public void OnAuthorization(AuthorizationFilterContext context)
{
var controller = context.RouteData.Values["controller"].ToString();
var action = context.RouteData.Values["action"].ToString();
//netcore<3.0 : context.Filters.Any(x => x is IAllowAnonymousFilter)
if (context.ActionDescriptor.EndpointMetadata.Any(x => x is AllowAnonymousAttribute))
{
return;
}
var token = context.HttpContext.Request.Headers["authorization"].ToString();
token = token.Replace("Bearer ", "");
try
{
var result = JwtTools.ParseToken(token);
}
catch (SecurityTokenExpiredException)
{
context.Result = new ObjectResult(new ResponseModel()
{
Code = 99,
Message = "Token已过期(AuthorizationFilter)"
});
}
catch (Exception)
{
context.Result = new ObjectResult(new ResponseModel()
{
Code = 99,
Message = "Token无效(AuthorizationFilter)"
});
}
}
public async System.Threading.Tasks.Task <IHttpActionResult> AddEqAsync(EqVM model)
{
if (ModelState.IsValid)
{
try {
// string Url = @"http://" + model.EquipmentIP + ":8080/queryDeviceDetail";
// var result = HTTP.Http.Get(Url, "application / json");
//反序列化
// JObject ResponObj = JsonConvert.DeserializeObject<JObject>(result);
// if (ResponObj["errCode"].ToString() == "0") {
// string deviceSerial = ResponObj["deviceSerial"].ToString();
// if (deviceSerial == model.EquipmentNum) {
//通过token获取用户名
string token = HttpContext.Current.Request.Headers["token"];
var userInfo = JwtTools.DEcode(token);
//调用usermanager.getuserinfo 获取用户信息
var user = UserManager.GetUserInfo(userInfo["name"]);
//查询此用户的学校ID,将其赋值给设备表的外键 :SchoolId
await EqManager.AddEq(model.EquipmentNum, model.Local, user.organizationID);
return(this.SendData("成功"));
}
catch (Exception ex) {
return(this.ErrorData(ex.Message));
}
}
else
{
return(this.ErrorData("发生异常,请重新登录"));
}
}
public async System.Threading.Tasks.Task <IHttpActionResult> CreatClassAsync(string GradeName, string ClassName)
{
/*
* 首先字段修改:年级去掉学校ID字段。班级新增学校ID字段
* 前端传入年级和班级的名字
* 通过账号信息,获取所在的学校ID
* 通过年级名字,查询年级ID
* 创建班级对象,ClassName直接赋值,学校ID赋值,年级ID赋值,是否毕业:false
* 成功则返回成功
* */
if (ModelState.IsValid)
{
try {
string token = HttpContext.Current.Request.Headers["token"];
var userInfo = JwtTools.DEcode(token);
var user = UserManager.GetUserInfo(userInfo["name"]);
await ClassManager.CreatClassAsync(ClassName, GradeName, user.organizationID);
return(this.SendData(true));
}
catch (Exception ex) {
return(this.ErrorData(ex.Message));
}
}
else
{
return(this.ErrorData("发生异常"));
}
}
public IHttpActionResult Login(Models.LoginViewModel loginViewModel)
{
if (ModelState.IsValid)
{
try {
var result = UserManager.Login(loginViewModel.LoginName, loginViewModel.LoginPwd);
if (result)
{
var token = JwtTools.Encode(new Dictionary <string, string>()
{
{ "name", loginViewModel.LoginName }
});
return(this.SendData(token));
}
else
{
return(this.ErrorData("账号密码错误"));
}
}
catch (Exception ex) {
return(this.ErrorData("出现错误"));
}
}
else
{
return(this.ErrorData("发生异常"));
}
}
public async Task <ResponseModel <UserLoginInOutput> > LoginIn([FromBody] UserLoginInInput args)
{
var uid = Guid.NewGuid().ToString();
var payload = new Dictionary <string, string>()
{
{ "ts", DateTime.Now.ToTimestampSecond().ToString() },
{ "uid", uid }
};
if (args.Account == "admin" && args.PassWord == "admin")
{
payload.Add("name", args.Account);
}
Core.Log.LoggerTools.GetInstance(Core.Log.LoggerTools.RequestLog).Info("开始:" + DateTime.Now);
Task.Run(async() => {
await Task.Delay(5000);
Core.Log.LoggerTools.GetInstance(Core.Log.LoggerTools.RequestLog).Info("结束:" + DateTime.Now);
});
var token = JwtTools.GetToken(payload);
return(Success(new UserLoginInOutput {
Token = token, UserId = uid
}));
}
public async Task <HttpResponseMessage> ExecuteAuthorizationFilterAsync(HttpActionContext actionContext, CancellationToken cancellationToken, Func <Task <HttpResponseMessage> > continuation)
{
//当某个特定的action加入了AllowAnonymous特性时跳过检查
if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>(true).Count > 0)
{
return(await continuation());
}
//获取request->headers->token
IEnumerable <string> headers;
if (actionContext.Request.Headers.TryGetValues("token", out headers))
{
//如果获取到了headers里的token
//token
string LoginName = JwtTools.Decoder(headers.First())["username"].ToString();
Guid UserId = Guid.Parse(JwtTools.Decoder(headers.First())["userid"].ToString());
(actionContext.ControllerContext.Controller as ApiController).User = new ApplicationUser(LoginName, UserId);
return(await continuation());
}
return(new HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized));
}
public IHttpActionResult SearchNotifyByName(string Name = null, string StartTime = null, string EndTime = null)
{
string token = HttpContext.Current.Request.Headers["token"];
var userInfo = JwtTools.DEcode(token);
//调用usermanager.getuserinfo 获取用户信息
var user = UserManager.GetUserInfo(userInfo["name"]);
var result = NotifyManager.GetNotifyByName(user.organizationID, Name, StartTime, EndTime);
return(this.SendData(result));
}
public IHttpActionResult GetStudentArr(string PageSize, string PageIndex, string Name = null)
{
//通过token获取用户名
string token = HttpContext.Current.Request.Headers["token"];
var userInfo = JwtTools.DEcode(token);
//调用usermanager.getuserinfo 获取用户信息
var user = UserManager.GetUserInfo(userInfo["name"]);
var result = StudentManager.QueryCount(user.organizationID, Convert.ToInt32(PageSize), Convert.ToInt32(PageIndex), Name);
return(this.SendData(result));
}
public string Login(UserViewModel model)
{
if (model.loginName == "zhangsan" && model.loginPwd == "123456")
{
return(JwtTools.Encoding(new Dictionary <string, object>()
{
{ "loginName", model.loginName }
}, JwtTools.Key));
}
throw new Exception("账号密码有误!");
}
public string GetLoin(UserViewModel model)
{
if (model.Name.Count() > 2 && model.Password == "123456")
{
return(JwtTools.Encode(new Dictionary <string, object>()
{
{ "Name", model.Name }
}, JwtTools.JwtKeys));
}
throw new Exception("您输入的用户名密码有误");
}
public async Task <ResponseModel <Dictionary <string, string> > > CheckToken([Required(ErrorMessage = "Token不能为空")] string token)
{
var claims = JwtTools.ParseToken(token);
var payload = new Dictionary <string, string>();
foreach (var item in claims)
{
payload[item.Type] = item.Value;
}
return(Success(payload));
}
public async Task <HttpResponseMessage> ExecuteAuthorizationFilterAsync(HttpActionContext actionContext, CancellationToken cancellationToken, Func <Task <HttpResponseMessage> > continuation)
{
IEnumerable <string> headers;
if (actionContext.Request.Headers.TryGetValues(name: "token", out headers))
{
var UserID = Convert.ToInt32(JwtTools.Decode(jwtStr: headers.First())["UserID"]);
var RoleID = Convert.ToInt32(JwtTools.Decode(jwtStr: headers.First())["RoleID"]);
(actionContext.ControllerContext.Controller as ApiController).User = new ApplicationUser(UserID, RoleID);
return(await continuation());
}
return(new HttpResponseMessage(HttpStatusCode.Unauthorized));
}
public async Task <HttpResponseMessage> ExecuteAuthorizationFilterAsync(HttpActionContext actionContext, CancellationToken cancellationToken, Func <Task <HttpResponseMessage> > continuation)
{
IEnumerable <string> token;
// 獲取token
if (actionContext.Request.Headers.TryGetValues("token", out token))
{
string loginName = JwtTools.Decode(token.First(), JwtTools.key)["LoginName"].ToString();
// User是一個實作了IIdentity的物件(裡面的Identity.Name等內容是唯獨的,所以只能創立個新的給他賦值)
(actionContext.ControllerContext.Controller as ApiController).User = new ApplicationUser(loginName);
return(await continuation());
}
return(new HttpResponseMessage(HttpStatusCode.Unauthorized));
}
public string Login(UserLogin user)
{
if (user.username.Length > 2 && user.pwd == "123456")
{
return(JwtTools.Encode(new Dictionary <string, object>()
{
{ "loginName", user.username }
}
, JwtTools.key));
}
else
{
return("失敗");
}
}
public IHttpActionResult GetTeacherArr(string PageSize, string PageIndex, string Name = null)
{
try {
//通过token获取用户名
string token = HttpContext.Current.Request.Headers["token"];
var userInfo = JwtTools.DEcode(token);
//调用usermanager.getuserinfo 获取用户信息
var user = UserManager.GetUserInfo(userInfo["name"]);
var result = TeacherManager.QueryTeacher(user.organizationID, Convert.ToInt32(PageSize), Convert.ToInt32(PageIndex), Name);
int count = TeacherManager.QueryTeacherCount(user.organizationID);
return(this.SendData(new { result, count }));
}
catch (Exception ex) {
return(this.ErrorData(ex.Message));
}
}
public async Task <HttpResponseMessage> ExecuteAuthorizationFilterAsync(HttpActionContext actionContext, CancellationToken cancellationToken, Func <Task <HttpResponseMessage> > continuation)
{
//根据AllowAnonymous特性跳过验证
if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>(true).Count > 0)
{
return(await continuation());
}
if (actionContext.Request.Headers.TryGetValues("token", out IEnumerable <string> headers))
{
var loginName = JwtTools.Decode(headers.FirstOrDefault(), JwtTools.Key)["loginName"].ToString();
var userId = JwtTools.Decode(headers.FirstOrDefault(), JwtTools.Key)["userId"].ToString();
(actionContext.ControllerContext.Controller as ApiController).User = new ApplicationUser(loginName, int.Parse(userId));
return(await continuation());
}
return(new HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized));
}
public static async Task <IActionResult> Login(
[HttpTrigger(AuthorizationLevel.Anonymous, Global.HttpVerbPost, Route = null)] HttpRequest req,
[Table(Global.UserTableName, Connection = Global.AzureWebJobsStorage)] CloudTable userCloudTable,
ILogger log)
{
using (var sr = new StreamReader(req.Body)) {
var requestBodyJson = sr.ReadToEnd();
var userLoginModel = JsonConvert.DeserializeObject <UserLoginModel>(requestBodyJson);
if (!userLoginModel.IsValid())
{
log.LogWarning(GlobalMessages.LoginFailedDueToInvalidData);
return(new BadRequestObjectResult(GlobalMessages.InvalidDataOneOrMoreValuesWasEmpty));
}
var userEntity = await GetUserEntityByUserName(userCloudTable, userLoginModel.UserName);
if (userEntity == null)
{
log.LogWarning(String.Format(GlobalMessages.LoginFailedUserNotInDatabaseFormat, userLoginModel.UserName));
return(new UnauthorizedResult());
}
if (userLoginModel.UserName.Equals(userEntity.UserName, StringComparison.OrdinalIgnoreCase) &&
PasswordHashing.VerifyHashedPassword(userEntity.PasswordHash, userLoginModel.Password))
{
var jwtTools = new JwtTools();
var subject = new ClaimsIdentity(new[] {
new Claim(Global.ClaimUserName, userEntity.UserName),
new Claim(Global.ClaimUserId, userEntity.RowKey)
});
var utcExpiresDateTime = DateTime.UtcNow.AddHours(4); // you can change this to meet your requirements for token expiration.
var token = jwtTools.CreateToken(Global.Issuer, Global.Audience, subject, utcExpiresDateTime, Global.EncryptionKey);
var tokenItemModel = new TokenItemModel {
Token = token
};
log.LogInformation(String.Format(GlobalMessages.LoginSuccessfulFormat, userLoginModel.UserName));
return(new OkObjectResult(tokenItemModel));
}
log.LogWarning(String.Format(GlobalMessages.LoginFailedFormat, userLoginModel.UserName));
return(new UnauthorizedResult());
}
}
public IHttpActionResult QueryClass()
{
if (ModelState.IsValid)
{
string token = HttpContext.Current.Request.Headers["token"];
var userInfo = JwtTools.DEcode(token);
//调用usermanager.getuserinfo 获取用户信息
var user = UserManager.GetUserInfo(userInfo["name"]);
var result = ClassManager.QueryClassList(user.organizationID);
return(this.SendData(result));
}
else
{
return(this.ErrorData("请重新登录"));
}
}
public IHttpActionResult Loign(Models.LoginViewModel model)
{
//1.引用jwt
//2.jwttools
//User Identity //是一个接口类型 Name 是一个字符串
if (ModelState.IsValid)
{
return(Ok(new Models.ResponseData()
{
//token
Data = JwtTools.Encoder(new Dictionary <string, object>()
{
{ "LoginName", model.LoginName },
{ "UserId", 213 }
})
}));
}
//传递上来的数据未通过校验
else
{
return(Ok(new Models.ResponseData()
{
Code = 500, ErrorMsg = "校验失败"
}));
}
//微软推荐获取身份信息
//User.Identity.Name;
//如果传递上来的数据通过了实体类型校验
//骚操作 return ModelState.IsValid ? Ok(new Models.ResponseData()) : Ok(new Models.ResponseData() { Code = 500, ErrorMsg = "校验失败" });
//if (ModelState.IsValid)
//{
// return Ok(new Models.ResponseData());
//}
////传递上来的数据未通过校验
//else
//{
// return Ok(new Models.ResponseData() { Code = 500, ErrorMsg = "校验失败" });
//}
}
public IHttpActionResult Login(UserViewModel model)
{
if (ModelState.IsValid)
{
return(Ok(new ResponseData
{
Data = JwtTools.Encoding(new Dictionary <string, object> {
{ "loginName", model.loginName },
{ "userId", 123456 }
}, JwtTools.Key)
}));
}
else
{
return(Ok(new ResponseData {
Code = 500, ErrorMessage = "用户名或密码错误!"
}));
}
}
public IHttpActionResult Login(string LoginName, string LoginPwd)
{
try
{
var db = DBhelp.GetInstance();
UserInfo list = db.Queryable <UserInfo>().First(r => r.LoginName == LoginName && r.LoginPwd == LoginPwd);
if (list == null)
{
return(Ok(new Models.Message()
{
MyProperty = 401, ErrorMessage = "账号或密码错误"
}));
}
else
{
if (list.UserStatr == 1)
{
return(Ok(new Models.Message()
{
data = JwtTools.Encoder(new Dictionary <string, object>()
{
{ "UserID", list.UserID }, { "RoleID", list.RoleID }
})
}));
}
else
{
return(Ok(new Models.Message()
{
MyProperty = 402, ErrorMessage = "此账号被锁定"
}));
}
}
}
catch (Exception e)
{
return(Ok(new Models.Message()
{
MyProperty = 403, ErrorMessage = e.Message
}));
}
}
public ExecuteResult Login(string UID)
{
var member = DataContext.Members.FirstOrDefault(x => x.UID == UID);
if (member != null)
{
//取得Token
string Token = JwtTools.getToken(UID, _config["Jwt:Key"], _config["Jwt:Issuer"]);
return(new ExecuteResult()
{
Token = Token, Status = (char)Code.Y
});
}
else
{
return(new ExecuteResult()
{
ErrMsg = "未註冊", Status = (char)Code.N
});
}
}
public IHttpActionResult GetClassName(string GradeName)
{
if (ModelState.IsValid)
{
try {
string token = HttpContext.Current.Request.Headers["token"];
var userInfo = JwtTools.DEcode(token);
//调用usermanager.getuserinfo 获取用户信息
var user = UserManager.GetUserInfo(userInfo["name"]);
var result = ClassManager.GetClasses(GradeName, user.organizationID);
return(this.SendData(result));
}
catch (Exception ex) {
return(this.ErrorData(ex.Message));
}
}
else
{
return(this.ErrorData("重新登录"));
}
}
public IHttpActionResult GetNotify(string PageSize, string PageIndex)
{
if (ModelState.IsValid)
{
//通过token获取用户名
string token = HttpContext.Current.Request.Headers["token"];
var userInfo = JwtTools.DEcode(token);
//调用usermanager.getuserinfo 获取用户信息
var user = UserManager.GetUserInfo(userInfo["name"]);
var count = NotifyManager.GetNotifyCount();
var result = NotifyManager.GetNotify(Convert.ToInt32(PageSize), Convert.ToInt32(PageIndex), user.organizationID);
var data = new { result, count };
return(this.SendData(data));
}
else
{
return(this.ErrorData("发生异常,请重新登录"));
}
}
public IHttpActionResult GetUserInfo()
{
if (ModelState.IsValid)
{
string token = HttpContext.Current.Request.Headers["token"];
var result = JwtTools.DEcode(token);
try {
var user = UserManager.GetUserInfo(result["name"]);
var organizationName = UserManager.GetOrganizationNameAsync(user);
var respon = new { user, organizationName };
return(this.SendData(respon));
}
catch {
return(this.ErrorData("用户名错误"));
}
}
else
{
return(this.ErrorData("权限错误"));
}
}
public IHttpActionResult Login(LoginViewModel model)
{
//通過model校驗
if (ModelState.IsValid)
{
return(Ok(new ResponseData()
{
Data = JwtTools.Encode(new Dictionary <string, object> ()
{
{ "LoginName", model.LoginName }
}, JwtTools.key)
}));;
}
else
{
return(Ok(new ResponseData()
{
Code = 500, ErrorMessage = "帳號密碼有誤"
}));
}
}
public IHttpActionResult Login(LoginViewModel model)
{
if (ModelState.IsValid)
{
IBLL.IUserManager userManager = new BLL.UserManager();
if (userManager.Login(model.Email, model.LoginPwd, out Guid userid))
{
return(this.SendData(JwtTools.Encoder(new Dictionary <string, object>()
{
{ "username", model.Email },
{ "userid", userid }
})));
}
else
{
return(this.ErrorData("用户名密码错误"));
}
}
return(this.ErrorData("输入数据不合法"));
}
public IHttpActionResult Login(LoginViewModel model)
{
if (ModelState.IsValid)
{
if (UserManager.Login(model.Email, model.Password, out Guid userid))
{
return(this.SendData(JwtTools.Encoder(new Dictionary <string, object>()
{
{ "username", model.Email },
{ "userid", userid }
})));
}
else
{
return(this.ErrorData("Your Email or your password is not correct"));
}
}
else
{
return(this.ErrorData("Your entries are not correct"));
}
}
public IHttpActionResult Login(LoginViewModel model)
{
if (ModelState.IsValid)
{
//viewmodel校验合法性
if (EmployeeManger.Login(model.LoginName, model.Password, out Guid userid))
{
return(this.SendData(JwtTools.Encoder(new Dictionary <string, object> {
{ "username", model.LoginName },
{ "userid", userid }
})
));
}
else
{
return(this.ErrorData("账号或密码错误"));
}
}
else
{
return(this.ErrorData("您输入的数据不合法"));
}
}
public void CreateAndDecypherTokens()
{
var authId = Guid.NewGuid();
var sessionId = Guid.NewGuid();
var scope = new Uri("http://api.example.com/System1");
Func <string, bool> assertFailedReturnFalse = (why) =>
{
Assert.Fail(why);
return(false);
};
var success = JwtTools.CreateToken(sessionId, authId, scope,
TimeSpan.FromDays(1.0),
(jwtToken) =>
{
return(jwtToken.ParseToken(
(claims) =>
{
Assert.AreEqual(sessionId, claims.GetSessionId(sId => sId));
Assert.AreEqual(authId, claims.GetAuthId(aId => aId));
return true;
},
(why) => assertFailedReturnFalse(why),
(setting) => assertFailedReturnFalse(setting),
(setting, why) => assertFailedReturnFalse(setting + ":" + why),
"Example.issuer",
"Example.key"));
},
(setting) => assertFailedReturnFalse(setting),
(setting, why) => assertFailedReturnFalse(setting + ":" + why),
"Example.issuer",
"Example.key");
Assert.IsTrue(success);
}
