| | |
|---|
| | | using System.Security.Claims; |
|---|
| | | using System.Threading; |
|---|
| | | using System.Threading.Tasks; |
|---|
| | | using System.Web; |
|---|
| | | using System.Web.Http; |
|---|
| | | using System.Web.Http.Controllers; |
|---|
| | | using System.Web.Http.Filters; |
|---|
| | |
|---|
| | | var principal = JWTHelper.ValidateToken(token); |
|---|
| | | if (principal == null) |
|---|
| | | { |
|---|
| | | HandleUnauthorized(actionContext); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | | |
|---|
| | | // 检查 Token和当前登录用户是否匹配 |
|---|
| | | var HUserName = GetUserNameFromHeader(actionContext) ?? ""; |
|---|
| | | var TokenUserName = JWTHelper.getUserName(token); |
|---|
| | | if(!string.IsNullOrWhiteSpace(HUserName)) |
|---|
| | | { |
|---|
| | | HUserName = HttpUtility.UrlDecode(HUserName); |
|---|
| | | } |
|---|
| | | if(TokenUserName != HUserName) |
|---|
| | | { |
|---|
| | | // 如果Token和当前登录用户不匹配,则需要告知前端用户 Token 过期,需重新登录 |
|---|
| | | HandleUnauthorized(actionContext); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | |
|---|
| | | return null; |
|---|
| | | } |
|---|
| | | |
|---|
| | | // 从Header中获取用户名 |
|---|
| | | private string GetUserNameFromHeader(HttpActionContext context) |
|---|
| | | { |
|---|
| | | var headers = context.Request.Headers; |
|---|
| | | string userName = ""; |
|---|
| | | if (headers.Contains("X-Username")) |
|---|
| | | { |
|---|
| | | userName = headers.GetValues("X-Username").FirstOrDefault(); |
|---|
| | | } |
|---|
| | | |
|---|
| | | return userName; |
|---|
| | | } |
|---|
| | | |
|---|
| | | // 401 未授权 |
|---|
| | | private void HandleUnauthorized(HttpActionContext context) |
|---|
| | | { |
|---|
