Пример #1
0
        private void ReadLocal()
        {
            TextAsset txt = CoreEntry.gResLoader.LoadTextAsset("Data/Bulletin", SenLib.AssetType.Csv);

            if (null != txt)
            {
                mData = txt.text;
                if (!string.IsNullOrEmpty(mData))
                {
                    string md5Code = Md5Tool.Md5Sum(mData);
                    string oldCode = PlayerPrefs.GetString("NotieMd5", "");
                    isNew = !md5Code.Equals(oldCode);
                    PlayerPrefs.SetString("NotieMd5", md5Code);
                }
                else
                {
                    isNew = false;
                    PlayerPrefs.SetString("NotieMd5", "");
                }
            }
            else
            {
                isNew = false;
                PlayerPrefs.SetString("NotieMd5", "");
            }
        }
Пример #2
0
        public async Task <IHttpActionResult> Post([FromBody] UserLoginModel model)
        {
            IUserRepository userRepository = _uow.GetRepository <IUserRepository>();
            string          hash           = Md5Tool.CreateUtf8Hash(model.Password);
            dynamic         user           = await userRepository.GetQueryable().AsNoTracking().Include(x => x.UserRoles.Select(y => y.Role)).Where(x => x.UserName == model.UserName && x.Password == hash).Select(x => new
            {
                x.UserName,
                Roles = x.UserRoles.Select(y => y.Role.Name)
            }).FirstOrDefaultAsync();

            if (user != null)
            {
                string secretKey       = ConfigurationManager.AppSettings["SecretKey"];
                double tokenExpiration = double.Parse(ConfigurationManager.AppSettings["TokenExpirationMinutes"]);
                string token           = new CustomJwtAuthorizationProvider().GenerateToken(secretKey, user.UserName, user.Roles, tokenExpiration);
                return(Ok(new
                {
                    access_token = token,
                    token_type = "bearer",
                    expires_in = TimeSpan.FromMinutes(tokenExpiration).TotalSeconds
                }));
            }

            return(Unauthorized());
        }
Пример #3
0
        public void WriteBulletin(string content)
        {
            string md5Code = "";

            if (content.StartsWith(BundleCommon.BaseUrl + "\r\n"))
            {
                mData   = content.Replace(BundleCommon.BaseUrl + "\r\n", "");
                md5Code = Md5Tool.Md5Sum(mData);
            }
            else if (content.StartsWith(BundleCommon.BaseUrl + "\n"))
            {
                mData   = content.Replace(BundleCommon.BaseUrl + "\n", "");
                md5Code = Md5Tool.Md5Sum(mData);
            }
            else if (content.StartsWith(BundleCommon.BaseUrl + "\r"))
            {
                mData   = content.Replace(BundleCommon.BaseUrl + "\r", "");
                md5Code = Md5Tool.Md5Sum(mData);
            }

            string oldCode = PlayerPrefs.GetString("NotieMd5", "");

            if (string.IsNullOrEmpty(md5Code))
            {
                isNew = false;
                PlayerPrefs.SetString("NotieMd5", "");
            }
            else
            {
                isNew = !md5Code.Equals(oldCode);
                PlayerPrefs.SetString("NotieMd5", md5Code);
            }
        }
Пример #4
0
        public override void OnAuthorization(HttpActionContext actionContext)
        {
            AuthenticationHeaderValue authRequest = actionContext.Request.Headers.Authorization;

            if (authRequest != null && authRequest.Scheme.Equals("basic", StringComparison.OrdinalIgnoreCase))
            {
                string token = authRequest.Parameter;
                if (!string.IsNullOrEmpty(token))
                {
                    string decodedToken = Encoding.UTF8.GetString(Convert.FromBase64String(token));
                    string username     = decodedToken.Substring(0, decodedToken.IndexOf(":", StringComparison.Ordinal));
                    string password     = decodedToken.Substring(decodedToken.IndexOf(":", StringComparison.Ordinal) + 1);
                    if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
                    {
                        IUserRepository userRepository = _uow.GetRepository <IUserRepository>();
                        string          hash           = Md5Tool.CreateUtf8Hash(password);
                        dynamic         user           = userRepository.GetQueryable().AsNoTracking().Include(x => x.UserRoles.Select(y => y.Role)).Where(x => x.UserName == username && x.Password == hash).Select(x => new
                        {
                            x.UserName,
                            Roles = x.UserRoles.Select(y => y.Role.Name)
                        }).FirstOrDefault();
                        if (user != null)
                        {
                            IList <Claim> claims = new List <Claim>
                            {
                                new Claim(ClaimTypes.Name, user.UserName),
                                new Claim(ClaimTypes.NameIdentifier, user.UserName)
                            };
                            AuthorizeAttribute authorizeAttribute = actionContext.ActionDescriptor
                                                                    .GetCustomAttributes <AuthorizeAttribute>(true)
                                                                    .FirstOrDefault();
                            if (authorizeAttribute != null)
                            {
                                string[] roles = authorizeAttribute.Roles.Split(',');
                                foreach (string role in roles)
                                {
                                    if (user.Roles.Contains(role))
                                    {
                                        claims.Add(new Claim(ClaimTypes.Role, role));
                                    }
                                }
                            }

                            actionContext.RequestContext.Principal =
                                new ClaimsPrincipal(new ClaimsIdentity(claims, "Basic"));
                        }
                    }
                }
            }

            //actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
            base.OnAuthorization(actionContext);
        }
        public async Task <IHttpActionResult> Register([FromBody] UserRegisterModel model)
        {
            IUserRepository userRepository = _uow.GetRepository <IUserRepository>();
            User            user           = new User
            {
                UserName = model.UserName,
                Email    = model.Email,
                Password = Md5Tool.CreateUtf8Hash(model.Password)
            };

            userRepository.Add(user);
            await _uow.CommitAsync();

            return(Ok());
        }
Пример #6
0
        public override void OnHandlerMessage(OperationRequest request, OperationResponse response, ClientPeer peer)
        {
            User userClient = ParameterTool.GetParameter <User>(request.Parameters, ParameterCode.Register);
            User userServer = manager.GetUserByUsername(userClient.Username);

            if (userServer != null)  //用户名重复
            {
                response.ReturnCode   = (short)ReturnCode.Failure;
                response.DebugMessage = "用户名重复";
            }
            else  //存入数据库
            {
                userClient.Password = Md5Tool.GetMd5(userClient.Password);  //md5加密
                manager.AddUser(userClient);
                peer.LoginUser      = userClient;
                response.ReturnCode = (short)ReturnCode.Success;
            }
        }
Пример #7
0
        public override void OnHandlerMessage(OperationRequest request, OperationResponse response, ClientPeer peer)
        {
            User userClient = ParameterTool.GetParameter <User>(request.Parameters, ParameterCode.Login);
            User userServer = manager.GetUserByUsername(userClient.Username);

            if (userServer != null && Md5Tool.GetMd5(userClient.Password) == userServer.Password)  //登录成功
            {
                //数据库存在用户
                //md5加密过后的客户端密码与数据库的密码比较
                response.ReturnCode = (short)ReturnCode.Success;
                peer.LoginUser      = userServer; //保存当前用户
            }
            else  //登录失败
            {
                response.ReturnCode   = (short)ReturnCode.Failure;
                response.DebugMessage = "用户名或者密码错误";
            }
        }
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
            IUserRepository userRepository = _uow.GetRepository <IUserRepository>();
            string          hash           = Md5Tool.CreateUtf8Hash(context.Password);
            dynamic         user           = await userRepository.GetQueryable().AsNoTracking().Include(x => x.UserRoles.Select(y => y.Role)).Where(x => x.UserName == context.UserName && x.Password == hash).Select(x => new
            {
                x.UserName,
                Roles = x.UserRoles.Select(y => y.Role.Name)
            }).FirstOrDefaultAsync();

            if (user != null)
            {
                ClaimsIdentity identity = new ClaimsIdentity(context.Options.AuthenticationType);
                //identity.AddClaim(new Claim("sub", user.UserName));
                identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
                identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.UserName));
                foreach (string role in user.Roles)
                {
                    identity.AddClaim(new Claim(ClaimTypes.Role, role));
                }

                AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties
                {
                    AllowRefresh = true,
                    IsPersistent = true,
                    IssuedUtc    = DateTimeOffset.Now,
                    ExpiresUtc   = DateTimeOffset.Now.AddMinutes(double.Parse(ConfigurationManager.AppSettings["TokenExpirationMinutes"]))
                });
                context.Validated(ticket);
            }
            else
            {
                context.Rejected();
                //context.SetError("invalid_grant", "The user name or password is incorrect.");
            }
        }
Пример #9
0
        void file_post()
        {
            string uid         = Request.Headers["uid"];
            string f_id        = Request.Headers["id"];
            string lenSvr      = Request.Headers["lenSvr"];     //已传大小
            string lenLoc      = Request.Headers["lenLoc"];     //本地文件大小
            string blockOffset = Request.Headers["blockOffset"];
            string blockSize   = Request.Headers["blockSize"];  //当前块大小
            string blockIndex  = Request.Headers["blockIndex"]; //当前块索引,基于1
            string blockMd5    = Request.Headers["blockMd5"];   //块MD5
            string complete    = Request.Headers["complete"];   //true/false
            string pathSvr     = Request.Form["pathSvr"];       //add(2015-03-19):

            pathSvr = HttpUtility.UrlDecode(pathSvr);

            if (this.head_val_null_empty("lenLoc, uid, id, blockOffset"))
            {
                return;
            }

            if (Request.Files.Count < 1)
            {
                PageTool.to_content("file is empty");

                return;
            }

            bool           verify = false;
            string         msg    = string.Empty;
            string         md5Svr = string.Empty;
            HttpPostedFile file   = Request.Files.Get(0);//文件块

            //计算文件块MD5
            if (!string.IsNullOrEmpty(blockMd5))
            {
                md5Svr = Md5Tool.calc(file.InputStream);
            }

            //文件块大小验证
            verify = int.Parse(blockSize) == file.InputStream.Length;
            if (!verify)
            {
                msg = "block size error sizeSvr:" + file.InputStream.Length + " sizeLoc:" + blockSize;
            }

            //块MD5验证
            if (verify && !string.IsNullOrEmpty(blockMd5))
            {
                verify = md5Svr == blockMd5;
                if (!verify)
                {
                    msg = "block md5 error";
                }
            }

            if (verify)
            {
                //2.0保存文件块数据
                FileBlockWriter res = new FileBlockWriter();
                res.make(pathSvr, Convert.ToInt64(lenLoc));
                res.write(pathSvr, Convert.ToInt64(blockOffset), ref file);
                up6_biz_event.file_post_block(f_id, Convert.ToInt32(blockIndex));

                //生成信息
                JObject o = new JObject();
                o["msg"]    = "ok";
                o["md5"]    = md5Svr;      //文件块MD5
                o["offset"] = blockOffset; //偏移
                msg         = JsonConvert.SerializeObject(o);
            }
            PageTool.to_content(msg);
        }
        public void InitializeDatabase(SchoolExpressDbContext context)
        {
            if (!context.Database.Exists())
            {
                return;
            }

            IList <AuthorizeAttribute> authorizeAttributes = Assembly.GetExecutingAssembly().GetTypes()
                                                             .Where(type => typeof(ApiController).IsAssignableFrom(type))
                                                             .SelectMany(type => type.GetMethods())
                                                             .Where(method => method.IsPublic && method.IsDefined(typeof(AuthorizeAttribute), true))
                                                             .Select(m => m.GetCustomAttributes(typeof(AuthorizeAttribute), true).First() as AuthorizeAttribute).ToList();

            string[] controllerRoles = authorizeAttributes.Select(a => a.Roles).Distinct().ToArray();

            DbSet <User> userDbSet = context.Set <User>();
            User         user      = userDbSet.FirstOrDefault(x => x.UserName == "admin");

            if (user == null)
            {
                user = new User
                {
                    UserName = "******",
                    Email    = "*****@*****.**",
                    Password = Md5Tool.CreateUtf8Hash("admin123")
                };
                userDbSet.Add(user);
                context.SaveChanges();
            }

            DbSet <Role>     roleDbSet     = context.Set <Role>();
            DbSet <UserRole> userRoleDbSet = context.Set <UserRole>();

            string[] existingRoles = userRoleDbSet.AsNoTracking().Include(x => x.Role).Where(x => x.UserId == user.Id).Select(x => x.Role.Name).ToArray();

            foreach (string roleName in controllerRoles)
            {
                bool exist = false;
                Role role  = new Role {
                    Name = roleName
                };

                foreach (string existingRole in existingRoles)
                {
                    if (existingRole == roleName)
                    {
                        exist = true;
                        break;
                    }
                }

                if (!exist)
                {
                    roleDbSet.Add(role);
                    context.SaveChanges();
                    context.Entry(role).State = EntityState.Detached;
                }

                if (!existingRoles.Contains(roleName))
                {
                    //int roleId = roleDbSet.AsNoTracking().Where(x => x.Name == roleName).Select(x => x.Id).First();
                    UserRole userRole = new UserRole
                    {
                        UserId = user.Id,
                        RoleId = role.Id
                    };
                    userRoleDbSet.Add(userRole);
                    context.SaveChanges();
                    context.Entry(userRole).State = EntityState.Detached;
                }
            }

            foreach (string existingRoleName in existingRoles)
            {
                bool exist = false;
                foreach (string roleName in controllerRoles)
                {
                    if (existingRoleName == roleName)
                    {
                        exist = true;
                        break;
                    }
                }

                if (!exist)
                {
                    Role role = roleDbSet.AsNoTracking().FirstOrDefault(x => x.Name == existingRoleName);
                    if (role != null)
                    {
                        UserRole userRole = new UserRole
                        {
                            UserId = user.Id,
                            RoleId = role.Id
                        };

                        userRoleDbSet.Attach(userRole);
                        userRoleDbSet.Remove(userRole);
                        context.SaveChanges();
                        context.Entry(userRole).State = EntityState.Detached;

                        roleDbSet.Attach(role);
                        roleDbSet.Remove(role);
                        context.SaveChanges();
                        context.Entry(role).State = EntityState.Detached;
                    }
                }
            }
        }
Пример #11
0
        /// <summary>
        /// 只负责拼接文件块。将接收的文件块数据写入到文件中。
        /// 更新记录:
        ///		2012-04-12 更新文件大小变量类型,增加对2G以上文件的支持。
        ///		2012-04-18 取消更新文件上传进度信息逻辑。
        ///		2012-10-30 增加更新文件进度功能。
        ///		2015-03-19 文件路径由客户端提供,此页面不再查询文件在服务端的路径。减少一次数据库访问操作。
        ///     2016-03-31 增加文件夹信息字段
        ///     2017-07-11 优化参数检查逻辑
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        protected void Page_Load(object sender, EventArgs e)
        {
            string uid         = this.headString("uid");
            string f_id        = this.headString("id");
            string lenSvr      = this.headString("lenSvr");     //已传大小
            string lenLoc      = this.headString("lenLoc");     //本地文件大小
            string blockOffset = this.headString("blockOffset");
            string blockSize   = this.headString("blockSize");  //当前块大小
            string blockIndex  = this.headString("blockIndex"); //当前块索引,基于1
            string blockMd5    = this.headString("blockMd5");   //块MD5
            string complete    = this.headString("complete");   //true/false
            string pathSvr     = Request.Form["pathSvr"];       //
            string pathLoc     = string.Empty;
            string token       = this.headString("token");      //

            pathSvr = Server.UrlDecode(pathSvr);

            if (!this.safe_check(lenLoc, uid, f_id, blockOffset, pathSvr))
            {
                return;
            }


            //有文件块数据
            if (Request.Files.Count > 0)
            {
                bool           verify = false;
                string         msg    = string.Empty;
                string         md5Svr = string.Empty;
                HttpPostedFile file   = Request.Files.Get(0);//文件块
                var            stm    = file.InputStream;
                var            stmLen = int.Parse(blockSize);
                pathLoc = file.FileName;

                //加密
                ConfigReader cr      = new ConfigReader();
                var          sec     = cr.module("path");
                var          encrypt = (bool)sec.SelectToken("$.security.encrypt");
                if (encrypt)
                {
                    CryptoTool ct = new CryptoTool();
                    pathSvr = ct.decode(pathSvr);
                    stm     = ct.decode(file.InputStream, int.Parse(blockSize));
                }

                //token验证
                WebSafe ws      = new WebSafe();
                FileInf fileSvr = new FileInf();
                fileSvr.id      = f_id;
                fileSvr.pathLoc = file.FileName;
                fileSvr.pathSvr = pathSvr;
                FileInfo fi = new FileInfo(pathLoc);
                fileSvr.nameLoc = fi.Name;
                verify          = ws.validToken(token, fileSvr, "block");
                //token验证失败
                if (!verify)
                {
                    msg = string.Format("token error loc:{0}", token);
                }

                //计算文件块MD5
                if (!string.IsNullOrEmpty(blockMd5))
                {
                    md5Svr = Md5Tool.calc(stm);
                }

                //文件块大小验证
                if (verify)
                {
                    verify = int.Parse(blockSize) == stm.Length;
                }
                if (!verify)
                {
                    msg = "block size error sizeSvr:" + stm.Length + " sizeLoc:" + blockSize;
                }

                //块MD5验证
                if (verify && !string.IsNullOrEmpty(blockMd5))
                {
                    verify = md5Svr == blockMd5;
                    if (!verify)
                    {
                        msg = "block md5 error";
                    }
                }

                if (verify)
                {
                    PathBuilder pb = new PathBuilder();
                    pathSvr = pb.relToAbs(pathSvr);
                    //2.0保存文件块数据
                    FileBlockWriter res = new FileBlockWriter();
                    res.make(pathSvr, Convert.ToInt64(lenLoc));
                    res.write(pathSvr, Convert.ToInt64(blockOffset), stm);
                    up6_biz_event.file_post_block(f_id, Convert.ToInt32(blockIndex));

                    //生成信息
                    JObject o = new JObject();
                    o["msg"]    = "ok";
                    o["md5"]    = md5Svr;      //文件块MD5
                    o["offset"] = blockOffset; //偏移
                    msg         = JsonConvert.SerializeObject(o);
                }
                this.toContentJson(msg);
            }
        }