireDate));
//根據來源設定過期時間
DateTime expireTime = (expireDateIsNull) ? DateTime.Now.AddDays(15) : Convert.ToDateTime(tokenObj.ExpireDate);
memoryCache.Set(api_key, tokenObj, new MemoryCacheEntryOptions().SetAbsoluteExpiration(expireTime));
}
private bool TokenIsNotExpire(TokenObjApiRequest tokenData)
{
var result = true;
if (string.IsNullOrWhiteSpace(tokenData.ExpireDate))
{
return(true); //無過期日期值接回傳
}
if (DateTime.Now > Convert.ToDateTime(tokenData.ExpireDate))
{
result = false;
}
return(result);
}
public override void OnActionExecuting(ActionExecutingContext context)
{
bool requestTokenIsNull = false;
bool requestTokenIsEqualsCacheToken = false;
//Domain來源
context.HttpContext.Request.Headers.TryGetValue("Origin", out StringValues api_keyDatas);
string tmpDomain = $"{context.HttpContext.Request.Scheme }://{context.HttpContext.Request.Host}";
string requestDomain = (!string.IsNullOrWhiteSpace(api_keyDatas.FirstOrDefault())) ? api_keyDatas.FirstOrDefault() : tmpDomain;
//取得resquest token
requestTokenIsNull = this.GetRequestHeaderData(context, out string api_key, out string token);
if (requestTokenIsNull)
{
context.Result = this.SetContentResult(EnumApiStatus.API_ParameterError);
}
else
{
//取得相同api_key 的memoryToken
TokenObjApiRequest cacheToken = this.GetMemoryCacheToken(api_key);
//與memoryToken 判斷是否相同
requestTokenIsEqualsCacheToken = this.RequestTokenEqualsMemoryCache(token, cacheToken?.Token);
if (!requestTokenIsEqualsCacheToken)//不同
{
//至TokenSystem以api_key與token 取得資料
ApiResponse <TokenResultApiRequest> apiResponse = VerifyTokenByTokenSystem(api_key, token);
if (apiResponse.Status == "0")
{
//將新token資料 存入memoryCache
this.SetMemoryCacheToken(api_key, apiResponse);
//重新取得CacheToken
cacheToken = this.GetMemoryCacheToken(api_key);
}
else
{
this.ClearMemoryCacheToken(api_key);
context.Result = this.SetContentResult((EnumApiStatus)Convert.ToInt32(apiResponse.Status));
}
}
else
{
//以Domain來源判斷權限
bool clientDomainIsAllow = ClientDomainIsAllow(cacheToken.AllowList, requestDomain);
if (!clientDomainIsAllow)//權限不足
{
context.Result = this.SetContentResult(EnumApiStatus.NoAuth);
}
//判斷token是否過期
bool tokenIsNotExpire = TokenIsNotExpire(cacheToken);
if (!tokenIsNotExpire)//過期
{
context.Result = this.SetContentResult(EnumApiStatus.Token_Expire);
}
}
}
base.OnActionExecuting(context);
}
