[WHAT] 以authtoken取代MemberID，並增加Token解析工具 [WHY] ShowEasy 後台開發 [HOW] API 開發

2 years ago · dcd1e3feaf
5 changed files with 107 additions and 4 deletions
--- a/EuroTran/EasyBL.WEBAPP/EasyBL.WEBAPP.csproj
+++ b/EuroTran/EasyBL.WEBAPP/EasyBL.WEBAPP.csproj
@ -81,6 +81,7 @@
    <Compile Include="AuthorizeService.cs" />
    <Compile Include="BaseExceptionWord.cs" />
    <Compile Include="CalendarService.cs" />
+    <Compile Include="SETokenUtil.cs" />
    <Compile Include="CRM\Customers_QryService.cs" />
    <Compile Include="EIP\AttendanceDiff_QryService.cs" />
    <Compile Include="EIP\BillChangeApply_QryService.cs" />
--- a/EuroTran/EasyBL.WEBAPP/SETokenUtil.cs
+++ b/EuroTran/EasyBL.WEBAPP/SETokenUtil.cs
@ -0,0 +1,54 @@
+using Entity;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net.Http;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace EasyBL.WEBAPP
+{
+    public static class SETokenUtil
+    {
+
+        public static SEToken GetToken(HttpRequestMessage message) {
+
+            SEToken seToken = new SEToken();
+
+            IEnumerable<string> headerValues;
+            if (message.Headers.TryGetValues("authtoken", out headerValues))
+            {
+                var token = headerValues.FirstOrDefault();
+
+                seToken = Decrypt(token);
+
+            }
+
+            return seToken;
+
+        }
+
+        public static SEToken Decrypt(string data) {
+
+            SEToken seToken = new SEToken();
+
+            if (!string.IsNullOrEmpty(data)) {
+
+                var authtoken = EasyNet.SecurityUtil.Decrypt(data);
+                var saAuthtoken = authtoken.Split(',');
+
+                seToken.OrgID = saAuthtoken[0].Split(':')[1];
+                seToken.Email = saAuthtoken[1].Split(':')[1];
+                seToken.MemberID = saAuthtoken[1].Split(':')[1];
+                seToken.SignToken = saAuthtoken[2].Split(':')[1];
+
+            }
+
+            return seToken;
+        }
+
+
+
+
+    }
+}
--- a/EuroTran/Entity/Entity.csproj
+++ b/EuroTran/Entity/Entity.csproj
@ -187,6 +187,7 @@
      <AutoGen>True</AutoGen>
      <DesignTime>True</DesignTime>
    </Compile>
+    <Compile Include="SEToken.cs" />
    <Compile Include="Token.cs" />
    <Compile Include="ViewModels\View_CRM_ImportCustomers.cs" />
    <Compile Include="ViewModels\View_EIP_AttendanceDiff.cs" />
--- a/EuroTran/Entity/SEToken.cs
+++ b/EuroTran/Entity/SEToken.cs
@ -0,0 +1,32 @@
+using System;
+
+namespace Entity
+{
+    public class SEToken
+    {
+        /// <summary>
+        /// 組織ID
+        /// </summary>
+        public string OrgID { get; set; }
+
+        /// <summary>
+        /// 用户ID
+        /// </summary>
+        public string MemberID { get; set; }
+
+        /// <summary>
+        /// 用户Email
+        /// </summary>
+        public string Email { get; set; }
+
+        /// <summary>
+        /// 用户名对应签名Token
+        /// </summary>
+        public string SignToken { get; set; }
+
+        /// <summary>
+        /// Token过期时间
+        /// </summary>
+        public DateTime ExpireTime { get; set; }
+    }
+}
--- a/EuroTran/WebApp/Controllers/FavoriteController.cs
+++ b/EuroTran/WebApp/Controllers/FavoriteController.cs
@ -2,7 +2,9 @@
 using EasyBL.WebApi.Common;
 using EasyBL.WebApi.Filters;
 using EasyBL.WebApi.Message;
+using EasyBL.WEBAPP;
 using EasyBL.WEBAPP.SYS;
+using EasyNet;
 using Entity.ShowEasyDtos;
 using Entity.Sugar;
 using Newtonsoft.Json;
@ -22,27 +24,40 @@ namespace WebApp.Controllers
        [SEApiSecurityFilter]
        public HttpResponseMessage Favorite([FromBody] FavoriteDTO favorite)
        {
+
+            // get authtoken
+            var SEToken = SETokenUtil.GetToken(this.Request);
+            favorite.MemberID = SEToken.Email;
+
            return new FavoriteService().SaveFavorite(favorite);
        }

        [HttpGet]
        [SEApiSecurityFilter]
-        public HttpResponseMessage Favorites(string MemberID)
+        public HttpResponseMessage Favorites()
        {

+            // get authtoken
+            var SEToken = SETokenUtil.GetToken(this.Request);
+
+            // get MemberID from authtoken
+
            FavoriteDTO favorite = new FavoriteDTO();
-            favorite.MemberID = MemberID;
+            favorite.MemberID = SEToken.Email;

            return new FavoriteService().GetFavorites(favorite);
        }

        [HttpGet]
        [SEApiSecurityFilter]
-        public HttpResponseMessage Favorites(string MemberID, string Type)
+        public HttpResponseMessage Favorites(string Type)
        {

+            // get authtoken
+            var SEToken = SETokenUtil.GetToken(this.Request);
+
            FavoriteDTO favorite = new FavoriteDTO();
-            favorite.MemberID = MemberID;
+            favorite.MemberID = SEToken.Email;
            favorite.Type = Type;

            return new FavoriteService().GetFavorites(favorite);