示例#1
0
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            Random       random       = new Random();
            M_Online     obj          = new M_Online();
            M_TokenTable t_obj        = new M_TokenTable();
            RefreshToken refreshToken = new RefreshToken();
            string       ErrMsg       = string.Empty;
            bool         bl           = false;
            var          user_agent   = filterContext.HttpContext.Request.Headers.Get("User-Agent");
            var          token        = filterContext.HttpContext.Session["Token"];
            var          refroken     = filterContext.HttpContext.Request.Cookies["RefreshToken"];
            var          oid          = filterContext.HttpContext.Session["id"];
            var          uid          = filterContext.HttpContext.Session["uid"];

            if (uid is null)
            {
                uid = filterContext.HttpContext.Request.Cookies["uid"];             //如果Session没有uid就去Cookie拿
            }
            if (uid is null)
            {
                filterContext.HttpContext.Response.Redirect("/Home/login");             //如果Cookie没有uid就跳转登录界面
            }
            if (oid is null)
            {
                oid = filterContext.HttpContext.Request.Cookies["id"];             //Session没有oid就去Cookie拿
            }
            if (oid is null)
            {
                bl = true;
            }
            else
            {
                obj.ID = (int)oid;
                int i = (int)oid;
                if (B_Online.Select(ref obj, obj.ID, ref ErrMsg) != -1)
                {
                    string tmpstr = RefreshToken.CreateToken(obj.ID, user_agent, obj.Token);
                    if (!string.Equals(tmpstr, token.ToString()))
                    {
                        bl = true;
                    }
                }
            }
            if (refroken is null)
            {
                filterContext.HttpContext.Response.Redirect("/Home/login");
            }
            long now = (long)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds;

            if (now > t_obj.Exp)
            {
                filterContext.HttpContext.Response.Redirect("/Home/login");
            }
            if (RefreshToken.AuthenticationRefToken(refroken.Value, t_obj.AesKey, t_obj.AesIV, ref refreshToken, ref ErrMsg))
            {
                base.OnActionExecuting(filterContext);
            }
        }
示例#2
0
        public ActionResult Login(Models.LoginViewModel model)
        {
            Random          r      = new Random();
            RefreshToken    rt     = new RefreshToken();
            M_TokenTable    mtt    = new M_TokenTable();
            M_EmployeeLogin obj    = new M_EmployeeLogin();
            M_Online        mol    = new M_Online();
            string          ErrMsg = string.Empty;

            if (B_EmployeeLogin.Login(ref obj, model.LoginTel, model.Password, ref ErrMsg) != -1)
            {
                try
                {
                    mol.PastTime  = (long)DateTime.UtcNow.AddMinutes(30).Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds;
                    mol.LastLogin = DateTime.Now;
                    mol.Admin_BL  = 1;
                    mol.Token     = r.NextDouble().ToString();
                    B_Online.Insert(ref mol, ref ErrMsg);
                    rt.iss = "lzfyhgm";
                    rt.exp = (long)DateTime.UtcNow.AddDays(30).Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds;
                    rt.iat = (long)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds;;
                    byte[] key = AES.Md5((rt.exp * r.NextDouble()).ToString(), AES.Md5DataType.t32);
                    byte[] IV  = AES.Md5((rt.iat * r.NextDouble()).ToString(), AES.Md5DataType.t16);
                    mtt.AesIV   = Convert.ToBase64String(key);
                    mtt.AesKey  = Convert.ToBase64String(IV);
                    mtt.Exp     = rt.exp;
                    mtt.User_ID = obj.ID;
                    mtt.Sign    = RefreshToken.Sign(rt);
                    B_TokenTable.Insert(ref mtt, ref ErrMsg);
                    string refreshtoken = RefreshToken.CreateReftoken(rt, key, IV, obj.ID);
                    string user_agent   = HttpContext.Request.Headers.Get("User-Agent");
                    string token        = RefreshToken.CreateToken(obj.ID, user_agent, mol.Token);
                    UseCookie.Add("UserName", model.LoginTel, DateTime.Now.AddMinutes(30));
                    UseSession.Add("UserName", model.LoginTel);
                    UseCookie.Add("UserID", obj.ID.ToString(), DateTime.Now.AddMinutes(30));
                    UseSession.Add("UserID", obj.ID.ToString());
                    UseCookie.Add("token", token, DateTime.Now.AddMinutes(30));
                    UseSession.Add("token", token);
                    UseCookie.Add("RefreshToken", refreshtoken, DateTime.Now.AddDays(30));
                }
                catch (Exception ex)
                {
                    Response.Write(ex.Message);
                    return(View());
                }
                return(RedirectToAction("Index"));
            }
            Response.Write(ErrMsg);
            return(View());
        }