private static string GetSign(IGetSignData data, string loginName, string password, ulong timestamp)
{
var sb = data.GetSignData();
sb.Append("LoginName").Append(loginName).Append("Password").Append(password).Append("Timestamp").Append(timestamp);
return(HashUtil.Sha1(sb.ToString()));
}
public static Dictionary <string, string> ToQuery(this IGetSignData data, string loginName, string password)
{
var timestamp = Timestamp.GetTimestamp(DateTime.Now);
return(new Dictionary <string, string> {
{ "loginName", loginName },
{ "sign", GetSign(data, loginName, password, timestamp) },
{ "timestamp", timestamp.ToString() }
});
}
public static StringBuilder BuildSign(this IGetSignData obj)
{
var propertyInfos = GetPropertyInfos(obj.GetType());
StringBuilder sb = new StringBuilder();
foreach (var propertyInfo in propertyInfos)
{
sb.Append(propertyInfo.Name).Append(propertyInfo.GetValue(obj, null));
}
return(sb);
}
public static Dictionary <string, string> ToQuery(this IGetSignData data)
{
var timestamp = Timestamp.GetTimestamp(DateTime.Now);
var rpcUser = VirtualRoot.RpcUser;
return(new Dictionary <string, string> {
{ "loginName", rpcUser.LoginName },
{ "sign", GetSign(data, rpcUser.LoginName, rpcUser.PasswordSha1, timestamp) },
{ "timestamp", timestamp.ToString() }
});
}
public static bool IsValid <TResponse>(this IGetSignData data, IUser user, string sign, ulong timestamp, string clientIp, out TResponse response) where TResponse : ResponseBase, new()
{
if (clientIp == "localhost" || clientIp == "127.0.0.1")
{
response = null;
return(true);
}
if (_isInnerIpEnabled && Net.Util.IsInnerIp(clientIp))
{
response = null;
return(true);
}
if (user == null)
{
string message = "用户不存在";
response = ResponseBase.NotExist <TResponse>(message);
return(false);
}
else if (user.LoginName == "admin" && string.IsNullOrEmpty(user.Password))
{
string message = "第一次使用,请先设置密码";
response = ResponseBase.NotExist <TResponse>(message);
return(false);
}
if (!timestamp.IsInTime())
{
response = ResponseBase.Expired <TResponse>();
return(false);
}
string mySign = GetSign(data, user.LoginName, user.Password, timestamp);
if (sign != mySign)
{
string message = "用户名或密码错误";
response = ResponseBase.Forbidden <TResponse>(message);
Write.DevDebug($"{message} sign:{sign} mySign:{mySign}");
return(false);
}
response = null;
return(true);
}
public static T Post <T>(string host, int port, string controller, string action, IGetSignData signData, object data, int?timeout = null)
{
return(Post <T>(host, port, controller, action, signData.ToQuery(), data, timeout));
}
public static void PostAsync <T>(string host, int port, string controller, string action, IGetSignData signData, object data, Action <T, Exception> callback, int timeountMilliseconds = 0)
{
PostAsync <T>(host, port, controller, action, signData.ToQuery(), data, callback, timeountMilliseconds);
}