From 682b14d40654ed29b0b36f433916e37b5e30b080 Mon Sep 17 00:00:00 2001 From: Argo-Lenovo Date: Wed, 30 Nov 2016 19:40:57 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0BAToken=E6=8E=88=E6=9D=83?= =?UTF-8?q?=E6=A8=A1=E5=BC=8F=EF=BC=8C=E6=94=AF=E6=8C=81WebApi=E6=8E=88?= =?UTF-8?q?=E6=9D=83=E9=AA=8C=E8=AF=81=EF=BC=8CHeader=E8=AE=BE=E7=BD=AETok?= =?UTF-8?q?en?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../App_Start/BAAPIAuthorizaAttribute.cs | 33 +++++++++++++-- .../Controllers/LoginController.cs | 41 ++++++++++++++----- 2 files changed, 61 insertions(+), 13 deletions(-) diff --git a/Bootstrap.Admin/App_Start/BAAPIAuthorizaAttribute.cs b/Bootstrap.Admin/App_Start/BAAPIAuthorizaAttribute.cs index 71696b6d..a11a6fcb 100644 --- a/Bootstrap.Admin/App_Start/BAAPIAuthorizaAttribute.cs +++ b/Bootstrap.Admin/App_Start/BAAPIAuthorizaAttribute.cs @@ -1,4 +1,6 @@ -using Bootstrap.DataAccess; +using Bootstrap.Admin.Controllers; +using Bootstrap.DataAccess; +using Longbow.Caching; using Longbow.Security.Principal; using System.Linq; using System.Security.Principal; @@ -23,10 +25,35 @@ namespace Bootstrap.Admin if (principal.Identity.IsAuthenticated) { if (LgbPrincipal.IsAdmin(principal.Identity.Name)) return true; - var roles = RoleHelper.RetrieveRolesByUserName(principal.Identity.Name).Select(r => r.RoleName); - actionContext.ControllerContext.RequestContext.Principal = new LgbPrincipal(principal.Identity, roles); + SetPrincipal(principal.Identity, actionContext); + } + else + { + if (actionContext.Request.Headers.Contains("Token")) + { + try + { + var token = actionContext.Request.Headers.GetValues("Token").First(); + if (!string.IsNullOrEmpty(token)) + { + var auth = CacheManager.Get(token); + if (auth != null && !string.IsNullOrEmpty(auth.UserName)) + { + SetPrincipal(new GenericIdentity(auth.UserName, "BAToken"), actionContext); + return true; + } + } + } + catch { } + } } return base.IsAuthorized(actionContext); } + + private static void SetPrincipal(IIdentity identity, HttpActionContext actionContext) + { + var roles = RoleHelper.RetrieveRolesByUserName(identity.Name).Select(r => r.RoleName); + actionContext.ControllerContext.RequestContext.Principal = new LgbPrincipal(identity, roles); + } } } \ No newline at end of file diff --git a/Bootstrap.Admin/Controllers/LoginController.cs b/Bootstrap.Admin/Controllers/LoginController.cs index 5040952a..00f0002c 100644 --- a/Bootstrap.Admin/Controllers/LoginController.cs +++ b/Bootstrap.Admin/Controllers/LoginController.cs @@ -1,4 +1,8 @@ -using System.Web.Http; +using Bootstrap.DataAccess; +using Longbow.Caching; +using System; +using System.Web.Http; +using System.Web.Security; namespace Bootstrap.Admin.Controllers { @@ -15,16 +19,33 @@ namespace Bootstrap.Admin.Controllers /// /// /// - public class LoginInfo + /// + /// + /// + [AllowAnonymous] + [HttpPost] + public LoginInfo Post(string userName, string password) { - /// - /// - /// - public string UserName { get; set; } - /// - /// - /// - public string Token { get; set; } + if (UserHelper.Authenticate(userName, password)) + { + var token = Guid.NewGuid().ToString(); + return CacheManager.AddOrUpdate(token, int.Parse(Math.Round(FormsAuthentication.Timeout.TotalSeconds).ToString()), k => new LoginInfo() { UserName = userName, Token = token }, (k, info) => info, "Token 数据缓存"); + } + return new LoginInfo(); } } + /// + /// + /// + public class LoginInfo + { + /// + /// + /// + public string UserName { get; set; } + /// + /// + /// + public string Token { get; set; } + } }