/// <summary> /// 提取token,反推出用户信息 /// </summary> /// <param name="context"></param> /// <returns></returns> public override async Task ValidatePrincipal(CookieValidatePrincipalContext context) { var auth_type = context.Scheme.Name; var _context = context.HttpContext; var _principal = context.Principal ?? new ClaimsPrincipal(); try { var token = new string[] { _context.Request.Headers["auth_token"], _principal.FindFirst(ClaimTypes.NameIdentifier)?.Value }.FirstNotEmpty_(); if (ValidateHelper.IsEmpty(token)) { throw new MsgException("token不存在"); } //缓存相关 var key_manager = _context.RequestServices.Resolve_ <ICacheKeyManager>(); var _cache = _context.RequestServices.ResolveDistributedCache_(); //把登录数据缓存到http上下文 var cache_key = key_manager.AuthHttpItemKey(auth_type); var loginuser_json = await _context.CacheInHttpContextAsync(cache_key, async() => { var token_data = await this.FindTokenOrThrow(key_manager, _cache, _context, token); var user_data = await this.FindUserOrThrow(key_manager, _cache, _context, token_data.Data.UserUID); return(user_data.Data.ToJson()); }); if (ValidateHelper.IsEmpty(loginuser_json)) { throw new MsgException(nameof(loginuser_json)); } //生成identity var identities = _principal.Identities.Where(x => x.AuthenticationType != auth_type).ToList(); var identity = new ClaimsIdentity(authenticationType: auth_type); identity.AddClaim_(ClaimTypes.UserData, loginuser_json); identities.Add(identity); var loginuser = new ClaimsPrincipal(identities: identities); context.ReplacePrincipal(loginuser); } catch (MsgException) { context.RejectPrincipal(); } catch (Exception e) { context.HttpContext.RequestServices.ResolveLogger <MyCookieAuthenticationEvents>().AddErrorLog(e.Message, e); context.RejectPrincipal(); } await base.ValidatePrincipal(context); }
/// <summary> /// 抹掉大部分信息,只留token /// </summary> /// <param name="context"></param> /// <returns></returns> public override async Task SigningIn(CookieSigningInContext context) { var _context = context.HttpContext; try { var auth_type = context.Scheme.Name; var json = context.Principal?.FindFirst(ClaimTypes.UserData)?.Value; if (ValidateHelper.IsEmpty(json)) { throw new ArgumentException("未找到用户数据"); } var loginuser = json.JsonToEntity <WCloudUserInfo>() ?? throw new ArgumentException("数据格式错误"); var token = loginuser.ExtraData["token"]; if (ValidateHelper.IsEmpty(token)) { throw new ArgumentException("token不存在"); } var identity = new ClaimsIdentity(authenticationType: auth_type); identity.AddClaim_(ClaimTypes.NameIdentifier, token); context.Principal = new ClaimsPrincipal(identity); await base.SigningIn(context); //缓存相关 var key_manager = _context.RequestServices.Resolve_ <ICacheKeyManager>(); var _cache = _context.RequestServices.ResolveDistributedCache_(); //删除用户缓存 var key = key_manager.UserInfo(loginuser.UserID); await _cache.RemoveAsync(key); //删除token缓存 key = key_manager.AuthToken(token); await _cache.RemoveAsync(key); } catch (Exception e) { throw new LoginException("登录异常", e); } }