/// <summary>
/// token解密获取用户身份
/// </summary>
/// <returns></returns>
private TokenUserInfo GetCurrentUserFromToken()
{
if (currentHttpContext == null)
{
return(null);
}
var author = currentHttpContext.Request.Headers["Authorization"];
//var sysCode = _httpContext.Request.Query["SysCode"];
if (string.IsNullOrWhiteSpace(author) || !author.FirstOrDefault().Contains("Bearer")) //|| sysCode.ToString().IsNullOrWhiteSpace())
{
return(null);
}
var token = author.ToString().Substring("Bearer".Length).Trim();
List <string> list;
//token校验不通过或者token过期
if (!SSOHelper.IsTokenValid(token, out list) ||
Convert.ToDateTime(list[4]).AddMinutes(ConfigService.TokenOverTime) < DateTime.Now)
{
return(null);
}
//解析token获取用户信息
var tokenUserInfo = new TokenUserInfo {
UserID = Convert.ToInt32(list[0]), AccountName = list[1], UserName = list[2], IP = list[3], Token = token
};
return(tokenUserInfo);
}
public void OnActionExecuting(ActionExecutingContext context)
{
var author = context.HttpContext.Request.Headers["Authorization"];
var param = context.HttpContext.Request.GetRequestParam().JsonToObj <RequestBase>();
//author为空或不以bearer开头
if (string.IsNullOrWhiteSpace(author) || !author.FirstOrDefault().Contains("Bearer"))
{
context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Result = new JsonResult(new { msg = "未知身份" });
return;
}
//提取token
var token = author.ToString().Substring("Bearer".Length).Trim();
List <string> list;
//token无法解密,不再查询redis。
if (!SSOHelper.IsTokenValid(token, out list))
{
context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Result = new JsonResult(new { msg = "非法token" });
return;
}
//生成token 的时间加上token生效的时间
if (Convert.ToDateTime(list[4]).AddMinutes(Convert.ToDouble(BaseCore.Configuration.GetSection("AppSetting:TokenOverTime").Value)) < DateTime.Now)
{
context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Result = new JsonResult(new { msg = "token已过期" });
return;
}
//解析token获取用户信息
var tokenUserInfo = new TokenUserInfo {
UserID = Convert.ToInt32(list[0]), AccountName = list[1], UserName = list[2], IP = list[3], Token = token
};
((BaseController)context.Controller).CurrentUser = tokenUserInfo;
////token生成时的ip与当前请求ip不一致
//if (tokenUserInfo.IP != context.HttpContext.Connection.RemoteIpAddress.ToString())
//{
// context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
// context.Result = new JsonResult(new { msg = "非法请求" });
// return;
//}
//context.Controller
var redisCache = (RedisCache)context.HttpContext.RequestServices.GetService(typeof(RedisCache));
var userInfoKey = ConfigService.GetUserInfoRedisKey(token, param.SysCode);
//token+sysCode组成的key是否存在
if (!redisCache.Exists(userInfoKey))
{
context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Result = new JsonResult(new { msg = "无权限" });
return;
}
}
public ServiceBase(IServiceProvider serviceProvider)
{
_serviceProvider = serviceProvider;
readOnlyContext = (BizReadOnlyContext)serviceProvider.GetService(typeof(BizReadOnlyContext));
masterContext = (BizMasterContext)serviceProvider.GetService(typeof(BizMasterContext));
logContext = (LogContext)serviceProvider.GetService(typeof(LogContext));
currentHttpContext = ((IHttpContextAccessor)serviceProvider.GetService(typeof(IHttpContextAccessor))).HttpContext;
redisCache = (RedisCache)serviceProvider.GetService(typeof(RedisCache));
currentUser = GetCurrentUserFromToken();
masterDbSet = masterContext.Set <T>();
readOnlyDbSet = readOnlyContext.Set <T>();
}
/// <summary>
/// 验证令牌,生成用户
/// </summary>
/// <param name="strUserToken">令牌</param>
/// <param name="user">返回用户对象</param>
/// <returns>true/false</returns>
public static bool ValidateUserToken(string userToken, out TokenUserInfo user)
{
user = null;
try
{
string[] userInfoArray = null;
if (!string.IsNullOrEmpty(userToken))
{
userToken = System.Web.HttpUtility.UrlDecode(userToken, System.Text.Encoding.UTF8);
userToken = userToken.Replace("-", "+").Replace("_", "/").Replace("*", "=");
userToken = NiuCryptoService.DecryptToken(userToken);
userInfoArray = userToken.Split(Separator);
if (userInfoArray.Length == 9)
{
user = new TokenUserInfo()
{
userId = ObjectConvert.ChangeType <long>(userInfoArray[1], 0),
nickName = userInfoArray[3],
tokenType = (tokenType)ObjectConvert.ChangeType <long>(userInfoArray[0], 0),
type = (userType)ObjectConvert.ChangeType <int>(userInfoArray[2], 0),
status = ObjectConvert.ChangeType <int>(userInfoArray[4], 0),
channelId = ObjectConvert.ChangeType <int>(userInfoArray[5], 0),
roleId = ObjectConvert.ChangeType <int>(userInfoArray[6], 0),
roleName = userInfoArray[7],
isManage = ObjectConvert.ChangeType <int>(userInfoArray[8], 0)
};
}
}
}
catch (Exception ex)
{
logRecord.WriteSingleLog("ValidateUserToken.log", string.Format("error:{0}", ex.Message));
}
return(true);
}
