// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddControllers(); var jwtSection = Configuration.GetSection(JwtOption.Name); services.Configure <JwtOption>(jwtSection); services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { var jwtOption = new JwtOption(); jwtSection.Bind(jwtOption); options.TokenValidationParameters = new TokenValidationParameters { IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtOption.SecretKey)), ValidateLifetime = jwtOption.ValidateLifetime, ValidIssuer = jwtOption.ValidIssuer, ValidAudience = jwtOption.ValidAudience, ValidateAudience = jwtOption.ValidateAudience, ValidateIssuer = jwtOption.ValidateIssuer, }; }); }
/// <summary> /// 生成JwtToken /// </summary> public static string CreateToken(Claim[] claims, JwtOption jwtOption) { string secret = jwtOption.Secret; if (secret == null) { throw new Exception("创建JwtToken时Secret为空"); } SecurityKey key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secret)); SigningCredentials credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature); DateTime now = DateTime.Now; double days = Math.Abs(jwtOption.ExpireDays); DateTime expires = now.AddDays(days); SecurityTokenDescriptor descriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Audience = jwtOption.Audience, Issuer = jwtOption.Issuer, SigningCredentials = credentials, NotBefore = now, IssuedAt = now, Expires = expires }; JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); SecurityToken token = tokenHandler.CreateToken(descriptor); return(tokenHandler.WriteToken(token)); }
public void InstallServices(IServiceCollection services) { var jwtOptions = new JwtOption { Issuer = "patientTracking.net", Audience = "patientTracking.net", SecurityKey = "F2peYX7865Yk8wztCxg8jzZGF5yEx4vu4TK4mN8DLtsVpnGa3V5jabYjFhGf", AccessTokenExpiration = 15, RefreshTokenExpiration = 60 * 24 * 10 }; services.AddSingleton(jwtOptions); services.AddAuthentication(x => { x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(x => { x.SaveToken = true; x.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidIssuer = jwtOptions.Issuer, ValidAudience = jwtOptions.Audience, ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtOptions.SecurityKey)), ClockSkew = TimeSpan.Zero }; }); }
public UserController(IOptions <JwtOption> options) { jwtOption = options.Value; jwtSecurityTokenHandler = new JwtSecurityTokenHandler(); SymmetricSecurityKey symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtOption.SecretKey)); signingCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256); }
public UserController(IUserRepository userRepository, ITimeService timeService, IOptions <JwtOption> jwtOptions) { _userRepository = userRepository; _timeService = timeService; _jwtOption = jwtOptions.Value; }
private void ParseToken(HttpContext context, string token) { try { JwtOption jwtOption = _db.JwtOption.FirstOrDefault(); if (jwtOption == null) { throw new Exception("JwtOption was null"); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(jwtOption.Key); SecurityToken SignatureValidator(string encodedToken, TokenValidationParameters parameters) { var jwt = new JwtSecurityToken(encodedToken); var hmac = new HMACSHA256(Encoding.ASCII.GetBytes(jwtOption.Key)); var signingCredentials = new SigningCredentials(new SymmetricSecurityKey(hmac.Key), SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest); var signKey = signingCredentials.Key as SymmetricSecurityKey; var encodedData = jwt.EncodedHeader + "." + jwt.EncodedPayload; var compiledSignature = Encode(encodedData, signKey.Key); if (compiledSignature != jwt.RawSignature) { throw new Exception("Token signature validation failed."); } return(jwt); } tokenHandler.ValidateToken(token, new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false, RequireSignedTokens = false, //погугли ClockSkew = TimeSpan.Zero, SignatureValidator = SignatureValidator, }, out SecurityToken validatedToken); var jwtToken = (JwtSecurityToken)validatedToken; context.User = new GenericPrincipal(new AuthorizedUserModel { RoleId = int.Parse(jwtToken.Claims.First(x => x.Type == ClaimsIdentity.DefaultNameClaimType).Value), UserId = int.Parse(jwtToken.Claims.First(x => x.Type == ClaimsIdentity.DefaultRoleClaimType).Value), }, new [] { "" }); } catch (Exception ex) { throw new Exception(ex.Message); } }
public IdentityController( ILogger <IdentityController> logger, IOptions <JwtOption> option, IIdentityContract identityContract) { _logger = logger; _option = option.Value; _identityContract = identityContract; }
/// <summary> /// 构造函数 /// </summary> /// <param name="iAPPService"></param> /// <param name="_userService"></param> /// <param name="jwtModel"></param> public TokenController(IAPPService iAPPService, IUserService _userService, JwtOption jwtModel) { if (iAPPService == null) { throw new ArgumentNullException(nameof(iAPPService)); } _iAPPService = iAPPService; userService = _userService; _jwtModel = jwtModel; }
public TokenService( ILogger <TokenService> logger, IOptions <Configs> configs ) { _configs = configs.Value; _jwtOptions = _configs.JwtOption; _logger = logger; _dc = CreateDC(); }
public JwtFactory(IJwtTokenHandler jwtTokenHandler, IOptions <JwtIssuerOptions> jwtOptions, IJwtTokenValidator jwtTokenValidator, IOptions <JwtOption> jwtOption) { _jwtTokenHandler = jwtTokenHandler; _jwtOptions = jwtOptions.Value; _jwtTokenValidator = jwtTokenValidator; _jwtOption = jwtOption.Value; ThrowIfInvalidOptions(_jwtOptions); }
protected override void Dispose(bool disposing) { if (disposing) { logger = null; userMgr = null; roleMgr = null; jwt = null; navRepo = null; cache = null; userTokenRepo = null; usersCtrl = null; privilegeRepo = null; commonOption = null; } base.Dispose(disposing); }
public static AuthenticationBuilder AddJwtAuthentication(this IServiceCollection services, IConfiguration configuration, string section) { var jwtOption = new JwtOption(); var jwtSection = configuration.GetSection(section); jwtSection.Bind(jwtOption); return(services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(cfg => { cfg.TokenValidationParameters = new TokenValidationParameters { IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtOption.SecretKey)), ValidIssuer = jwtOption.Issuer, ValidateAudience = false, ValidateLifetime = jwtOption.ValidateLifetime }; })); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddControllers(); //string datebaseconnectionstring = "Host=185.87.48.116;Database=postgres;Username=postgres;Password=123123AAA"; string datebaseconnectionstring = Environment.GetEnvironmentVariable("datebaseconnectionstring"); services.AddTransient(x => { return(new MainContext(datebaseconnectionstring)); }); MainContext context = new MainContext(datebaseconnectionstring); JwtOption jwtOption = context.JwtOption.FirstOrDefault(); services.AddSingleton(new AuthOptions(jwtOption.Key, jwtOption.Issuer, jwtOption.Audience)); services.AddTransient <IAuthService, AuthService>(); services.AddSwaggerGen(); }
public AccountController( ILogger <AccountController> logger, UserManager <AppUser> userMgr, RoleManager <AppRole> roleMgr, IOptionsSnapshot <JwtOption> jwt, IAppNavItemRepository navRepo, IDistributedCache cache, IAppUserTokenRepository userTokenRepo, UsersController usersCtrl, IAppPrivilegeRepository privilegeRepo, CommonOption commonOption ) { this.logger = logger ?? throw new ArgumentNullException(nameof(logger)); this.userMgr = userMgr ?? throw new ArgumentNullException(nameof(userMgr)); this.roleMgr = roleMgr ?? throw new ArgumentNullException(nameof(roleMgr)); this.jwt = jwt.Value ?? throw new ArgumentNullException(nameof(jwt)); this.navRepo = navRepo ?? throw new ArgumentNullException(nameof(navRepo)); this.cache = cache ?? throw new ArgumentNullException(nameof(cache)); this.userTokenRepo = userTokenRepo ?? throw new ArgumentNullException(nameof(userTokenRepo)); this.usersCtrl = usersCtrl ?? throw new ArgumentNullException(nameof(usersCtrl)); this.privilegeRepo = privilegeRepo ?? throw new ArgumentNullException(nameof(privilegeRepo)); this.commonOption = commonOption ?? throw new ArgumentNullException(nameof(commonOption)); }
/// <summary> /// 添加验证 /// </summary> /// <param name="services"></param> /// <returns></returns> public static IServiceCollection AddCustomAuthentication(this IServiceCollection services, IConfiguration configuration) { //services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) // .AddCloudFoundryJwtBearer(configuration); //services.Configure<JwtOption>(configuration.GetSection("JwtOptions")); //由于初始化的时候我们就需要用,所以使用Bind的方式读取配置 //将配置绑定到JwtSettings实例中 var jwtSettings = new JwtOption(); configuration.Bind("JwtOptions", jwtSettings); services.AddAuthentication(options => { //认证middleware配置 options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(o => { var key = jwtSettings.SecretKey; o.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters { ValidateAudience = false, ValidateIssuer = false, //Token颁发机构 ValidIssuer = jwtSettings.Issuer, //这里的key要进行加密,需要引用Microsoft.IdentityModel.Tokens IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.SecretKey)), //ValidateIssuerSigningKey=true, ////是否验证Token有效期,使用当前时间与Token的Claims中的NotBefore和Expires对比 ValidateLifetime = true, ////允许的服务器时间偏移量 ClockSkew = TimeSpan.FromSeconds(1) }; }); return(services); }
public AccountController(IOptionsMonitor <JwtOption> option, SigningCredentials signingCredentials, UserService userService) { _signingCredentials = signingCredentials; _userService = userService; _jwtOption = option.CurrentValue; }
public JwtProvider(IOptions <JwtOption> options) { _options = options.Value; }
public async Task <IActionResult> GetCheckUser(string username, string password, string vcode, string vkey, string appId, string systemCode) { CommonResult result = new CommonResult(); RemoteIpParser remoteIpParser = new RemoteIpParser(); string strIp = remoteIpParser.GetClientIp(HttpContext).MapToIPv4().ToString(); YuebonCacheHelper yuebonCacheHelper = new YuebonCacheHelper(); var vCode = yuebonCacheHelper.Get("ValidateCode" + vkey); string code = vCode != null?vCode.ToString() : "11"; if (vcode.ToUpper() != code) { result.ErrMsg = "验证码错误"; return(ToJsonContent(result)); } Log logEntity = new Log(); bool blIp = _filterIPService.ValidateIP(strIp); if (blIp) { result.ErrMsg = strIp + "该IP已被管理员禁止登录!"; } else { if (string.IsNullOrEmpty(username)) { result.ErrMsg = "用户名不能为空!"; } else if (string.IsNullOrEmpty(password)) { result.ErrMsg = "密码不能为空!"; } if (string.IsNullOrEmpty(systemCode)) { result.ErrMsg = ErrCode.err40006; } else { string strHost = Request.Host.ToString(); APP app = _appService.GetAPP(appId); if (app == null) { result.ErrCode = "40001"; result.ErrMsg = ErrCode.err40001; } else { if (!app.RequestUrl.Contains(strHost, StringComparison.Ordinal) && !strHost.Contains("localhost", StringComparison.Ordinal)) { result.ErrCode = "40002"; result.ErrMsg = ErrCode.err40002 + ",你当前请求主机:" + strHost; } else { SystemType systemType = _systemTypeService.GetByCode(systemCode); if (systemType == null) { result.ErrMsg = ErrCode.err40006; } else { Tuple <User, string> userLogin = await this._userService.Validate(username, password); if (userLogin != null) { string ipAddressName = IpAddressUtil.GetCityByIp(strIp); if (userLogin.Item1 != null) { result.Success = true; User user = userLogin.Item1; JwtOption jwtModel = App.GetService <JwtOption>(); TokenProvider tokenProvider = new TokenProvider(jwtModel); TokenResult tokenResult = tokenProvider.LoginToken(user, appId); YuebonCurrentUser currentSession = new YuebonCurrentUser { UserId = user.Id, Name = user.RealName, AccessToken = tokenResult.AccessToken, AppKey = appId, CreateTime = DateTime.Now, Role = _roleService.GetRoleEnCode(user.RoleId), ActiveSystemId = systemType.Id, CurrentLoginIP = strIp, IPAddressName = ipAddressName }; TimeSpan expiresSliding = DateTime.Now.AddMinutes(120) - DateTime.Now; yuebonCacheHelper.Add("login_user_" + user.Id, currentSession, expiresSliding, true); List <AllowCacheApp> list = yuebonCacheHelper.Get("AllowAppId").ToJson().ToList <AllowCacheApp>(); if (list.Count == 0) { IEnumerable <APP> appList = _appService.GetAllByIsNotDeleteAndEnabledMark(); yuebonCacheHelper.Add("AllowAppId", appList); } CurrentUser = currentSession; result.ResData = currentSession; result.ErrCode = ErrCode.successCode; result.Success = true; logEntity.Account = user.Account; logEntity.NickName = user.NickName; logEntity.Date = logEntity.CreatorTime = DateTime.Now; logEntity.IPAddress = CurrentUser.CurrentLoginIP; logEntity.IPAddressName = CurrentUser.IPAddressName; logEntity.Result = true; logEntity.ModuleName = "登录"; logEntity.Description = "登录成功"; logEntity.Type = "Login"; _logService.Insert(logEntity); } else { result.ErrCode = ErrCode.failCode; result.ErrMsg = userLogin.Item2; logEntity.Account = username; logEntity.Date = logEntity.CreatorTime = DateTime.Now; logEntity.IPAddress = strIp; logEntity.IPAddressName = ipAddressName; logEntity.Result = false; logEntity.ModuleName = "登录"; logEntity.Type = "Login"; logEntity.Description = "登录失败," + userLogin.Item2; _logService.Insert(logEntity); } } } } } } } yuebonCacheHelper.Remove("LoginValidateCode"); return(ToJsonContent(result, true)); }
public IActionResult SysConnect(string openmf, string appId, string systemCode) { CommonResult result = new CommonResult(); RemoteIpParser remoteIpParser = new RemoteIpParser(); string strIp = remoteIpParser.GetClientIp(HttpContext).MapToIPv4().ToString(); if (string.IsNullOrEmpty(openmf)) { result.ErrMsg = "切换参数错误!"; } bool blIp = _filterIPService.ValidateIP(strIp); if (blIp) { result.ErrMsg = strIp + "该IP已被管理员禁止登录!"; } else { string ipAddressName = IpAddressUtil.GetCityByIp(strIp); if (string.IsNullOrEmpty(systemCode)) { result.ErrMsg = ErrCode.err40006; } else { string strHost = Request.Host.ToString(); APP app = _appService.GetAPP(appId); if (app == null) { result.ErrCode = "40001"; result.ErrMsg = ErrCode.err40001; } else { if (!app.RequestUrl.Contains(strHost, StringComparison.Ordinal) && !strHost.Contains("localhost", StringComparison.Ordinal)) { result.ErrCode = "40002"; result.ErrMsg = ErrCode.err40002 + ",你当前请求主机:" + strHost; } else { SystemType systemType = _systemTypeService.GetByCode(systemCode); if (systemType == null) { result.ErrMsg = ErrCode.err40006; } else { YuebonCacheHelper yuebonCacheHelper = new YuebonCacheHelper(); object cacheOpenmf = yuebonCacheHelper.Get("openmf" + openmf); yuebonCacheHelper.Remove("openmf" + openmf); if (cacheOpenmf == null) { result.ErrCode = "40007"; result.ErrMsg = ErrCode.err40007; } else { User user = _userService.Get(cacheOpenmf.ToString()); if (user != null) { result.Success = true; JwtOption jwtModel = App.GetService <JwtOption>(); TokenProvider tokenProvider = new TokenProvider(jwtModel); TokenResult tokenResult = tokenProvider.LoginToken(user, appId); YuebonCurrentUser currentSession = new YuebonCurrentUser { UserId = user.Id, Name = user.RealName, AccessToken = tokenResult.AccessToken, AppKey = appId, CreateTime = DateTime.Now, Role = _roleService.GetRoleEnCode(user.RoleId), ActiveSystemId = systemType.Id, CurrentLoginIP = strIp, IPAddressName = ipAddressName, ActiveSystemUrl = systemType.Url }; TimeSpan expiresSliding = DateTime.Now.AddMinutes(120) - DateTime.Now; yuebonCacheHelper.Add("login_user_" + user.Id, currentSession, expiresSliding, true); CurrentUser = currentSession; result.ResData = currentSession; result.ErrCode = ErrCode.successCode; result.Success = true; } else { result.ErrCode = ErrCode.failCode; } } } } } } } return(ToJsonContent(result)); }
/// <summary> /// IoC初始化 /// </summary> /// <param name="services"></param> /// <returns></returns> private void InitIoC(IServiceCollection services) { #region 缓存 CacheProvider cacheProvider = new CacheProvider { IsUseRedis = Configuration.GetSection("CacheProvider:UseRedis").Value.ToBool(false), ConnectionString = Configuration.GetSection("CacheProvider:Redis_ConnectionString").Value, InstanceName = Configuration.GetSection("CacheProvider:Redis_InstanceName").Value }; var options = new JsonSerializerOptions(); options.Encoder = JavaScriptEncoder.Create(UnicodeRanges.All); options.WriteIndented = true; options.PropertyNamingPolicy = JsonNamingPolicy.CamelCase; options.AllowTrailingCommas = true; //设置时间格式 options.Converters.Add(new DateTimeJsonConverter()); options.Converters.Add(new DateTimeNullableConverter()); //设置bool获取格式 options.Converters.Add(new BooleanJsonConverter()); //设置数字 options.Converters.Add(new IntJsonConverter()); options.PropertyNamingPolicy = new UpperFirstCaseNamingPolicy(); options.PropertyNameCaseInsensitive = true; //忽略大小写 //判断是否使用Redis,如果不使用 Redis就默认使用 MemoryCache if (cacheProvider.IsUseRedis) { //Use Redis services.AddStackExchangeRedisCache(options => { options.Configuration = cacheProvider.ConnectionString; options.InstanceName = cacheProvider.InstanceName; }); services.AddSingleton(typeof(ICacheService), new RedisCacheService(new RedisCacheOptions { Configuration = cacheProvider.ConnectionString, InstanceName = cacheProvider.InstanceName }, options, 0)); services.Configure <DistributedCacheEntryOptions>(option => option.AbsoluteExpirationRelativeToNow = TimeSpan.FromMinutes(5));//设置Redis缓存有效时间为5分钟。 } else { //Use MemoryCache services.AddSingleton <IMemoryCache>(factory => { var cache = new MemoryCache(new MemoryCacheOptions()); return(cache); }); services.AddSingleton <ICacheService, MemoryCacheService>(); services.Configure <MemoryCacheEntryOptions>( options => options.AbsoluteExpirationRelativeToNow = TimeSpan.FromMinutes(5)); //设置MemoryCache缓存有效时间为5分钟 } services.AddTransient <MemoryCacheService>(); services.AddMemoryCache(); // 启用MemoryCache services.AddSingleton(cacheProvider); //注册缓存配置 #endregion #region 身份认证授权 var jwtConfig = Configuration.GetSection("Jwt"); var jwtOption = new JwtOption { Issuer = jwtConfig["Issuer"], Expiration = Convert.ToInt16(jwtConfig["Expiration"]), Secret = jwtConfig["Secret"], Audience = jwtConfig["Audience"], refreshJwtTime = Convert.ToInt16(jwtConfig["refreshJwtTime"]) }; services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;; }).AddJwtBearer(jwtBearerOptions => { jwtBearerOptions.TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtOption.Secret)),//秘钥 ValidateIssuer = true, ValidIssuer = jwtOption.Issuer, ValidateAudience = true, ValidAudience = jwtOption.Audience, ValidateLifetime = true, ClockSkew = TimeSpan.FromMinutes(5) }; }); services.AddSingleton(jwtOption);//注册配置 #endregion services.AddAutoScanInjection(); //自动化注入仓储和服务 services.AddTransient <IDbContextCore, MySqlDbContext>(); //注入EF上下文 #region automapper List <Assembly> myAssembly = RuntimeHelper.GetAllYuebonAssemblies().ToList(); services.AddAutoMapper(myAssembly); services.AddTransient <IMapper, Mapper>(); #endregion #region 定时任务 services.AddTransient <HttpResultfulJob>(); services.AddSingleton <ISchedulerFactory, StdSchedulerFactory>(); //设置定时启动的任务 services.AddHostedService <QuartzService>(); #endregion App.Services = services; }
public IActionResult OnLogin(string code) { CommonResult result = new CommonResult(); try { var jsonResult = SnsApi.JsCode2Json(WxOpenAppId, WxOpenAppSecret, code); if (jsonResult.errcode == ReturnCode.请求成功) { //使用SessionContainer管理登录信息(推荐) var unionId = jsonResult.unionid; var sessionBag = SessionContainer.UpdateSession(null, jsonResult.openid, jsonResult.session_key, unionId); //注意:生产环境下SessionKey属于敏感信息,不能进行传输! //return Json(new { success = true, msg = "OK", sessionId = sessionBag.Key, sessionKey = sessionBag.SessionKey }); YuebonCacheHelper yuebonCacheHelper = new YuebonCacheHelper(); //User user = userApp.GetUserByUnionId(unionId); User user = userService.GetUserByOpenId("yuebon.openid.wxapplet", jsonResult.openid); if (user == null) { UserInputDto userInput = new UserInputDto(); userInput.OpenId = jsonResult.openid; user.UnionId = jsonResult.unionid; userInput.OpenIdType = "yuebon.openid.wxapplet"; userInput.NickName = "游客"; userInput.UnionId = jsonResult.unionid; result.Success = userService.CreateUserByWxOpenId(userInput); } //针对老用户更新UnionId if (user != null && string.IsNullOrEmpty(user.UnionId)) { user.UnionId = jsonResult.unionid; result.Success = userService.Update(user, user.Id); } string userId = string.Empty; if (result.ResData != null) { userId = result.ResData.ToString(); } if (user == null) { user = userService.GetUserByOpenId("yuebon.openid.wxapplet", jsonResult.openid); } var currentSession = (YuebonCurrentUser)(yuebonCacheHelper.Get("login_user_" + userId)); if (currentSession == null || string.IsNullOrWhiteSpace(currentSession.AccessToken)) { JwtOption jwtModel = App.GetService <JwtOption>(); TokenProvider tokenProvider = new TokenProvider(jwtModel); TokenResult tokenResult = tokenProvider.LoginToken(user, "wxapplet"); currentSession = new YuebonCurrentUser { UserId = user.Id, Account = user.Account, Name = user.RealName, NickName = user.NickName, AccessToken = tokenResult.AccessToken, AppKey = "wxapplet", CreateTime = DateTime.Now, HeadIcon = user.HeadIcon, Gender = user.Gender, ReferralUserId = user.ReferralUserId, MemberGradeId = user.MemberGradeId, Role = roleService.GetRoleEnCode(user.RoleId), MobilePhone = user.MobilePhone, WxSessionId = sessionBag.Key }; TimeSpan expiresSliding = DateTime.Now.AddMinutes(120) - DateTime.Now; yuebonCacheHelper.Add("login_user_" + user.Id, currentSession, expiresSliding, true); } CurrentUser = currentSession; result.ResData = currentSession; //new AuthorizeApp().GetAccessedControls(user.Account); result.ErrCode = ErrCode.successCode; result.Success = true; } else { result.ErrCode = ErrCode.failCode; result.ErrMsg = jsonResult.errmsg; } } catch (Exception ex) { result.ErrMsg = ex.Message; } return(ToJsonContent(result)); }
public IActionResult QuikLogin(WxUserInfo info) { CommonResult result = new CommonResult(); try { if (info != null) { DecodedUserInfo decodedUserInfo = EncryptHelper.DecodeUserInfoBySessionId(info.SessionId, info.EncryptedData, info.Iv); UserInputDto userInput = new UserInputDto(); userInput.NickName = decodedUserInfo.nickName; userInput.HeadIcon = decodedUserInfo.avatarUrl; userInput.Gender = decodedUserInfo.gender; userInput.Country = decodedUserInfo.country; userInput.Province = decodedUserInfo.province; userInput.City = decodedUserInfo.city; userInput.language = info.language; userInput.OpenId = decodedUserInfo.openId; userInput.OpenIdType = "yuebon.openid.wxapplet"; userInput.ReferralUserId = info.ReferralUserId; userInput.UnionId = decodedUserInfo.unionId; User user = userService.GetUserByOpenId(userInput.OpenIdType, decodedUserInfo.openId); if (user == null) { result.Success = userService.CreateUserByWxOpenId(userInput); } else { result.Success = userService.UpdateUserByOpenId(userInput); } user = userService.GetUserByOpenId(info.openIdType, info.openId); if (user != null) { JwtOption jwtModel = App.GetService <JwtOption>(); TokenProvider tokenProvider = new TokenProvider(jwtModel); TokenResult tokenResult = tokenProvider.LoginToken(user, "wxapplet"); var currentSession = new YuebonCurrentUser { UserId = user.Id, Account = user.Account, Name = user.RealName, NickName = user.NickName, AccessToken = tokenResult.AccessToken, AppKey = "wxapplet", CreateTime = DateTime.Now, HeadIcon = user.HeadIcon, Gender = user.Gender, ReferralUserId = user.ReferralUserId, MemberGradeId = user.MemberGradeId, Role = roleService.GetRoleEnCode(user.RoleId) }; CurrentUser = currentSession; YuebonCacheHelper yuebonCacheHelper = new YuebonCacheHelper(); TimeSpan expiresSliding = DateTime.Now.AddMinutes(120) - DateTime.Now; yuebonCacheHelper.Add("login_user_" + user.Id, currentSession, expiresSliding, true); result.ErrCode = ErrCode.successCode; result.ResData = currentSession; result.Success = true; } else { result.ErrCode = ErrCode.failCode; } } }catch (Exception ex) { Log4NetHelper.Error("微信快速(一键)登录异常", ex); result.ErrMsg = "微信快速(一键)登录:" + ex.Message; result.ErrCode = ErrCode.failCode; } return(ToJsonContent(result)); }
public static IServiceCollection AddAuthService(this IServiceCollection services, JwtOption jwtOption) { services.AddSingleton <JwtSecurityTokenHandler>(); services.AddSingleton <IJwtService, JwtService>(); #region 注册【认证】服务 services.AddAuthentication(x => { x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(o => { o.TokenValidationParameters = new TokenValidationParameters { ValidIssuer = "RayPI", IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtOption.SecurityKey)), /***********************************TokenValidationParameters的参数默认值***********************************/ RequireSignedTokens = true, RequireExpirationTime = true, // SaveSigninToken = false, // ValidateActor = false, ValidateAudience = false, ValidateIssuer = true, ValidateIssuerSigningKey = true, // ClockSkew = TimeSpan.FromSeconds(300),// 允许的服务器时间偏移量 ValidateLifetime = true // 是否验证Token有效期,使用当前时间与Token的Claims中的NotBefore和Expires对比 }; o.Events = new JwtBearerEvents { OnAuthenticationFailed = context => { //Token expired if (context.Exception.GetType() == typeof(SecurityTokenExpiredException)) { context.Response.Headers.Add("Token-Expired", "true"); } return(Task.CompletedTask); } }; }); #endregion #region 注册【授权】服务 services.AddAuthorization(options => { options.AddPolicy(PolicyEnum.RequireRoleOfClient.ToString(), policy => policy.AddRequirements(new PolicyRequirement("Client"))); options.AddPolicy(PolicyEnum.RequireRoleOfAdmin.ToString(), policy => policy.AddRequirements(new PolicyRequirement("Admin"))); options.AddPolicy(PolicyEnum.RequireRoleOfAdminOrClient.ToString(), policy => policy.AddRequirements(new PolicyRequirement("Admin,Client"))); }); #endregion services.AddSingleton <IAuthorizationHandler, PolicyHandler>(); //注册IOperateInfo services.AddScoped <IOperateInfo, OperateInfo>(); return(services); }
public IActionResult LoginByOpenId(string openId) { CommonResult result = new CommonResult(); try { YuebonCacheHelper yuebonCacheHelper = new YuebonCacheHelper(); User user = userService.GetUserByOpenId("yuebon.openid.wxapplet", openId); if (user == null) { UserInputDto userInput = new UserInputDto(); userInput.OpenId = openId; userInput.OpenIdType = "yuebon.openid.wxapplet"; userInput.NickName = "游客"; result.Success = userService.CreateUserByWxOpenId(userInput); } string userId = string.Empty; if (result.ResData != null) { userId = result.ResData.ToString(); } if (user == null) { user = userService.GetUserByOpenId("yuebon.openid.wxapplet", openId); } var currentSession = (YuebonCurrentUser)yuebonCacheHelper.Get("login_user_" + user.Id); if (currentSession == null || string.IsNullOrWhiteSpace(currentSession.AccessToken)) { JwtOption jwtModel = App.GetService <JwtOption>(); TokenProvider tokenProvider = new TokenProvider(jwtModel); TokenResult tokenResult = tokenProvider.LoginToken(user, "wxapplet"); currentSession = new YuebonCurrentUser { UserId = user.Id, Account = user.Account, Name = user.RealName, NickName = user.NickName, AccessToken = tokenResult.AccessToken, AppKey = "wxapplet", CreateTime = DateTime.Now, HeadIcon = user.HeadIcon, Gender = user.Gender, ReferralUserId = user.ReferralUserId, MemberGradeId = user.MemberGradeId, Role = roleService.GetRoleEnCode(user.RoleId), MobilePhone = user.MobilePhone }; TimeSpan expiresSliding = DateTime.Now.AddMinutes(120) - DateTime.Now; yuebonCacheHelper.Add("login_user_" + user.Id, currentSession, expiresSliding, true); } CurrentUser = currentSession; result.ErrCode = ErrCode.successCode; result.Success = true; result.ResData = currentSession; //new AuthorizeApp().GetAccessedControls(user.Account); } catch (Exception ex) { Log4NetHelper.Error("微信登录异常 LoginByOpenId", ex); result.ErrMsg = "微信登录异常:" + ex.Message; result.ErrCode = ErrCode.successCode; } return(ToJsonContent(result)); }
/// <summary> /// 构造函数,初花jwtmodel /// </summary> /// <param name="jwtModel"></param> public TokenProvider(JwtOption jwtModel) { _jwtModel = jwtModel; }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { int a = 1; services.AddControllers(); //string datebaseconnectionstring = "Host=185.87.48.116;Database=postgres;Username=postgres;Password=123123"; string datebaseconnectionstring = Environment.GetEnvironmentVariable("datebaseconnectionstring"); services.AddTransient(x => { return(new MainContext(datebaseconnectionstring)); }); MainContext context = new MainContext(datebaseconnectionstring); JwtOption jwtOption = context.JwtOption.FirstOrDefault(); AuthOptions authOptions = new AuthOptions(jwtOption.Key, jwtOption.Issuer, jwtOption.Audience); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.RequireHttpsMetadata = false; options.TokenValidationParameters = new TokenValidationParameters { // укзывает, будет ли валидироваться издатель при валидации токена ValidateIssuer = true, // строка, представляющая издателя ValidIssuer = authOptions.ISSUER, // будет ли валидироваться потребитель токена ValidateAudience = true, // установка потребителя токена ValidAudience = authOptions.AUDIENCE, // будет ли валидироваться время существования ValidateLifetime = true, // установка ключа безопасности IssuerSigningKey = authOptions.GetSymmetricSecurityKey(), // валидация ключа безопасности ValidateIssuerSigningKey = true, }; }); services.AddTransient <IContentService, ContentService>(); services.AddTransient <ICategoryService, CategoryService>(); services.AddTransient <IGroupService, GroupService>(); services.AddTransient <ISourceService, SourceService>(); services.AddTransient <IUserCredentialService, UserCredentialService>(); services.AddAuthorizationCore(options => { options.AddPolicy("AdminRole", policy => policy.Requirements.Add(new RoleEntryRequirement(1))); }); services.AddSingleton <IAuthorizationHandler, RoleEntryHandler>(); var mapperConfig = new MapperConfiguration(mc => { mc.AddProfile(new MappingProfile()); }); IMapper mapper = mapperConfig.CreateMapper(); services.AddSingleton(mapper); services.AddSwaggerGen(); }
public UserService(LolaFloraDbContext dbContext, IOptions <JwtOption> jwtOptionSetting) : base(dbContext) { _jwtOption = jwtOptionSetting.Value; }
/// <summary> /// IoC初始化 /// </summary> /// <param name="services"></param> /// <returns></returns> private IServiceProvider InitIoC(IServiceCollection services) { services.TryAddSingleton <IHttpContextAccessor, HttpContextAccessor>(); services.AddMemoryCache(); CacheProvider cacheProvider = new CacheProvider { IsUseRedis = Configuration.GetSection("CacheProvider:UseRedis").Value.ToBool(false), ConnectionString = Configuration.GetSection("CacheProvider:Redis_ConnectionString").Value, InstanceName = Configuration.GetSection("CacheProvider:Redis_InstanceName").Value }; //判断是否使用Redis,如果不使用 Redis就默认使用 MemoryCache if (cacheProvider.IsUseRedis) { //Use Redis services.AddStackExchangeRedisCache(options => { options.Configuration = cacheProvider.ConnectionString; options.InstanceName = cacheProvider.InstanceName; }); services.AddSingleton(typeof(ICacheService), new RedisCacheService(new RedisCacheOptions { Configuration = cacheProvider.ConnectionString, InstanceName = cacheProvider.InstanceName }, 0)); } else { //Use MemoryCache services.AddSingleton <IMemoryCache>(factory => { var cache = new MemoryCache(new MemoryCacheOptions()); return(cache); }); services.AddSingleton <ICacheService, MemoryCacheService>(); } var jwtConfig = Configuration.GetSection("Jwt"); var jwtOption = new JwtOption { Issuer = jwtConfig["Issuer"], Expiration = Convert.ToInt16(jwtConfig["Expiration"]), Secret = jwtConfig["Secret"], Audience = jwtConfig["Audience"], refreshJwtTime = Convert.ToInt16(jwtConfig["refreshJwtTime"]) }; services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;; }).AddJwtBearer(jwtBearerOptions => { jwtBearerOptions.TokenValidationParameters = new TokenValidationParameters { //NameClaimType = JwtClaimTypes.Name, //RoleClaimType = JwtClaimTypes.Role, ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtOption.Secret)),//秘钥 ValidateIssuer = true, ValidIssuer = jwtOption.Issuer, ValidateAudience = true, ValidAudience = jwtOption.Audience, ValidateLifetime = true, ClockSkew = TimeSpan.FromMinutes(5) }; }); IoCContainer.Register(cacheProvider); //注册缓存配置 IoCContainer.Register(Configuration); //注册配置 IoCContainer.Register(jwtOption); //注册配置 services.AddScoped(typeof(SSOAuthHelper)); services.AddScoped(typeof(AuthHelper)); IoCContainer.Register("Yuebon.Commons"); IoCContainer.Register("Yuebon.AspNetCore"); IoCContainer.Register("Yuebon.Security.Core"); IoCContainer.Register("Yuebon.Messages.Core"); IoCContainer.RegisterNew("Yuebon.Security.Core", "Yuebon.Security"); IoCContainer.RegisterNew("Yuebon.Messages.Core", "Yuebon.Messages"); List <Assembly> myAssembly = new List <Assembly>(); myAssembly.Add(Assembly.Load("Yuebon.Security.Core")); myAssembly.Add(Assembly.Load("Yuebon.Messages.Core")); services.AddAutoMapper(myAssembly); services.AddScoped <IMapper, Mapper>(); return(IoCContainer.Build(services)); }
public RefreshTokenFactory(IOptions <JwtOption> jwtOption) { _jwtOption = jwtOption.Value; }