public static string BuildEncryptedRequest(string email) { var request = new UserTokenModel { email = email }; string jsonRequest = new JavaScriptSerializer().Serialize(request); string encryptedRequest = Encripter.Encrypt(jsonRequest); return encryptedRequest; }
/// <summary> /// 获取Token /// </summary> /// <param name="UserCode"></param> /// <param name="Password"></param> /// <param name="PhoneCode"></param> /// <param name="userid"></param> /// <param name="tokencode"></param> /// <param name="message"></param> /// <returns></returns> public UserTokenModel Login(string UserCode, string Password, string PhoneCode, int LoginMode, out bool flag, out string message) { long vildid = 0; UserTokenModel model = new UserTokenModel(); flag = false; message = string.Empty; lgk.Model.tb_user user = userBLL.GetModel(GetUserID(UserCode.Trim())); if (user == null) { message = GetLanguage("AccountError");//账号或密码错误 return(model); } else if (LoginMode == 1) { if (user.Password.Length == 32 && Password.Trim().Length == 32) { if (user.Password != Password.Trim()) { message = GetLanguage("AccountError");//账号或密码错误 return(model); } } else { //安卓端注册时偶尔会出现传递的md5密码少第一个字符,只传递了31个字符,为了兼容多端登录需要做一下特殊处理 string pwd = user.Password, loginPwd = Password.Trim(); if (user.Password.Length == 32) { pwd = user.Password.Substring(1, user.Password.Length - 1); } if (Password.Trim().Length == 32) { loginPwd = Password.Substring(1, loginPwd.Length - 1); } if (pwd != loginPwd) { message = GetLanguage("AccountError");//账号或密码错误 return(model); } } } else if (LoginMode == 2) { vildid = CheckSMSCode(user.PhoneNum, PhoneCode, 2); if (vildid < 0) { message = "验证码错误"; return(model); } } else if (user.IsLock == 1) { message = "账户已冻结,登录失败"; return(model); } //lgk.Model.SMS smsModel = smsBLL.GetModelByPhoneAndCode(user.PhoneNum, PhoneCode); //if(smsModel == null) //{ // message = "短信验证码无效"; //} //else if(smsModel.IsValid == 1) //{ // message = "短信验证码无效"; //} //else if(smsModel.ValidTime < DateTime.Now) //{ // message = "短信验证码已过期"; //} //else //{ //更新用户当前有效的token为无效 logintokenBLL.UpdateIsValid(user.UserID, 0, 1); //生成 string code = Guid.NewGuid().ToString().Replace("-", "") + new Random().Next(1111, 9999); lgk.Model.tb_LoginToken tokenmodel = new lgk.Model.tb_LoginToken(); tokenmodel.UserID = user.UserID; tokenmodel.SmsCode = PhoneCode; tokenmodel.TokenCode = code; tokenmodel.AddTime = DateTime.Now; tokenmodel.EndTime = DateTime.Now.AddHours(24); tokenmodel.IsValid = 0; //0:有效,1:无效 long lID = logintokenBLL.Add(tokenmodel); if (lID > 0) { model.UserID = user.UserID; model.Token = code; model.UserCode = user.UserCode; model.Hx_password = user.ThreePassword; if (!string.IsNullOrEmpty(user.IdenCode)) { model.IsCardValid = 1; //身份已验证 } else { model.IsCardValid = 0; //身份未验证 } flag = true; message = "登录成功"; } else { message = "登录失败"; } //} return(model); }
public async Task <User> GetUserProfile(UserTokenModel currentUser) { return(await _userRepo.GetByIdAsync(currentUser.UserId)); }
public bool DelClassUser(ClassesUserModel model, UserTokenModel curUser) { return(rep.DelClassUser(model, curUser)); }
public int AddOrEditClasses(ClassesModel c, UserTokenModel curUser) { return(rep.AddOrEditClasses(c, curUser)); }
public int AddOrEditUser(UserModel user, UserTokenModel curUser) { if (user.UserId > 0) { goto editUser; } var ue = user.Adapt <User>(); ue.Password = "******"; var pwd = Atom.Lib.Security.CryptographyUtils.Pwd(ue.Password); ue.Password = pwd.Item1; ue.Salt = pwd.Item2; ue.LoginId = string.IsNullOrWhiteSpace(ue.LoginId) ? Guid.NewGuid().ToString("N") : user.LoginId; //ue.SSN = ue.MobilePhone; ue.AddUserId = curUser.UserId; ue.EditUserId = curUser.UserId; ue.AddTime = DateTime.Now; ue.EditTime = DateTime.Now; db.Set <User>().Add(ue); db.SaveChanges(); if (user.UserType == 1) { var uex = user.Adapt <UserExtLearner>(); uex.AddUserId = curUser.UserId; uex.EditUserId = curUser.UserId; uex.AddTime = DateTime.Now; uex.EditTime = DateTime.Now; uex.UserId = ue.UserId; db.Set <UserExtLearner>().Add(uex); } else if (user.UserType == 2) { var uext = user.Adapt <UserTecherExt>(); uext.AddUserId = curUser.UserId; uext.EditUserId = curUser.UserId; uext.AddTime = DateTime.Now; uext.EditTime = DateTime.Now; uext.UserId = ue.UserId; db.Set <UserTecherExt>().Add(uext); } var uwr = new UserWorkRole(); uwr.IsValid = true; uwr.AddUserId = curUser.UserId; uwr.EditUserId = curUser.UserId; uwr.AddTime = DateTime.Now; uwr.EditTime = DateTime.Now; uwr.RoleCode = user.UserType == 1 ? "learner" : "trainer"; uwr.UserId = ue.UserId; db.Set <UserWorkRole>().Add(uwr); return(db.SaveChanges()); editUser: var exist = db.Set <User>().Find(user.UserId); exist.UserName = user.UserName; exist.MobilePhone = user.MobilePhone; //exist.SSN = user.MobilePhone; exist.Gender = user.Gender; exist.HeadImg = user.HeadImg; exist.BirthDay = user.BirthDay; exist.EditTime = DateTime.Now; exist.EditUserId = curUser.UserId; exist.IsValid = user.IsValid; db.Entry(exist).State = System.Data.Entity.EntityState.Modified; if (user.UserType == 1) { var existuex = db.Set <UserExtLearner>().FirstOrDefault(t => t.UserId == user.UserId); existuex.School = user.School; existuex.Grade = user.Grade; existuex.Likes = user.Likes; existuex.Disposition = user.Disposition; existuex.LikesStuff = user.LikesStuff; existuex.HasEn = user.HasEn; existuex.IsEarlyEdu = user.IsEarlyEdu; existuex.IsHasAllergy = user.IsHasAllergy; existuex.ParentName = user.ParentName; existuex.ParentPhone = user.ParentPhone; existuex.ParentGrade = user.ParentGrade; existuex.ParentDoing = user.ParentDoing; existuex.SendPeople = user.SendPeople; existuex.SendPhone = user.SendPhone; existuex.SendType = user.SendType; existuex.TechPeople = user.TechPeople; existuex.IsHasEduType = user.IsHasEduType; existuex.HasKnowStdudent = user.HasKnowStdudent; existuex.ComLearnType = user.ComLearnType; existuex.EditUserId = curUser.UserId; existuex.EditTime = DateTime.Now; db.Entry(existuex).State = System.Data.Entity.EntityState.Modified; } else if (user.UserType == 2) { var existuext = db.Set <UserTecherExt>().FirstOrDefault(t => t.UserId == user.UserId); existuext.TechHistory = user.TechHistory; existuext.Certificate = user.Certificate; existuext.EditUserId = curUser.UserId; existuext.EditTime = DateTime.Now; db.Entry(existuext).State = System.Data.Entity.EntityState.Modified; } return(db.SaveChanges()); }
public override void OnLoad(HttpContext context) { base.OnLoad(context); requestBody = new RequestBody(); requestBody.accessToken = context.Request["accessToken"]; requestBody.uTo = Convert.ToInt32(context.Request["to"]); requestBody.content = context.Request["content"]; if (requestBody.content.Length == 0 || requestBody.accessToken.Trim().Length == 0 || requestBody.uTo == 0) { SystemResponse.Output(SystemResponse.TYPE_NULLPARAMETER, out statusCode, out responseJson); } else { //验证用户 TokenHelper token = new TokenHelper(); UserTokenModel fromModel = token.getUserToken(requestBody.accessToken); UserTokenModel toModel = token.getUserToken(requestBody.uTo); if (fromModel == null) { SystemResponse.Output(SystemResponse.TYPE_EXPIRE, out statusCode, out responseJson); } else { int msgstatus = 0; #region 入库至本地 ModelAdo <MsgModel> modelAdo = new ModelAdo <MsgModel>(); MsgModel msg = new MsgModel(); msg.ufrom = Convert.ToInt32(fromModel.uid); msg.uto = requestBody.uTo; msg.content = requestBody.content; msg.createTime = StringHelper.ConvertDateTimeInt(DateTime.Now); msg.status = msgstatus; if (modelAdo.Insert(msg) >= 1) { #region 百度推送 if (toModel != null && toModel.bpuserId.Length >= 1 && toModel.channelId.Length >= 1) { //获取插入本地数据 MsgModel msgPush = modelAdo.GetModel("ufrom=?ufrom AND uto=?uto AND createTime=?createTime AND status=0", "", new MySqlParameter("?ufrom", msg.ufrom), new MySqlParameter("?uto", msg.uto), new MySqlParameter("?createTime", msg.createTime)); if (msgPush != null) { try { //百度配置信息 string secretKey = ConfigurationManager.AppSettings["baidu_secret_key"]; string apiKey = ConfigurationManager.AppSettings["baidu_api_key"]; uint depolyStatus = uint.Parse(ConfigurationManager.AppSettings["baidu_depoly_status"]); String messages = ""; TimeSpan ts = (DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0)); uint unixTime = (uint)ts.TotalSeconds; string messageksy = "api"; uint message_type = 1; BaiduPush Bpush = new BaiduPush("POST", secretKey); if (toModel.deviceType == 1) { message_type = 1; toModel.deviceType = 4; IOSNotification notifaction = new IOSNotification(); notifaction.id = msgPush.id; notifaction.ufrom = msgPush.ufrom; notifaction.uto = msgPush.uto; notifaction.content = msgPush.content.Trim(); notifaction.createTime = string.Format("{0:yyyy/MM/dd HH:mm:ss}", System.DateTime.Now); notifaction.type = msgPush.type; notifaction.status = 1; IOSAPS aps = new IOSAPS() { alert = "收到一条新消息", }; notifaction.aps = aps; messages = notifaction.getJsonString(); } else { message_type = 0; toModel.deviceType = 3; BaiduPushNotification notifaction = new BaiduPushNotification(); notifaction.title = ""; //构建custom_content信息 BaiduDescription bdMsg = new BaiduDescription(); bdMsg.id = msgPush.id; bdMsg.ufrom = msgPush.ufrom; bdMsg.uto = msgPush.uto; bdMsg.content = msgPush.content; bdMsg.createTime = string.Format("{0:yyyy/MM/dd HH:mm:ss}", System.DateTime.Now); bdMsg.type = msgPush.type; bdMsg.status = 1; notifaction.description = "收到一条新消息"; notifaction.custom_content = bdMsg; messages = notifaction.getJsonString(); } PushOptions pOpts = new PushOptions("push_msg", apiKey, toModel.bpuserId.ToString(), toModel.channelId.ToString(), Convert.ToUInt32(toModel.deviceType), messages, messageksy, unixTime); pOpts.message_type = message_type; pOpts.deploy_status = depolyStatus; pOpts.push_type = 1; string response = Bpush.PushMessage(pOpts); responseJson = response; msgstatus = 1; //处理数据为已读 if (msg.status == 0) { msgPush.status = 1; modelAdo.Update(msgPush); } //SystemResponse.Output(SystemResponse.TYPE_OK, out statusCode, out responseJson); //responseJson = strBDMsg; } catch (Exception ex) { responseJson = ex.ToString(); SystemResponse.Output(SystemResponse.TYPE_ERROR, out statusCode, out responseJson); } } #endregion } else { SystemResponse.Output(SystemResponse.TYPE_ERROR, out statusCode, out responseJson); } #endregion } } } }
public static void AddToken(UserTokenModel token) { lock (UserTokens) { UserTokens.Add(token); } }
public bool AddOrEditTrain(TrainModel model, UserTokenModel curUser) { if (model.Id > 0) { goto editLogic; } var ue = model.Adapt <Train>(); ue.AddUserId = curUser.UserId; ue.EditUserId = curUser.UserId; ue.AddTime = DateTime.Now; ue.EditTime = DateTime.Now; db.Set <Train>().Add(ue); db.SaveChanges(); model.TeacherIds.ForEach(t => { var te = new TrainTeacher(); te.AddUserId = curUser.UserId; te.EditUserId = curUser.UserId; te.AddTime = DateTime.Now; te.EditTime = DateTime.Now; te.IsValid = true; te.TrainId = ue.Id; te.UserId = t; db.Set <TrainTeacher>().Add(te); }); db.SaveChanges(); var classUsers = db.Set <ClassUser>().Where(t => t.IsValid && t.ClassId == model.ClassId).ToList(); classUsers.ForEach(t => { var te = new TrainLearner(); te.AddUserId = curUser.UserId; te.EditUserId = curUser.UserId; te.AddTime = DateTime.Now; te.EditTime = DateTime.Now; te.IsValid = true; te.TrainId = ue.Id; te.UserId = t.UserId; te.Remark = ""; db.Set <TrainLearner>().Add(te); }); db.SaveChanges(); return(true); editLogic: var exist = db.Set <Train>().Find(model.Id); exist.StartTime = model.StartTime; exist.EndTime = model.EndTime; exist.ClassId = model.ClassId; exist.CourseCode = model.CourseCode; exist.Remark = model.Remark; exist.EditTime = DateTime.Now; exist.EditUserId = curUser.UserId; exist.IsValid = model.IsValid; db.Entry(exist).State = System.Data.Entity.EntityState.Modified; db.SaveChanges(); var existTrainTeachers = db.Set <TrainTeacher>().Where(t => t.IsValid && t.TrainId == exist.Id).ToList(); existTrainTeachers.ForEach(t => { t.IsValid = false; db.Entry(t).State = System.Data.Entity.EntityState.Modified; }); db.SaveChanges(); model.TeacherIds.ForEach(t => { var te = new TrainTeacher(); te.AddUserId = curUser.UserId; te.EditUserId = curUser.UserId; te.AddTime = DateTime.Now; te.EditTime = DateTime.Now; te.IsValid = true; te.TrainId = exist.Id; te.UserId = t; db.Set <TrainTeacher>().Add(te); }); db.SaveChanges(); var existTrainLearners = db.Set <TrainLearner>().Where(t => t.IsValid && t.TrainId == exist.Id).ToList(); existTrainLearners.ForEach(t => { t.IsValid = false; db.Entry(t).State = System.Data.Entity.EntityState.Modified; }); db.SaveChanges(); var classUserse = db.Set <ClassUser>().Where(t => t.IsValid && t.ClassId == model.ClassId).ToList(); classUserse.ForEach(t => { var te = new TrainLearner(); te.AddUserId = curUser.UserId; te.EditUserId = curUser.UserId; te.AddTime = DateTime.Now; te.EditTime = DateTime.Now; te.IsValid = true; te.TrainId = exist.Id; te.UserId = t.UserId; te.Remark = ""; db.Set <TrainLearner>().Add(te); }); db.SaveChanges(); return(true); }
public override void OnLoad(HttpContext context) { base.OnLoad(context); requestBody = new RequestBody(); requestBody.accessToken = context.Request["accessToken"]; requestBody.oid = context.Request["oid"]; requestBody.uid = context.Request["uid"]; if (requestBody.accessToken == null || requestBody.accessToken.Trim().Length == 0 || requestBody.oid.Length == 0 || requestBody.uid.Length == 0) { SystemResponse.Output(SystemResponse.TYPE_NULLPARAMETER, out statusCode, out responseJson); } else { List <int> values = JsonConvert.DeserializeObject <List <int> >(requestBody.uid); //验证用户 TokenHelper token = new TokenHelper(); UserTokenModel userTokenModel = token.getUserToken(requestBody.accessToken); if (userTokenModel == null) { SystemResponse.Output(SystemResponse.TYPE_EXPIRE, out statusCode, out responseJson); } else { //获取订单表数据 ModelAdo <OrderModel> modelAdoOrder = new ModelAdo <OrderModel>(); OrderModel orderModel = modelAdoOrder.GetModel("(id=?id AND ostatus=?ostatus) or (id=?id AND ostatus=?ostatus1) ", "", new MySqlParameter("?id", requestBody.oid), new MySqlParameter("?ostatus", 2), new MySqlParameter("?ostatus1", 1)); if (orderModel != null) { ModelAdo <OrderUserModel> modelAdo = new ModelAdo <OrderUserModel>(); int existCount = modelAdo.GetRecordCount("oid=?oid", new MySqlParameter("?oid", requestBody.oid)); if (existCount >= 1) { int delCount = modelAdo.ExecuteSql("DELETE FROM ct_order_user WHERE oid=?oid", new MySqlParameter("?oid", requestBody.oid)); if (delCount >= 1) { StringBuilder sbValues = new StringBuilder(); sbValues.Append(" INSERT INTO ct_order_user(oid,uid,status,remark) VALUES "); for (int i = 0; i < values.Count; i++) { sbValues.Append("(" + requestBody.oid + "," + values[i] + ",1,'派送中的订单'),"); } sbValues.Remove(sbValues.Length - 1, 1).Append(";"); int inCount = modelAdo.ExecuteSql(sbValues.ToString()); if (inCount >= 1) { if (orderModel != null) { orderModel.ostatus = 2; modelAdoOrder.Update(orderModel); } SystemResponse.Output(SystemResponse.TYPE_OK, out statusCode, out responseJson); } else { SystemResponse.Output(SystemResponse.TYPE_NULL, out statusCode, out responseJson); } } else { SystemResponse.Output(SystemResponse.TYPE_ERROR, out statusCode, out responseJson); } } else { StringBuilder sbValues = new StringBuilder(); sbValues.Append(" INSERT INTO ct_order_user(oid,uid,status) VALUES "); for (int i = 0; i < values.Count; i++) { sbValues.Append("(" + requestBody.oid + "," + values[i] + ",1),"); } sbValues.Remove(sbValues.Length - 1, 1).Append(";"); int inCount = modelAdo.ExecuteSql(sbValues.ToString()); if (inCount >= 1) { SystemResponse.Output(SystemResponse.TYPE_OK, out statusCode, out responseJson); } else { SystemResponse.Output(SystemResponse.TYPE_NULL, out statusCode, out responseJson); } } } else { SystemResponse.Output(SystemResponse.TYPE_NULL, out statusCode, out responseJson); } } } }
public override void OnLoad(HttpContext context) { base.OnLoad(context); requestBody = new RequestBody(); requestBody.accessToken = context.Request["accessToken"]; requestBody.page = Convert.ToInt32(context.Request["page"]); requestBody.pageSize = Convert.ToInt32(context.Request["pageSize"]); requestBody.status = Convert.ToInt32(context.Request["status"]); if (requestBody.accessToken == null || requestBody.accessToken.Trim().Length == 0) { SystemResponse.Output(SystemResponse.TYPE_NULLPARAMETER, out statusCode, out responseJson); } //验证用户 TokenHelper token = new TokenHelper(); UserTokenModel userTokenModel = token.getUserToken(requestBody.accessToken); if (userTokenModel == null) { SystemResponse.Output(SystemResponse.TYPE_EXPIRE, out statusCode, out responseJson); } else { ModelAdo <SupplierOrderModel> orderModel = new ModelAdo <SupplierOrderModel>(); List <SupplierOrderModel> models = null; int pagenumber = requestBody.page == 0 ? 1 : requestBody.page; int totalCount = 1; orderModel.PageSize = requestBody.pageSize == 0 ? orderModel.PageSize : requestBody.pageSize; if (requestBody.status == 4) { ModelAdo <OrderModel> closeOrderModel = new ModelAdo <OrderModel>(); List <OrderModel> closeOrderModels = closeOrderModel.GetList(pagenumber, " sendUid=?sendUid AND ostatus=5", "", out totalCount, "", new MySqlParameter("?sendUid", userTokenModel.uid) ); if (closeOrderModels.Count >= 1) { //构建返回对象 List <Order> orders = new List <Order>(); foreach (OrderModel model in closeOrderModels) { Order order = new Order(); order.uid = model.uid.ToString(); order.title = model.title; order.createDate = string.Format("{0:d}", StringHelper.GetNomalTime(model.createDate)); order.status = model.ostatus; order.price = model.amount.ToString("f2"); order.oid = model.id.ToString(); order.type = model.otid; Ext from = new Ext(); from.uid = model.uid.ToString(); from.city = model.address1; from.date = string.Format("{0:d}", StringHelper.GetNomalTime(model.time1)); order.from = from; Ext to = new Ext(); to.uid = model.uid.ToString(); to.city = model.address2; to.date = string.Format("{0:d}", StringHelper.GetNomalTime(model.time2)); order.to = to; orders.Add(order); } responseBody = new ResponseBody { page = 1, pageTotal = (totalCount + orderModel.PageSize - 1) / orderModel.PageSize, total = totalCount, orders = orders }; responseJson = JsonConvert.SerializeObject(responseBody, Formatting.Indented); } else { SystemResponse.Output(SystemResponse.TYPE_NULL, out statusCode, out responseJson); } } else { if (requestBody.status == 0) { models = orderModel.GetList(pagenumber, " uid=?uid ", "", out totalCount, "", new MySqlParameter("?uid", userTokenModel.uid) ); } else { models = orderModel.GetList(pagenumber, " uid=?uid AND status=?status", "", out totalCount, "", new MySqlParameter("?uid", Convert.ToInt32(userTokenModel.uid)), new MySqlParameter("?status", requestBody.status) ); } if (models.Count >= 1) { //构建返回对象 List <Order> orders = new List <Order>(); foreach (SupplierOrderModel model in models) { Order order = new Order(); order.uid = model.uid.ToString(); order.oid = model.oid.ToString(); order.title = model.title; order.createDate = string.Format("{0:d}", StringHelper.GetNomalTime(model.createDate)); order.status = model.ostatus; order.price = model.amount.ToString("f2"); order.type = model.otid; Ext from = new Ext(); from.uid = model.uid.ToString(); from.city = model.address1; from.date = string.Format("{0:d}", StringHelper.GetNomalTime(model.time1)); order.from = from; Ext to = new Ext(); to.uid = model.uid.ToString(); to.city = model.address2; to.date = string.Format("{0:d}", StringHelper.GetNomalTime(model.time2)); order.to = to; orders.Add(order); } responseBody = new ResponseBody { page = 1, pageTotal = (totalCount + orderModel.PageSize - 1) / orderModel.PageSize, total = totalCount, orders = orders }; responseJson = JsonConvert.SerializeObject(responseBody, Formatting.Indented); } else { SystemResponse.Output(SystemResponse.TYPE_NULL, out statusCode, out responseJson); } } } }
public int AddOrEditUser(UserModel user, UserTokenModel curUser) { var result = rep.AddOrEditUser(user, curUser); return(result); }
//private static readonly log4net.ILog log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType); protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { //log4net.GlobalContext.Properties["ClientIP"] = request.GetClientIP(); //Evitar que requisições específicas e de documentação SWASHBUCKLE sejam verificadas. if (request.RequestUri.Segments.Any(s => s.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries).Contains("swagger")) || request.RequestUri.Segments.Any(s => s.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries).Contains("help")) || request.RequestUri.Segments.Any(s => s.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries).Contains("hangfire")) || request.RequestUri.ToString().ToLower().Contains("account/authenticate")) { return(await base.SendAsync(request, cancellationToken)); } //TokenMessage tokenMsg; HttpResponseMessage reply; IEnumerable <string> keys = null; if (request.Headers.TryGetValues("token", out keys) && !string.IsNullOrEmpty(keys.First())) { try { string token = keys.First(); var plainTextSecurityKey = "PosGraduacaoTcc2017WilsonDonizetti"; var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(plainTextSecurityKey)); var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); var tokenValidationParameters = new TokenValidationParameters() { ValidAudiences = new string[] { "http://my.website.com", "http://my.otherwebsite.com" }, ValidIssuers = new string[] { "http://my.tokenissuer.com", "http://my.othertokenissuer.com" }, IssuerSigningKey = signingKey }; SecurityToken validatedToken; ClaimsPrincipal principal = tokenHandler.ValidateToken(token, tokenValidationParameters, out validatedToken); if (principal == null || principal.Identity.IsAuthenticated == false) { #region Identidade do usuário ou máquina cliente inválida. var tokenMsg = new UserTokenModel() { Success = false, Token = null, Message = $"{(short)HttpStatusCode.Unauthorized} - {HttpStatusCode.Unauthorized.ToString()} (Identidade do usuário ou máquina cliente inválida.)" }; reply = request.CreateResponse(HttpStatusCode.Unauthorized, tokenMsg); //log.Info($"{token.User} - {token.IP} - {request.RequestUri.ToString()} - {tokenMsg.Message}"); return(await Task.FromResult(reply)); #endregion } //Set The User Principal request.Properties.Add("MS_UserPrincipal", principal); HttpContext.Current.User = principal; Thread.CurrentPrincipal = principal; } catch (Exception ex) { #region Erro no processamento do Token. string msgEx = (ex.Message.Length <= 100) ? ex.Message : string.Concat(ex.Message.Substring(0, 100), "..."); var tokenMsg = new UserTokenModel() { Success = false, Token = null, Message = $"{(short)HttpStatusCode.BadRequest} - {HttpStatusCode.BadRequest.ToString()} (Erro no processamento do Token. [{msgEx}])" }; reply = request.CreateResponse(HttpStatusCode.BadRequest, tokenMsg); //log.Info($"{request.RequestUri.ToString()} - {tokenMsg.Message}"); return(await Task.FromResult(reply)); #endregion } } else { #region Token inexistente. var tokenMsg = new UserTokenModel { Success = false, Token = null, Message = $"{(short)HttpStatusCode.ExpectationFailed} - {HttpStatusCode.ExpectationFailed.ToString()} (Token inexistente.)" }; reply = request.CreateResponse(HttpStatusCode.ExpectationFailed, tokenMsg); //log.Info($"{request.RequestUri.ToString()} - {tokenMsg.Message}"); return(await Task.FromResult(reply)); #endregion } //log.Info($"{request.RequestUri.ToString()} - {HttpStatusCode.OK.ToString()}"); return(await base.SendAsync(request, cancellationToken));; }
protected async Task SetUserTokenAsync(UserTokenModel userToken) { await _secureStoreService .SetUserTokenAsync(userToken); }
public override void OnActionExecuting(ActionExecutingContext context) { base.OnActionExecuting(context); //是否启用令牌验证 var rquired = SiteConfig.GetSite("CustomConfiguration", "IsVerifyToken").ToLower() == "true"; if (!rquired) { return; } var rquireduas = SiteConfig.GetSite("CustomConfiguration", "IsVerifyUasToken").ToLower() == "true"; //是否匿名访问验证 var isDefined = false; if (context.ActionDescriptor is ControllerActionDescriptor controllerActionDescriptor) { isDefined = controllerActionDescriptor.MethodInfo.GetCustomAttributes(inherit: true) .Any(a => a.GetType().Equals(typeof(AnonymousFilter))); } if (isDefined) { return; } JsonSerializerSettings setting = Util.GetJsonSetting(); try { var requestHead = context.HttpContext.Request.Headers; var ReqUserToken = requestHead["ReqUserToken"]; var ReqUserId = requestHead["ReqUserId"]; var ReqDateExpire = requestHead["ReqDateExpire"]; var ReqUasToken = requestHead["ReqUasToken"]; var ReqUasSub = requestHead["ReqUasSub"]; UserTokenModel token = getUserToken(ReqUserToken, ReqUserId, ReqDateExpire); if (token == null || string.IsNullOrEmpty(token.ReqUserId) || string.IsNullOrEmpty(token.ReqUserToken)) { var requestQuery = context.HttpContext.Request.Query; ReqUserToken = requestQuery["ReqUserToken"]; ReqUserId = requestQuery["ReqUserId"]; ReqDateExpire = requestQuery["ReqDateExpire"]; ReqUasToken = requestQuery["ReqUasToken"]; ReqUasSub = requestQuery["ReqUasSub"]; token = getUserToken(ReqUserToken, ReqUserId, ReqDateExpire); } if (token == null) { token = new UserTokenModel { ReqUserId = string.Empty }; } if (token.ReqUserId == string.Empty || string.IsNullOrEmpty(token.ReqUserToken)) { context.Result = new JsonResult(new ApiReponseModel <string>() { Code = ApiResponseCode.businessfail, Message = "无效的令牌请求参数" }, setting); } else { //验证用户令牌 var message = string.Empty; try { if (rquireduas) { //Log.Log4netHelper.Error(this, "ReqUasToken:" + ReqUasToken + ">>ReqUasSub:" + ReqUasSub); if (string.IsNullOrEmpty(ReqUasToken) || string.IsNullOrEmpty(ReqUasSub)) { message = "UasToken验证失败:ReqUasToken或ReqUasSub为空"; } else if (!RedisOperation.RedisHelper.Default.KeyExists(ReqUasSub)) { message = "UasToken验证失败:Redis中不存在Key"; } else { var redisUasToken = RedisOperation.RedisHelper.Default.GetStringKey <string>(ReqUasSub); if (!redisUasToken.Equals(ReqUasToken)) { message = "UasToken验证失败:redis中的key与传递的key不相等"; } } } if (string.IsNullOrEmpty(message)) { var rsa = new RSAHelper(RSAType.RSA2); var decrypt = rsa.Decrypt(token.ReqUserToken); if (string.IsNullOrEmpty(decrypt) || decrypt.Length != 36) { message = "错误的用户令牌"; } else if (decrypt != token.ReqUserId) { message = "用户信息错误,请重新登录"; } } } catch (Exception ex) { message = Util.ExceptionMessage(ex); } if (string.IsNullOrEmpty(message)) { return; } context.Result = new JsonResult(new ApiReponseModel <string>() { Code = ApiResponseCode.businessfail, Message = message }, setting); } } catch (Exception ex) { var message = Util.ExceptionMessage(ex); context.Result = new JsonResult(new ApiReponseModel <string>() { Code = ApiResponseCode.businessfail, Message = message }, setting); } }