using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.ServiceModel.Dispatcher; using System.Runtime.Serialization; using DeiNiu.Utils; using DeiNiu.wms.Data.Model; using System.Net; namespace WcfServiceAuthentication { public class AuthenticationInspector : IDispatchMessageInspector { public static int testUserId = 0; public static Dictionary authCach = new Dictionary(); public static Dictionary tmpCodes = new Dictionary(); static string[] publicServices = { "/Login.svc", "/PortalService.svc", "/MobileService.svc", "/ScheduledService.svc", "/android.svc/login" }; public object AfterReceiveRequest(ref System.ServiceModel.Channels.Message request, System.ServiceModel.IClientChannel channel, System.ServiceModel.InstanceContext instanceContext) { //注意引用 System.Runtime.Serialization string userIdKey = "UserId"; string tokenKey = "Token"; string tmpTokenKey = "tmpToken"; int tmpToken = 0; int userId =0; // string Password = request.Headers.GetHeader("Password", "www.test.com"); string token = ""; string requestPath = channel.LocalAddress.Uri.AbsolutePath; WebHeaderCollection headerCollection = System.ServiceModel.Web.WebOperationContext.Current.IncomingRequest.Headers; foreach (string item in headerCollection) { if (item == userIdKey) userId = Convert.ToInt32(headerCollection.Get(item)); if (item == tokenKey) token = headerCollection.Get(item) ; if (item == tmpTokenKey) { tmpToken = Convert.ToInt16(headerCollection.Get(item)); } } if (publicServices.Contains(requestPath)) { return null; } string methdPath = request.Properties.Via.AbsolutePath; if (publicServices.Contains(methdPath)) { return null; } if (userId == 0) { try { userId = request.Headers.GetHeader("UserId", "www.deinu.com"); // string Password = request.Headers.GetHeader("Password", "www.test.com"); token = request.Headers.GetHeader("Token", "www.deinu.com"); }catch(System.ServiceModel.MessageHeaderException er) { } } LogHelper.debug("svr AuthenticationInspector", string.Format("request: {2},set UserId : {0},set token: {1}", userId, token, request.ToString())); if (!validUser(userId, token)) // not in cache { LogHelper.debug("svr AuthenticationInspector auth error", string.Format("request: {2},set UserId : {0},set token: {1}", userId, token, request.ToString())); throw new DeiNiuTimeOutException(WmsConstants.WCF_UN_AUTH_MESSAGE); } if (tmpToken > 0) { tmpCodes[userId] = tmpToken; } return null; } public void BeforeSendReply(ref System.ServiceModel.Channels.Message reply, object correlationState) { string res = reply.ToString(); return; } public static bool validUser(int userId, string token) { // if (authCach.ContainsKey(userId)) //检查内存 { LogHelper.debug("AuthenticationInspector", string.Format("get userId {0} in the cache checking token {1},token match? {2}", userId, token, authCach[userId].Equals(token))); #if DEBUG if (!authCach[userId].Equals(token)) { Employee em1 = new Employee(); try { if (em1.login(token) && em1.ID == userId) { LogHelper.debug("AuthenticationInspector", string.Format("valid token {0} in the db and token match ", token)); authCach[userId] = token; return true; } } catch { return false; } } #endif return authCach[userId].Equals(token); } //检查db Employee em = new Employee(); try { if (em.login(token) && em.ID == userId) { LogHelper.debug("AuthenticationInspector", string.Format("valid token {0} in the db and token match ", token )); authCach[userId] = token; return true; } } catch { return false; } return false; } } }