Skip to content

M
mall.oytour.com
Commit 09ef9726 authored by 黄奎's avatar 黄奎
Browse files
Options

页面修改

parent c873ac83
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 124 additions and 202 deletions
Mall.Common/GlobalKey.cs
View file @ 09ef9726
......@@ -12,18 +12,22 @@ namespace Mall.Common
public class GlobalKey
{
#region 系统配置
/// <summary>
/// 请求异常
/// </summary>
public const string Request_Exception = "Request_Exception";
/// <summary>
/// 当前请求model
/// </summary>
public const string Current_Assembly_Model = "Current_Assembly_Model";
/// <summary>
/// 配置文件缓存前缀
/// </summary>
public const string ConfigPrefix = "CONFIG_KEY_";
/// <summary>
/// 当前请求Token携带的UserInfo
/// </summary>
......
Mall.WebApi/Filter/ApiFilterAttribute.cs
View file @ 09ef9726
using JWT;
using JWT.Serializers;
using Newtonsoft.Json;
using Newtonsoft.Json.Linq;
using Mall.Common;
using Mall.Common.API;
using Mall.Common.Plugin;
using System;
using System.Collections.Generic;
using System.IO;
using System.Net;
using System.Text;
using Microsoft.AspNetCore.Mvc.Filters;
using System.Configuration;
using Mall.Common.Models;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Configuration.Json;
using Mall.CacheManager.User;
using System.Linq;
using Microsoft.AspNetCore.Mvc.Authorization;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http.Features;
......@@ -29,8 +21,6 @@ namespace Mall.WebApi.Filter
/// </summary>
public class ApiFilterAttribute : ActionFilterAttribute
{
//private readonly string Key = "_ApiOnActionMonitorLog_";
/// <summary>
/// OnActionExecuting
/// </summary>
......@@ -63,6 +53,7 @@ namespace Mall.WebApi.Filter
{
isCheckToken = false;
}
#region Token校验
if (isCheckToken)
{
......@@ -165,7 +156,6 @@ namespace Mall.WebApi.Filter
}
}
#endregion
}
/// <summary>
......@@ -185,33 +175,8 @@ namespace Mall.WebApi.Filter
/// <returns></returns>
private JObject DoApiMonitorLog(ActionExecutingContext actionContext, ref string token)
{
JObject parm = new JObject();
var request = actionContext.HttpContext.Request;
#region 如果参数是json实体对象,获取序列化后的数据
request.EnableBuffering();
string responseData = "";
using (var reader = new StreamReader(request.Body, encoding: Encoding.UTF8))
{
var body = reader.ReadToEndAsync();
// Do some processing with body…
// Reset the request body stream position so the next middleware can read it
responseData = body.Result;
request.Body.Position = 0;
}
if (!string.IsNullOrWhiteSpace(responseData.Trim()))
{
try
{
parm = JObject.Parse(responseData);
actionContext.HttpContext.Items[GlobalKey.UserPostInfo] = responseData;
}
catch (Exception ex)
{
LogHelper.Write(ex, string.Format("DoApiMonitorLog:{0}", responseData));
}
token = JsonHelper.GetStringValue(parm, "token");
}
#endregion
JObject parm = Helper.ApiTokenHelper.GetRequestParameters(request, ref token);
return parm;
}
......@@ -222,36 +187,13 @@ namespace Mall.WebApi.Filter
/// <param name="token"></param>
private static void JWTValidat(ActionExecutingContext actionContext, string token)
{
//解析token,校验是否失效
if (!string.IsNullOrEmpty(token))
{
//解析token,校验是否失效
try
{
IJsonSerializer serializer = new JsonNetSerializer();
IDateTimeProvider provider = new UtcDateTimeProvider();
IJwtValidator validator = new JwtValidator(serializer, provider);
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder);
string secret = Config.JwtSecretKey;
var json = decoder.Decode(token, secret, verify: true);//token为之前生成的字符串
JObject jwtJson = JObject.Parse(json);
actionContext.HttpContext.Items[GlobalKey.TokenUserInfo] = jwtJson["mall_userInfo"];
//TokenUserInfo userInfo = JsonConvert.DeserializeObject<TokenUserInfo>(muserInfo.ToString());
//if (userInfo != null && userInfo.requestFrom == Common.Enum.ApiRequestFromEnum.MiniProgram)
//{
// //查询是否是黑名单
// AppletUserInfo uInfo = UserReidsCache.GetAppletUserBlacklistInfo(userInfo.uid);
// if ((uInfo?.Blacklist ?? 0) == 1)
// {
// actionContext.Result = new Microsoft.AspNetCore.Mvc.JsonResult(
// new ApiResult
// {
// resultCode = (int)ResultCode.TokenIllegal,
// message = "已进入黑名单,无法访问",
// data = null
// });
// }
//}
var userInfo= Helper.ApiTokenHelper.ParsingToken(token);
actionContext.HttpContext.Items[GlobalKey.TokenUserInfo] = JObject.Parse(Common.Plugin.JsonHelper.Serialize(userInfo));
}
catch (SignatureVerificationException sve)
{
......
Mall.WebApi/Helper/ApiTokenHelper.cs
View file @ 09ef9726
......@@ -3,11 +3,12 @@ using JWT.Algorithms;
using JWT.Serializers;
using Mall.Common.API;
using Mall.Common.Plugin;
using Microsoft.AspNetCore.Http;
using Newtonsoft.Json.Linq;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using System.IO;
using System.Text;
namespace Mall.WebApi.Helper
{
......@@ -37,8 +38,7 @@ namespace Mall.WebApi.Helper
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
string secret = Common.Config.JwtSecretKey;
string token = encoder.Encode(payload, secret);
string token = encoder.Encode(payload, Common.Config.JwtSecretKey);
return token;
}
......@@ -50,15 +50,15 @@ namespace Mall.WebApi.Helper
public static TokenUserInfo ParsingToken(string token)
{
TokenUserInfo tokenUser = new TokenUserInfo();
if (string.IsNullOrEmpty(token))
if (!string.IsNullOrEmpty(token))
{
IJsonSerializer serializer = new JsonNetSerializer();
IDateTimeProvider provider = new UtcDateTimeProvider();
IJwtValidator validator = new JwtValidator(serializer, provider);
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder);
string secret = Common.Config.JwtSecretKey;
var json = decoder.Decode(token, secret, verify: true);//token为之前生成的字符串
//token为之前生成的字符串
var json = decoder.Decode(token, Common.Config.JwtSecretKey, verify: true);
if (!string.IsNullOrEmpty(json))
{
JObject jwtJson = JObject.Parse(json);
......@@ -69,5 +69,46 @@ namespace Mall.WebApi.Helper
}
return tokenUser;
}
/// <summary>
/// 解析Request参数
/// </summary>
/// <param name="request"></param>
/// <param name="token"></param>
/// <returns></returns>
public static JObject GetRequestParameters(HttpRequest request, ref string token)
{
JObject parm = new JObject();
//如果参数是json实体对象,获取序列化后的数据
request.EnableBuffering();
string responseData = "";
try
{
using (var reader = new StreamReader(request.Body, encoding: Encoding.UTF8))
{
var body = reader.ReadToEndAsync();
responseData = body.Result;
request.Body.Position = 0;
}
}
catch (Exception ex)
{
Common.Plugin.LogHelper.Write(ex, "GetRequestParameters");
}
if (!string.IsNullOrWhiteSpace(responseData.Trim()))
{
try
{
parm = JObject.Parse(responseData);
request.HttpContext.Items[Common.GlobalKey.UserPostInfo] = responseData;
}
catch (Exception ex)
{
LogHelper.Write(ex, string.Format("DoApiMonitorLog:{0}", responseData));
}
token = JsonHelper.GetStringValue(parm, "token");
}
return parm;
}
}
}
Mall.WebApi/Startup.cs
View file @ 09ef9726
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment