Пример #1
0
        /// <summary>
        /// Create cookies.
        /// </summary>
        /// <param name="username">Username.</param>
        /// <param name="authArea">Authenticate area.</param>
        /// <param name="timeout">Enable timespan.</param>
        /// <returns></returns>
        public static string CreateCookies(string username, string authArea, TimeSpan timeout)
        {
            ALEXFWCookiesToken token = new ALEXFWCookiesToken();

            token.Username    = username;
            token.ExpiredDate = DateTime.Now.Add(timeout);
            byte[] data;
            if (authArea == null)
            {
                data = Encoding.UTF8.GetBytes(token.Username).Concat(BitConverter.GetBytes(token.ExpiredDate.ToBinary())).ToArray();
            }
            else
            {
                data = Encoding.UTF8.GetBytes(token.Username).Concat(BitConverter.GetBytes(token.ExpiredDate.ToBinary())).Concat(Encoding.UTF8.GetBytes(authArea)).ToArray();
            }
            token.NewSalt();
            token.Signature = GetTokenSignature(data, token.Salt);
            BinaryFormatter formatter = new BinaryFormatter();
            MemoryStream    stream    = new MemoryStream();

            formatter.Serialize(stream, token);
            data = stream.ToArray();
            stream.Dispose();
            return(HttpServerUtility.UrlTokenEncode(data));
        }
Пример #2
0
        /// <summary>
        /// Verify cookie.
        /// </summary>
        /// <param name="cookieValue">Cookie value.</param>
        /// <param name="authArea">Authenticate area.</param>
        /// <param name="username">Username.</param>
        /// <param name="expiredDate">Expired date.</param>
        /// <returns></returns>
        public static bool VerifyCookie(string cookieValue, string authArea, out string username, out DateTime expiredDate)
        {
            username    = null;
            expiredDate = DateTime.MinValue;
            byte[] data;
            try
            {
                data = HttpServerUtility.UrlTokenDecode(cookieValue);
                BinaryFormatter    formatter = new BinaryFormatter();
                MemoryStream       stream    = new MemoryStream(data);
                ALEXFWCookiesToken token     = (ALEXFWCookiesToken)formatter.Deserialize(stream);
                stream.Dispose();

                if (token.Signature.Length != 20)
                {
                    return(false);
                }
                if (token.ExpiredDate < DateTime.Now)
                {
                    return(false);
                }
                if (token.Username == null)
                {
                    return(false);
                }
                if (authArea == null)
                {
                    data = token.GetTokenData();
                }
                else
                {
                    data = token.GetTokenData().Concat(Encoding.UTF8.GetBytes(authArea)).ToArray();
                }

                if (!VerifyToken(data, token.Salt, token.Signature))
                {
                    return(false);
                }

                username    = token.Username;
                expiredDate = token.ExpiredDate;
                return(true);
            }
            catch
            {
                return(false);
            }
        }