/// <summary> /// 判断是否登录 /// </summary> /// <param name="user"></param> /// <param name="errorMessage"></param> /// <returns>True:已登录;</returns> private bool IsLogin(out User user, out string errorMessage) { user = null; //检验用户token int?userId; if (!TokenHelp.VerifyUserToken(Current.UserToken, out userId, out errorMessage)) { return(false); } //记录当前用户Id Current.UserId = userId; //未获取到当前用户 if (!Current.UserId.HasValue || (Current.UserId.HasValue && Current.UserId.Value == 0)) { return(false); } user = ServiceHelp.GetUserService.GetById(userId.Value); if (user == null) { return(false); } Current.UserJson = user.ToJsonString(); //有效的用户token 延长token有效期 Current.IsUserTokenExtensionTime = true; return(true); }
/// <summary> /// 方法执行前 /// 判断用户是否为管理角色,不是则抛出异常 /// </summary> /// <param name="context"></param> public void OnActionExecuting(ActionExecutingContext context) { #region 记录API调用及响应时长等 var stopwach = new Stopwatch(); stopwach.Start(); context.RouteData.Values.Add(DURATION, stopwach); #endregion #region 权限验证 //获得Controller类型 Type t = context.Controller.GetType(); //获得方法名 string actionname = context.RouteData.Values["action"].ToString(); var headers = context.HttpContext.Request.Headers; string errorMessage = string.Empty; //判断是否需要检查访问token及其它校验 if (IsHaveVisitToken(actionname, t)) { #region 访问token的校验 //检测是否包含'Authorization'请求头,如果不包含返回context进行下一个中间件,用于访问不需要认证的API if (!headers.ContainsKey("Authorization")) { context.Result = new JsonResult(HttpResult.NotAuth); return; } var tokenStr = headers["Authorization"]; string jwtStr = tokenStr.ToString().Substring("Bearer ".Length).Trim(); if (!TokenHelp.VerifyVisitToken(jwtStr, false, out errorMessage)) { context.Result = new JsonResult(HttpResult.NotAuth); return; } //_logger.LogInformation($"{context.HttpContext.Request.Path.ToUriComponent()}--error--{errorMessage}"); //_logger.LogInformation($"{context.HttpContext.Request.Path.ToUriComponent()}--Authorization--{tokenStr}"); //var a = TokenHelp.ReadVisitTokenByTokenStr(jwtStr); //_logger.LogInformation($"{context.HttpContext.Request.Path.ToUriComponent()}--tokenTO--{a.To}"); //_logger.LogInformation($"{context.HttpContext.Request.Path.ToUriComponent()}--CurrentVisitToKey--{Current.VisitToKey}"); //_logger.LogInformation($"{context.HttpContext.Request.Path.ToUriComponent()}--ConfigVisitTos--{Config.VisitTos.ToJsonString()}"); #endregion #region 用户token的校验 //存储当前访问的用户token if (headers.ContainsKey("UserToken")) { Current.UserToken = headers["UserToken"]; #region 只要有UserToken就记录当前访问用户,失败不影响 try { int? userId; User user; string err; if (TokenHelp.VerifyUserToken(Current.UserToken, out userId, out err)) { //记录当前用户Id Current.UserId = userId; //未获取到当前用户 if (Current.UserId.HasValue && Current.UId > 0) { user = ServiceHelp.GetUserService.GetById(Current.UId); Current.UserJson = user.ToJsonString(); } } } catch (Exception) { } #endregion } else { Current.UserToken = string.Empty; } //判断是否需要检验登录 if (IsCheckLogin(t, actionname)) { User user; //判断是否登录 if (!IsLogin(out user, out errorMessage)) { context.Result = new JsonResult(HttpResult.AginLogin(null, errorMessage)); return; } } //是否有权限 if (!IsHaveAuthorize(actionname, t, out errorMessage)) { context.Result = new JsonResult(HttpResult.NotAuth); return; } if (!string.IsNullOrWhiteSpace(errorMessage)) { context.Result = new JsonResult(HttpResult.AginLogin(new { }, errorMessage)); } #endregion } #endregion //成功访问 }
/// <summary> /// 方法执行前 /// 判断用户是否为管理角色,不是则抛出异常 /// </summary> /// <param name="context"></param> public void OnActionExecuting(ActionExecutingContext context) { #region 记录API调用及响应时长等 var stopwach = new Stopwatch(); stopwach.Start(); context.RouteData.Values.Add(DURATION, stopwach); #endregion #region 权限验证 //获得Controller类型 Type t = context.Controller.GetType(); //获得方法名 string actionname = context.RouteData.Values["action"].ToString(); var headers = context.HttpContext.Request.Headers; string errorMessage = string.Empty; //判断是否需要检查访问token及其它校验 if (IsHaveVisitToken(actionname, t)) { #region 访问token的校验 //检测是否包含'Authorization'请求头,如果不包含返回context进行下一个中间件,用于访问不需要认证的API if (!headers.ContainsKey("Authorization")) { context.Result = new JsonResult(HttpResult.NotAuth); return; } var tokenStr = headers["Authorization"]; string jwtStr = tokenStr.ToString().Substring("Bearer ".Length).Trim(); if (!TokenHelp.VerifyVisitToken(jwtStr, false, out errorMessage)) { context.Result = new JsonResult(HttpResult.NotAuth); return; } #endregion #region 用户token的校验 //存储当前访问的用户token if (headers.ContainsKey("UserToken")) { Current.UserToken = headers["UserToken"]; } else { Current.UserToken = string.Empty; } //判断是否需要检验登录 if (IsCheckLogin(t, actionname)) { User user; //判断是否登录 if (!IsLogin(out user, out errorMessage)) { context.Result = new JsonResult(HttpResult.AginLogin(null, errorMessage)); return; } } //是否有权限 if (!IsHaveAuthorize(actionname, t, out errorMessage)) { context.Result = new JsonResult(HttpResult.NotAuth); return; } if (!string.IsNullOrWhiteSpace(errorMessage)) { context.Result = new JsonResult(HttpResult.AginLogin(new { }, errorMessage)); } #endregion } #endregion //成功访问 }
/// <summary> /// 方法执行后 /// </summary> /// <param name="context"></param> public void OnActionExecuted(ActionExecutedContext context) { //_logger.LogInformation("START--记录开始"); #region 记录API调用及响应时长等 Stopwatch stopwach = context.RouteData.Values[DURATION] as Stopwatch; stopwach.Stop(); var dt = DateTime.Now; TimeSpan time = stopwach.Elapsed; //记录访问 var a = time.TotalSeconds; #region 异步记录api访问 LogAPI log = new LogAPI(); HttpRequest request = context.HttpContext.Request; log.BrowserType = request.Headers["User-Agent"]; log.ElapsedTime = a; log.EndTime = dt; log.ExceptionInfo = context.Exception?.Message; log.HttpMethod = request.Method; log.LogLevel = context.Exception != null? Enums.LogLevel.Error: Enums.LogLevel.Info; string from = ""; //获得Controller类型 Type t = context.Controller.GetType(); //获得方法名 string actionname = context.RouteData.Values["action"].ToString(); //_logger.LogInformation($"{context.HttpContext.Request.Path.ToUriComponent()}--END--CurrentVisitToKey--{Current.VisitToKey}"); //_logger.LogInformation($"{context.HttpContext.Request.Path.ToUriComponent()}--END--ConfigVisitTos--{Config.VisitTos.ToJsonString()}"); if (IsHaveVisitToken(actionname, t)) { try { from = Config.VisitTos[Current.VisitToKey]; } catch (Exception) { from = Current.VisitToKey; } } log.From = from; StringBuilder rp = new StringBuilder(); #region 获取请求参数 if (request.Method.ToLower().AsStrs(new string[] { "put", "post" })) { try { request.Body.Seek(0, SeekOrigin.Begin); using (var reader = new StreamReader(request.Body, Encoding.UTF8)) { var param = reader.ReadToEnd(); rp.Append(param); } request.Body.Seek(0, SeekOrigin.Begin); } catch (Exception) { } if (request.Query != null && request.Query.Count > 0) { bool isHave = false;//是否已有数据 if (rp.Length > 0) { isHave = true; rp.Insert(0, "{\"Body\":"); rp.Append("},\"Query\":"); } rp.Append("{"); foreach (var item in request.Query.Keys) { rp.Append($"\"{item}\":\"{request.Query[item]}\","); } rp.Append("}"); if (isHave) { rp.Append("}"); } } } else if (request.Query != null && request.Query.Count > 0) { rp.Append("{"); foreach (var item in request.Query.Keys) { rp.Append($"\"{item}\":\"{request.Query[item]}\","); } rp.Append("}"); } #endregion log.RequestParameter = rp.ToString().Replace(",}", "}"); try { log.ResponseParameter = context.Result == null ? "" : context.Result.ToJsonString(); } catch (Exception) { log.ResponseParameter = ""; } log.ServiceIP = request.HttpContext.Connection.LocalIpAddress.MapToIPv4().ToString() + ":" + request.HttpContext.Connection.LocalPort; log.StartTime = dt - time; log.Url = request.Path.ToUriComponent(); log.UserId = Current.UserId.HasValue?Current.UserId.Value:0; log.UserIP = context.HttpContext?.Connection.RemoteIpAddress.ToString(); log.UserName = Current.UserJson.JsonToModelOrDefault <User>().Name; try { var config = ConfigurationBussiness.Init.Get(null); if (config != null && config.IsWriteAPILog) { Task task = ServiceHelp.GetLogService.WriteApiLogAsync(log); } } catch (Exception) { Task task = ServiceHelp.GetLogService.WriteApiLogAsync(log); } #endregion #endregion #region 延长UserToken的过期时间 if (Current.UserId.HasValue && !string.IsNullOrWhiteSpace(Current.UserToken) && Current.IsUserTokenExtensionTime) { //微信小程序延长30小时 if (!string.IsNullOrWhiteSpace(Current.VisitToKey) && Current.VisitToKey == "yvan-wechat-little") { var task1 = TokenHelp.ExtensionTimeToHoursAsync(Current.UserId.Value, Current.UserToken); } else { var task1 = TokenHelp.ExtensionTimeAsync(Current.UserId.Value, Current.UserToken); } } #endregion //清空登录的数据 if (context.Exception == null) { Current.Clear(); } //_logger.LogInformation("END--异步记录api访问结束"); }
public ActionResult Get(string key) { string token = TokenHelp.WriteVisitToken(key); return(new JsonResult(HttpResult.Success(new { Token = token }))); }