62,072
社区成员
发帖
与我相关
我的任务
分享
using AHF.Haohuo.Tools.EncryptionDecryption;
using AHF.Haohuo.Tools.Logger;
using AHF.Haohuo.Tools.Redis;
using AHF.Haohuo.Web.Parameter;
using AHF.Haohuo.Web.Tools;
using Newtonsoft.Json;
using System;
using System.Web;
using System.Web.Mvc;
namespace AHF.Haohuo.Web.Filters
{
/// <summary>
/// Token访问验证, 加上此特性, 代表该Action都需要验证token是否正确. 默认所有的Action都要进行token验证
/// 如某个Action不需要进行验证, 请在Action上加[AllowAnonymous]特性
/// </summary>
[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)]
public class ToKenCheckAttribute : FilterAttribute, IAuthorizationFilter
{
public void OnAuthorization(AuthorizationContext filterContext)
{
var cookie = filterContext.HttpContext.Request.Cookies[WebConfigs.UserTokenName];
if (cookie == null)
{
filterContext.HttpContext.Response.Redirect($"/Base/Alert?msg={MsgConfig.TokenCheckError}&path={WebConfigs.HomePath}", true);
return;
}
Token token = JsonConvert.DeserializeObject<Token>(CloudCharMD5.MD5Decrypt(cookie.Value));
if (token == null)
{
filterContext.HttpContext.Response.Redirect($"/Base/Alert?msg={MsgConfig.TokenCheckError}&path={WebConfigs.HomePath}", true);
return;
}
Token redisToken = null;
using (RedisOperator redis = new RedisOperator())
{
redisToken = redis.Get<Token>(token.ItemGuid, RedisDataBase.User);
}
if (redisToken == null)
{
filterContext.HttpContext.Response.Redirect($"/Base/Alert?msg={MsgConfig.TokenCheckError}&path={WebConfigs.HomePath}", true);
return;
}
try
{
if (token.ItemGuid != redisToken.ItemGuid)
{
filterContext.HttpContext.Response.Redirect($"/Base/Alert?msg={MsgConfig.TokenCheckError}&path={WebConfigs.HomePath}", true);
this.ClearUserToken(token.ItemGuid);
return;
}
if (token.UserAgent != redisToken.UserAgent)
{
filterContext.HttpContext.Response.Redirect($"/Base/Alert?msg={MsgConfig.BrowserChange}&path={WebConfigs.HomePath}", true);
this.ClearUserToken(token.ItemGuid);
return;
}
if (token.IP != redisToken.IP)
{
filterContext.HttpContext.Response.Redirect($"/Base/Alert?msg={MsgConfig.IpChange}&path={WebConfigs.HomePath}", true);
this.ClearUserToken(token.ItemGuid);
return;
}
if ((DateTime.Now - token.Date).Minutes >= WebConfigs.UserGuoqiTime)
{
filterContext.HttpContext.Response.Redirect($"/Base/Alert?msg={MsgConfig.TokenGuoqi}&path={WebConfigs.HomePath}", true);
this.ClearUserToken(token.ItemGuid);
return;
}
token.Date = DateTime.Now;
filterContext.HttpContext.Response.Cookies.Add(new HttpCookie(token.ItemGuid) { Value = CloudCharMD5.MD5Encrypt(JsonConvert.SerializeObject(token)) });
using (RedisOperator redis = new RedisOperator())
{
redis.SetExpire(token.ItemGuid, DateTime.Now.AddMinutes(WebConfigs.UserGuoqiTime), RedisDataBase.User);
}
}
catch (Exception ex)
{
LoggerManager.Error(ex);
filterContext.HttpContext.Response.Redirect($"/Base/Alert?msg={MsgConfig.TokenCheckError}&path={WebConfigs.HomePath}", true);
this.ClearUserToken(token.ItemGuid);
return;
}
}
/// <summary>
/// 验证失败, 清除redis
/// </summary>
/// <param name="key">Key</param>
private void ClearUserToken(string key)
{
using (var redis = new RedisOperator())
{
redis.Remove(key, RedisDataBase.User);
}
}
}
}