private void OnAuthenticate(HttpContext context)
{
if (context.User == null)
{//用户是否认证
MaUserTicket _ticket = MaSecurityHelper.GetTicketFormCookie();
if (_ticket != null)
{
if (!_ticket.Expired)
{
#region 票证有效进行延期
if (!string.IsNullOrEmpty(_ticket.Username))
{
bool _isDefer = false;
if (MaSecurityConfig.Instance.ValidateIP)
{ //需要验证IP
if (_ticket.Ip != MaWebUtility.GetIP())
{ //ip验证不通过,退出登录
MaSecurityHelper.SignOut();
return;
}
else
{
_isDefer = true;
}
}
//设置用户
Type type = System.Web.Compilation.BuildManager.GetType(MaSecurityConfig.Instance.MaPrincipalType, false, false);
context.User = Activator.CreateInstance(type, new object[] { _ticket.Username }) as MaPrincipal;
//更新过期时间
if (_isDefer && _ticket.SlidingExpiration)
{
//更新cookie
HttpContext.Current.Response.Cookies.Add(MaSecurityHelper.GetAuthCookie(_ticket));
}
}
#endregion
}
else
{
//登录超时
}
}
}
else
{
//已有用户信息
}
}
/// <summary>
/// 为提供的用户名创建一个身份验证票证,并将其添加到响应的cookie集合或URL
/// </summary>
/// <param name="username">已验证身份的用户的名称</param>
/// <param name="createPersistentCookie">持久cookie</param>
public static void SetAuthCookie(string username, bool createPersistentCookie)
{
if (string.IsNullOrEmpty(username))
{
return;
}
//生成用户票证
MaUserTicket _userTicket = new MaUserTicket(username, MaSecurityConfig.Instance.Timeout, MaSecurityConfig.Instance.SlidingExpiration, createPersistentCookie);
//写入cookie
HttpContext.Current.Response.Cookies.Add(GetAuthCookie(_userTicket));
//设置用户
Type type = System.Web.Compilation.BuildManager.GetType(MaSecurityConfig.Instance.MaPrincipalType, false, false);
HttpContext.Current.User = Activator.CreateInstance(type, new object[] { username }) as MaPrincipal;
}
/// <summary>
/// 根据用户票证获取cookie
/// </summary>
/// <param name="userTicket"></param>
/// <returns></returns>
public static HttpCookie GetAuthCookie(MaUserTicket userTicket)
{
//根据用户票证生成cookie
HttpCookie cookie = new HttpCookie(MaSecurityConfig.Instance.CookieName, userTicket.ToString());
cookie.HttpOnly = false;
cookie.Path = MaSecurityConfig.Instance.CookiePath;
cookie.Secure = MaSecurityConfig.Instance.RequireSSL;
if (MaSecurityConfig.Instance.CookieDomain != null)
{
cookie.Domain = MaSecurityConfig.Instance.CookieDomain;
}
if (userTicket.CreatePersistentCookie)
{//创建持久cookie
cookie.Expires = userTicket.Expiration;
}
return(cookie);
}
/// <summary>
/// 从cookie获得用户票证
/// </summary>
/// <returns></returns>
public static MaUserTicket GetTicketFormCookie()
{
HttpCookie _cookie = HttpContext.Current.Request.Cookies[MaSecurityConfig.Instance.CookieName];
if (_cookie == null)
{
return(null);
}
try
{
MaUserTicket _userTicket = new MaUserTicket(_cookie.Value);
return(_userTicket);
}
catch
{
SignOut();
return(null);
}
}