/// <summary>
/// 验证token的有效性
/// </summary>
public bool ValidateToken(string token, out int errorCode, out string errorMsg, out User currentUser)
{
currentUser = null;
errorCode = 0;
errorMsg = "";
if (string.IsNullOrWhiteSpace(token))
{
errorCode = 40;
errorMsg = "token不可为空";
return(false);
}
string desc = string.Empty;
try
{
desc = Secure.DecryptStringByDES(token);
}
catch
{
errorCode = 41;
errorMsg = "作废的token";
return(false);
}
string[] sr = desc.Split(':');
if (sr.Length != 2)
{
errorCode = 44;
errorMsg = "过时的token";
return(false);
}
int oid = Convert.ToInt32(sr[0]);
string pwd = sr[1];
var _dbContext = new ModelEntity();
var user = _dbContext.User.Find(oid);
//var user = _dbContext.GetEntity<User>(oid);
if (user == null)
{
errorCode = 42;
errorMsg = "无效的token";
return(false);
}
if (!user.Password.Equals(pwd))
{
errorCode = 43;
errorMsg = "错误的token";
return(false);
}
currentUser = user;
return(true);
}