public void ProcessRequest(HttpContext context) { string token = "loginuser"; var loginId = context.Request.Cookies["LoginUser"]; var cookieValue = Encrypts.GetDecryptString(loginId.Value); var cookieValues = cookieValue.Split(new char[] { '_' }); if (cookieValues == null || cookieValues.Length != 2) { return; } var userId = int.Parse(cookieValues[0]); var ticks = long.Parse(cookieValues[1]); DateTime dtNow = DateTime.UtcNow; DateTime dtToken = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddMilliseconds(ticks); var totalMinutes = (dtNow - dtToken).TotalMinutes; if ((dtNow - dtToken).TotalMinutes > 35)//长时间没访问 { return; } token += userId; var loginSession = RedisHelper.Get <LoginUser>(token); if (loginSession == null) { return; } string saveType = context.Request["savetype"]; string callback = context.Request["callback"]; string json; if (saveType != null && saveType.ToLower() == "local") { json = UploadToLocal(context); } else { json = UploadToCDN(context); } context.Response.ContentEncoding = System.Text.Encoding.UTF8; context.Response.ContentType = "text/html"; if (callback != null) { context.Response.Write(String.Format("<script>{0}(JSON.parse(\"{1}\"));</script>", callback, json)); } else { context.Response.Write(json); } }
public void ProcessRequest(HttpContext context) { string token = $"{Configs.PlateForm}:AccountInfo:"; var loginId = context.Request.Cookies["_LoginInfo"]; var cookieValue = Encrypts.GetDecryptString(loginId.Value); var cookieValues = cookieValue.Split(new char[] { '_' }); if (cookieValues == null || cookieValues.Length != 3) { return; } var userId = Guid.Parse(cookieValues[0]); token += userId; var loginSession = RedisHelper.Get <LoginUser>(token); if (loginSession == null) { return; } string saveType = context.Request["savetype"]; string callback = context.Request["callback"]; string json; if (saveType != null && saveType.ToLower() == "local") { json = UploadToLocal(context); } else { json = UploadToCDN(context); } context.Response.ContentEncoding = System.Text.Encoding.UTF8; context.Response.ContentType = "text/html"; if (callback != null) { context.Response.Write(String.Format("<script>{0}(JSON.parse(\"{1}\"));</script>", callback, json)); } else { context.Response.Write(json); } }
protected override bool AuthorizeCore(HttpContextBase httpContext) { var logininfo = httpContext.Request.Cookies[Configs.CookieKey_LoginInfo]; if (logininfo == null) { return(false); } var cookieValue = Encrypts.GetDecryptString(logininfo.Value.ToString()); var cookieValues = cookieValue.Split(new char[] { '_' }); if (cookieValues == null || cookieValues.Length != 3) { return(false); } try { var accountId = Guid.Parse(cookieValues[0]); var randomString = cookieValues[1].ToString(); var ticks = long.Parse(cookieValues[2]); DateTime dtNow = DateTime.UtcNow; DateTime dtToken = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddMilliseconds(ticks); var totalMinutes = (dtNow - dtToken).TotalMinutes; if ((dtNow - dtToken).TotalMinutes > 35)//长时间没访问 { return(false); } string redisKey = $"{Configs.PlateForm}:AccountInfo:{accountId}"; accountInfo = RedisHelper.Get <AccountInfo>(Configs.RedisIndex_Web, redisKey); if (accountInfo == null) { return(false); } if (accountInfo.Token != randomString) { return(false); } if (accountInfo.Status == (byte)AccountStatus.Disabled) { return(false); } if ((dtNow - dtToken).TotalMinutes > 5)//最少5分钟更新一次cookie和Redis { httpContext.Response.Cookies.Add(httpContext.Request.Cookies[Configs.CookieKey_LoginInfo]); httpContext.Response.Cookies[Configs.CookieKey_LoginInfo].Value = Encrypts.GetEncryptString(accountId.ToString() + "_" + randomString); httpContext.Response.Cookies[Configs.CookieKey_LoginInfo].HttpOnly = true; RedisHelper.KeyExpire(Configs.RedisIndex_Web, redisKey, TimeSpan.FromDays(1)); } httpContext.Request.Headers.Add("useraccountId", accountId.ToString()); return(AuthorizeRedirect(httpContext, accountInfo.Status)); } catch (Exception ex) { return(false); } }
protected override bool AuthorizeCore(HttpContextBase httpContext) { string token = "loginuser"; var loginId = httpContext.Request.Cookies["LoginUser"]; if (loginId == null) { return(false); } var cookieValue = Encrypts.GetDecryptString(loginId.Value); var cookieValues = cookieValue.Split(new char[] { '_' }); if (cookieValues == null || cookieValues.Length != 2) { return(false); } var userId = int.Parse(cookieValues[0]); var ticks = long.Parse(cookieValues[1]); DateTime dtNow = DateTime.UtcNow; DateTime dtToken = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddMilliseconds(ticks); var totalMinutes = (dtNow - dtToken).TotalMinutes; if ((dtNow - dtToken).TotalMinutes > 125)//长时间没访问 { return(false); } token += userId; var loginSession = RedisHelper.Get <LoginUser>(token); if (loginSession == null) { if (httpContext.Request.IsAjaxRequest()) { httpContext.Response.AddHeader("sessionstatus", "timeout"); return(false); } return(false); } if ((dtNow - dtToken).TotalMinutes > 5)//最少5分钟更新一次Redis { httpContext.Response.Cookies.Add(httpContext.Request.Cookies["LoginUser"]); httpContext.Response.Cookies["LoginUser"].Value = Encrypts.GetEncryptString(userId.ToString()); httpContext.Response.Cookies["LoginUser"].HttpOnly = true; httpContext.Response.Cookies["LoginUser"].Expires = DateTime.Now.AddDays(1); RedisHelper.KeyExpire(token, new TimeSpan(1, 0, 0)); } if (PerimCode == null) { return(loginSession != null); } if (loginSession.IsAdmin) { return(true); } var perimList = loginSession.PerimissionList; if (perimList == null || perimList.Count <= 0) { return(false); } var result = perimList.Any(t => PerimCode.Contains(t.PerimCode) && t.Value > 0); return(result); }