private MyResult <object> CheckToken(string token, string sign) { MyResult <object> result = new MyResult <object>(); try { //sign== if (!SecurityUtil.ValidSign(sign, token, Constants.Key)) { return(result.SetStatus(ErrorCode.ReLogin, "sign error 请联系管理员")); } //token== string json = DataProtectionUtil.UnProtect(token); if (string.IsNullOrEmpty(json)) { return(result.SetStatus(ErrorCode.ReLogin, "token error 请重新登录")); } TokenModel = json.GetModel <TokenModel>(); if (TokenModel == null) { return(result.SetStatus(ErrorCode.InvalidToken, "非法token")); } if (TokenModel.Id < 1) { return(result.SetStatus(ErrorCode.InvalidToken, "无效token")); } } catch (System.Exception ex) { return(result.SetStatus(ErrorCode.SystemError, $"请求失败{ex.Message}")); } return(result); }
public MyResult <object> GetUserAuth(string name, string password) { MyResult result = new MyResult(); if (string.IsNullOrEmpty(name) || string.IsNullOrEmpty(password)) { return(result.SetError("用户名密码不能为空")); } string auth_sql = $"select au.id,au.username,au.password,au.role_id roleId,ifnull(ar.role_name,'') roleName from admin_users au left join admin_roles ar on au.role_id=ar.id where au.username='******' and au.password='******'"; var userInfo = dbConnection.QuerySingleOrDefault(auth_sql); if (userInfo == null) { return(result.SetStatus(ErrorCode.ErrorUserNameOrPass, "用户名密码错误")); } var roleId = userInfo.roleId; string action_sql = $"select aa.action_name actionName,aa.code from admin_role_action ara left join admin_actions aa on ara.action_id=aa.id and aa.enable=1 where ara.role_id={roleId}"; var action = dbConnection.Query(action_sql); TokenModel tokenModel = new TokenModel(); tokenModel.Id = userInfo.id; tokenModel.Mobile = ""; tokenModel.Code = ""; tokenModel.Source = domain.enums.SourceType.Web; result.Data = new { token = DataProtectionUtil.Protect(tokenModel.GetJson()), userData = new { userInfo = userInfo, action = action } }; return(result); }
public BackstageCookie GetUserCook() { string cookie = DataProtectionUtil.UnProtect(CookieUtil.GetCookie(Constants.WEBSITE_AUTHENTICATION_SCHEME)); BackstageCookie back = new BackstageCookie(); back = cookie.GetModel <BackstageCookie>(); return(back); }
public IActionResult ValidateCode() { ValidateCode _vierificationCodeServices = new ValidateCode(); string code = ""; System.IO.MemoryStream ms = _vierificationCodeServices.Create(out code); CookieUtil.AppendCookie(Constants.WEBSITE_VERIFICATION_CODE, DataProtectionUtil.Protect(code)); return(File(ms.ToArray(), @"image/png")); }
public MyResult <object> Login(BackstageUserAdd model) { MyResult result = new MyResult(); string sessionCode = string.Empty; try { var code = CookieUtil.GetCookie(Constants.WEBSITE_VERIFICATION_CODE); if (code != null) { sessionCode = DataProtectionUtil.UnProtect(code); } } catch (Exception ex) { LogUtil <AccountService> .Error(ex.Message); } if (model.ErrCount >= 3) { if (!model.VerCode.ToString().ToLower().Equals(sessionCode.ToLower())) { return(result.SetStatus(ErrorCode.NotFound, "验证码输入不正确!")); } } BackstageUser account = this.First <BackstageUser>(t => t.LoginName == model.LoginName); if (account == null) { return(result.SetStatus(ErrorCode.NotFound, "账号不存在!")); } string pwd = SecurityUtil.MD5(model.Password); if (!account.Password.Equals(pwd, StringComparison.OrdinalIgnoreCase)) { return(result.SetStatus(ErrorCode.InvalidPassword)); } switch (account.AccountStatus) { case (int)AccountStatus.Disabled: return(result.SetStatus(ErrorCode.AccountDisabled, "账号不可用!")); } account.LastLoginTime = DateTime.Now; account.LastLoginIp = "";//MvcHelper.ClientIP; this.Update(account, true); MvcIdentity identity = new MvcIdentity(account.Id, account.LoginName, account.LoginName, account.Email, (int)account.RoleId, null, account.LastLoginTime); identity.Login(Constants.WEBSITE_AUTHENTICATION_SCHEME, x => { x.Expires = DateTime.Now.AddHours(5);//滑动过期时间 x.HttpOnly = true; }); return(result); }
public static string GetEncryptedString(string str) { if (string.IsNullOrEmpty(str)) { return(str); } if (IsEncrypted(str)) { return(str); } if (UseDapi) { str = DataProtectionUtil.Encrypt(str); } else { str = CryptoUtil.Encrypt(str, password, CryptoUtil.CryptoProviderDES); } return(encryptionPrefix + str + encryptionSuffix); }
public MyResult <object> Login(WxLoginDto model) { MyResult result = new MyResult(); if (string.IsNullOrEmpty(model.Code)) { return(result.SetStatus(ErrorCode.InvalidData, "code 无效")); } var code2SessionUrl = $"https://api.weixin.qq.com/sns/jscode2session?appid={Constants.WxAppId}&secret={Constants.WxSecret}&js_code={model.Code}&grant_type=authorization_code"; var rep = HttpUtil.GetString(code2SessionUrl); var repObj = rep.GetModel <Code2SessionRep>(); var openid = repObj.OpenId; var user = base.First <User>(predicate => predicate.OpenId == openid); if (user == null) { return(result.SetStatus(ErrorCode.NotFound, "用户未注册")); } user.SessionKey = repObj.Session_Key; TokenModel tokenModel = new TokenModel(); tokenModel.Id = (int)user.Id; tokenModel.Mobile = user.PhoneNum; tokenModel.Code = repObj.OpenId; tokenModel.Source = domain.enums.SourceType.WeChat; var tokenStr = tokenModel.GetJson(); var enToken = DataProtectionUtil.Protect(tokenStr); result.Data = new { token = enToken, uid = (int)user.Id }; user.Token = enToken; base.Update(user, true); return(result); }
public static string GetDecrptedString(string str) { if (string.IsNullOrEmpty(str)) { return(str); } if (IsEncrypted(str)) { str = str.Substring(encryptionPrefix.Length, str.Length - encryptionPrefix.Length - encryptionSuffix.Length); if (UseDapi) { str = DataProtectionUtil.Decrypt(str); } else { str = CryptoUtil.Decrypt(str, password, CryptoUtil.CryptoProviderDES); } return(str); } return(str); }
public void Login(string scheme, Action <CookieOptions> options = null) { CookieUtil.AppendCookie(scheme, DataProtectionUtil.Protect(JsonConvert.SerializeObject(this)), true, options); }
public virtual async Task OnAuthorizationAsync(AuthorizationFilterContext context) { if (context == null) { throw new ArgumentNullException("context"); } AuthorizationPolicy effectivePolicy = Policy; if (effectivePolicy == null) { if (PolicyProvider == null) { throw new InvalidOperationException("An AuthorizationPolicy cannot be created without a valid instance of IAuthorizationPolicyProvider."); } effectivePolicy = await AuthorizationPolicy.CombineAsync(PolicyProvider, AuthorizeData); } if (effectivePolicy != null) { MvcPrincipal newPrincipal = null; string currentScheme = effectivePolicy.AuthenticationSchemes.FirstOrDefault(); if (!string.IsNullOrEmpty(currentScheme)) { if (!(context.HttpContext.User.Identity is MvcIdentity) || !context.HttpContext.User.Identity.IsAuthenticated) { string cookie = CookieUtil.GetCookie(currentScheme, true); if (!string.IsNullOrEmpty(cookie)) { try { string value = DataProtectionUtil.UnProtect(cookie); MvcIdentity identity = JsonExtension.GetModel <MvcIdentity>(value, ""); if (identity != null) { newPrincipal = identity.GetPrincipal(); } } catch { } } } else { newPrincipal = (context.HttpContext.User as MvcPrincipal); } } if (newPrincipal == null) { context.HttpContext.User = MvcIdentity.Instance.GetPrincipal(); } else { context.HttpContext.User = newPrincipal; } if (!context.Filters.Any((IFilterMetadata item) => item is IAllowAnonymousFilter)) { if (context.HttpContext.User.Identity.IsAuthenticated) { if (AuthorizeFilter == null) { AuthorizeFilter = ServiceProviderServiceExtensions.GetService <IAuthorizeFilter>(context.HttpContext.RequestServices); } if (AuthorizeFilter != null) { await AuthorizeFilter.OnAuthorizedAsync(context, currentScheme); } } else { context.Result = new ChallengeResult(effectivePolicy.AuthenticationSchemes.ToArray()); } } } }
public override Task OnActionExecutionAsync(Microsoft.AspNetCore.Mvc.Filters.ActionExecutingContext context, Microsoft.AspNetCore.Mvc.Filters.ActionExecutionDelegate next) { try { var userAgent = context.HttpContext.Request.Headers["User-Agent"].ToString(); if (userAgent.Contains("MicroMessenger")) { SourceType = SourceType.WeChatApp; } else if (userAgent.Contains("iPhone") || userAgent.Contains("iPod") || userAgent.Contains("iPad")) { SourceType = SourceType.IOS; } else if (userAgent.Contains("Android")) { SourceType = SourceType.Android; } else { //TODO:the last del SourceType = SourceType.Web; } foreach (var kv in context.HttpContext.Request.Query) { ReqParams[kv.Key] = kv.Value.ToString(); } if (context.HttpContext.Request.HasFormContentType) { foreach (var kv in context.HttpContext.Request.Form) { ReqParams[kv.Key] = kv.Value.ToString(); } } var values = context.HttpContext.GetContextDict(); foreach (var kv in values) { ReqParams[kv.Key] = kv.Value.ToString(); } if (SourceType == SourceType.Unknown) { context.Result = new ObjectResult(new MyResult <object>().SetStatus(ErrorCode.Unauthorized, "请设置User-Agent请求头: 如:iPhone 或者 Android 或则web")); } else { var token = string.Empty; var sign = string.Empty; if (ReqParams.ContainsKey(TOKEN_NAME)) { token = ReqParams[TOKEN_NAME]; } if (ReqParams.ContainsKey(Sign)) { sign = ReqParams[Sign]; } //can get token from server redis now only get form params // .. // if (!context.ActionDescriptor.FilterDescriptors.Any(t => t.Filter is AllowAnonymousFilter))//need check token { if (string.IsNullOrEmpty(token)) { context.Result = new ObjectResult(new MyResult <object>(ErrorCode.Unauthorized, "token is empty you are error!")); } else if (string.IsNullOrEmpty(sign)) { context.Result = new ObjectResult(new MyResult <object>(ErrorCode.Unauthorized, "sign is empty you are error!")); } else { var model = CheckToken(token, sign); if (model.Success) { //ok } if (!model.Success) { context.Result = new ObjectResult(model); } } } else { if (string.IsNullOrEmpty(token)) { TokenModel = new TokenModel(); } else { var json = DataProtectionUtil.UnProtect(token); if (string.IsNullOrEmpty(json)) { TokenModel = new TokenModel(); } else { TokenModel = json.GetModel <TokenModel>(); } } } } } catch (System.Exception ex) { LogUtil <ApiBaseController> .Error(ex, ex.Message); context.Result = new ObjectResult(new MyResult <object>(ErrorCode.SystemError, $"请求失败{ex.Message}")); } return(base.OnActionExecutionAsync(context, next)); }