token);RedisNetHelper.Set string (key

时间:2022-01-13 09:01:24

一、作为认证处事器,首先需要供给一个可以通过appid/appsecret来获取token这样的一个接口,于是便有了以下代码。

public class AuthController : ApiController { [HttpGet] public HttpResponseMessage Token(string appid = "", string appsecret = "") { ApiResponseEntity rep; var isv = AppManage.Instance.GetAppISV(appid, appsecret); if (isv != null) { string token = TokenManage.Instance.CreateToken(appid); rep = new ApiResponseEntity { Status = InterfaceStatus.Success, BizData = new { AccessToken = token } }; } else { rep = new ApiResponseEntity() { Status = InterfaceStatus.Parm_Missing, Message = "param error" }; } return rep.ToHttpResponseMessage(); } }

View Code

创建token的算法可以自行实现,我是将新生成的Guid做了一下md5措置惩罚惩罚,代码如下:

public string CreateToken(string appid) { string token = Guid.NewGuid().ToString().ToMd5(); Set(token, appid); return token; }

View Code

上文可以看到,在生成token了以后,就一个SetToken,就是将token存储在缓存里面,并设置了一按时间的保留周期,代码如下:

public void Set(string token, string appid) { var config = ServerConfigManage.Instance.GetServerConfig(); string key = string.Format(RedisCacheKey.App_Token, token); RedisNetHelper.Set<string>(key, appid, DateTime.Now.AddSeconds(config.TokenSurvivalTime)); }

View Code

为什么要用token做key,是因为token的变换会导致isv token验证掉效,但是用token做key就可以在存活周期内,这个key都可以使用,制止了多线程获取token,,或是其他原因导致的token掉效。作为认证处事器,还需要供给一个RefreshToken这样的接口,用来给刷新token的存活周期,代码相似这里就不再赘述。

二、在Api做验证的时候,就需要开始对Token进行验证了,代码如下:

public class OAuthHandler : DelegatingHandler { protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken) { ApiResponseEntity repEntity = null; string appid = ""; string ip = RequestHelper.GetWebClientIp(); if (!OAuthValidate.IpValidate(ip)) { repEntity = new ApiResponseEntity { Status = InterfaceStatus.IllegalIp, Message = "ip access limit" }; } else { string token = ""; string url = request.RequestUri.AbsoluteUri; var routeData = request.GetRouteData(); string controller = routeData.Values["controller"].ToString().ToLower(); string action = routeData.Values["action"].ToString().ToLower(); if (controller.Equals("auth") && action.Equals("token")) { return base.SendAsync(request, cancellationToken); } if (request.Method == HttpMethod.Get) { var query = request.RequestUri.ParseQueryString(); token = query["token"]; } if (token == null || token.Length == 0) { repEntity = new ApiResponseEntity { Status = InterfaceStatus.Token_Faild, Message = "token invalid" }; } else { appid = TokenManage.Instance.Get(token); if (appid == null || appid.Length == 0) { repEntity = new ApiResponseEntity { Status = InterfaceStatus.Token_Faild, Message = "token invalid" }; } else { if (!OAuthValidate.ApiValidate ( string.Format("{0}/{1}", controller, action), appid )) { repEntity = new ApiResponseEntity { Status = InterfaceStatus.No_Access, Message = "api access limit" }; } } } } if (repEntity != null) { var tsc = new TaskCompletionSource<HttpResponseMessage>(); tsc.SetResult(repEntity.ToHttpResponseMessage()); return tsc.Task; } else { return base.SendAsync(request, cancellationToken); } } }