xiaju
/
SGGL_JT
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

子公司集成集团单点登录修改内容

This commit is contained in:
geh 2025-11-13 17:32:14 +08:00
parent 0defba7f03
commit feb517dd8d
3 changed files with 200 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
SUBQHSE/BLL/BLL.csproj
View File

@ -895,6 +895,7 @@
<Compile Include="ThreeYearAction\FireGasSafety\FirefightingequipmentService.cs" />
<Compile Include="ThreeYearAction\FireGasSafety\SafetyresponsibilityagreementService.cs" />
<Compile Include="ThreeYearAction\HazardousChemicals\HazardousChemicalsManageRuleService.cs" />
<Compile Include="TokenHelper.cs" />
<Compile Include="WebService\CNCECHSSEMonitorService.cs" />
<Compile Include="WebService\CNCECHSSEGetWebService.cs" />
<Compile Include="WebService\CNCECHSSEWebService.cs" />

127
SUBQHSE/BLL/TokenHelper.cs Normal file
View File

@ -0,0 +1,127 @@
using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
using Newtonsoft.Json;
namespace BLL
{
/// <summary>
/// Token加密解密工具类
/// 用于iframe跨域自动登录的token处理
/// </summary>
public static class TokenHelper
{
// 默认密钥,建议从配置文件中读取
private static readonly string SecretKey = "cncec-subqhse-256bit-secret-key-for-auth-token";
/// <summary>
/// 加密Token
/// </summary>
/// <param name="plainText">明文</param>
/// <returns>加密后的Base64字符串</returns>
public static string EncryptToken(string plainText)
{
try
{
// 确保密钥长度为32字节256位
string key = SecretKey.PadRight(32, '0').Substring(0, 32);
using (var aes = Aes.Create())
{
aes.Key = Encoding.UTF8.GetBytes(key);
aes.IV = new byte[16]; // 使用固定IV简化实现
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.PKCS7;
using (var encryptor = aes.CreateEncryptor())
using (var msEncrypt = new MemoryStream())
{
using (var csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
using (var swEncrypt = new StreamWriter(csEncrypt))
{
swEncrypt.Write(plainText);
}
return Convert.ToBase64String(msEncrypt.ToArray());
}
}
}
catch (Exception ex)
{
throw new Exception($"Token加密失败: {ex.Message}", ex);
}
}
/// <summary>
/// 解密Token
/// </summary>
/// <param name="cipherText">加密的Base64字符串</param>
/// <returns>解密后的明文</returns>
public static string DecryptToken(string cipherText)
{
try
{
// 确保密钥长度为32字节256位
string key = SecretKey.PadRight(32, '0').Substring(0, 32);
using (var aes = Aes.Create())
{
aes.Key = Encoding.UTF8.GetBytes(key);
aes.IV = new byte[16]; // 使用固定IV与加密一致
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.PKCS7;
using (var decryptor = aes.CreateDecryptor())
using (var msDecrypt = new MemoryStream(Convert.FromBase64String(cipherText)))
using (var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
using (var srDecrypt = new StreamReader(csDecrypt))
{
return srDecrypt.ReadToEnd();
}
}
}
catch (Exception ex)
{
throw new Exception($"Token解密失败: {ex.Message}", ex);
}
}
/// <summary>
/// 生成认证Token
/// </summary>
/// <param name="userId">用户ID</param>
/// <param name="source">来源标识</param>
/// <returns>加密的Token</returns>
public static string GenerateAuthToken(string userId, string source = "qhse.cncecoa.com")
{
var tokenData = new
{
user_id = userId,
timestamp = DateTimeOffset.Now.ToUnixTimeSeconds(),
source = source,
random = Guid.NewGuid().ToString("N").Substring(0, 8) // 添加8位随机数增强安全性
};
string json = JsonConvert.SerializeObject(tokenData);
return EncryptToken(json);
}
/// <summary>
/// 验证Token格式
/// </summary>
/// <param name="token">Token字符串</param>
/// <returns>是否为有效的Base64格式</returns>
public static bool IsValidTokenFormat(string token)
{
try
{
Convert.FromBase64String(token);
return true;
}
catch
{
return false;
}
}
}
}

94
SUBQHSE/FineUIPro.Web/common/PageBase.cs
View File

@ -131,37 +131,87 @@ namespace FineUIPro.Web
protected override void OnInit(EventArgs e)
{
string url = HttpContext.Current.Request.Path;
string a = Request.ServerVariables["HTTP_REFERER"];
string Referer = Request.Headers["Referer"];
if (a==null)
string fullPath = HttpContext.Current.Request.Path;
string appPath = HttpContext.Current.Request.ApplicationPath; // 获取应用程序根路径
// 确保应用程序路径以 "/" 开头并移除它
if (!string.IsNullOrEmpty(appPath) && fullPath.StartsWith(appPath, StringComparison.OrdinalIgnoreCase))
{
bool IsDataShowPage = ConstValue.drpConstItemList(ConstValue.Group_InterfacePopup).FirstOrDefault(x => url.Contains(x.ConstValue)) != null;
bool IsSafeReferer = ConstValue.drpConstItemList(ConstValue.Group_SafeReferer).FirstOrDefault(x => x.ConstValue == url) != null;
if (!IsDataShowPage && !IsSafeReferer)
{
if (this.Page.Request.AppRelativeCurrentExecutionFilePath != "~/Login.aspx")
Response.Redirect("~/Login.aspx");
return;
}
fullPath = fullPath.Substring(appPath.Length); // 去掉应用程序根路径
}
else
//去除fullPath 开头的 /
if (fullPath.StartsWith("/"))
{
Uri uri = new Uri(a);
Uri uri2 = new Uri(SysConstSetService.CNCECPath);
if (uri.Host==uri2.Host)
fullPath = fullPath.Remove(0, 1);
}
// 检查auth_token参数实现iframe自动登录
string authToken = Request.QueryString["auth_token"];
if (!string.IsNullOrEmpty(authToken) && this.CurrUser == null)
{
try
{
if (this.CurrUser == null)
// 解密并验证token
string decryptedToken = BLL.TokenHelper.DecryptToken(authToken);
var tokenData = JsonConvert.DeserializeObject<dynamic>(decryptedToken);
// 验证时间戳2小时有效期
long timestamp = tokenData.timestamp;
if (DateTimeOffset.Now.ToUnixTimeSeconds() - timestamp <= 7200) // 2小时 = 7200秒
{
this.Session["CurrUser"] = UserService.GetUserByUserId(Const.sysglyId);
// 验证用户ID
string userId = tokenData.user_id;
if (userId == Const.sysglyId)
{
var user = UserService.GetUserByUserId(Const.sysglyId);
if (user != null)
{
this.Session["CurrUser"] = user;
BLL.LogService.AddLog(Const.sysglyId, "iframe Token自动登录成功");
}
}
}
}
catch (Exception ex)
{
BLL.LogService.AddLog("", $"iframe Token自动登录失败{ex.Message}");
}
}
string httpRefere = Request.ServerVariables["HTTP_REFERER"];
if (httpRefere==null) //判断是否为空。目的是为了防止直接在浏览器地址栏输入网址访问
{
bool IsDataShowPage = ConstValue.drpConstItemList(ConstValue.Group_InterfacePopup).FirstOrDefault(x => fullPath.Contains(x.ConstValue)) != null;
bool IsSafeReferer = ConstValue.drpConstItemList(ConstValue.Group_SafeReferer).FirstOrDefault(x => x.ConstValue == fullPath) != null;
// 如果不在安全页面列表中且用户未登录,重定向到登录页面
if (!IsDataShowPage && !IsSafeReferer && this.CurrUser == null)
{
string loginform = ConfigurationManager.AppSettings["LoginForm"];
if (!string.IsNullOrEmpty(loginform))
{
if (this.Page.Request.AppRelativeCurrentExecutionFilePath != "~/Login_ZJ.aspx")
Response.Redirect("~/Login_ZJ.aspx");
return;
}
}
}
/*if (CurrUser == null && HttpContext.Current.Request.Path != FormsAuthentication.LoginUrl)//防止没有登录直接访问通用界面
{
Response.Redirect(FormsAuthentication.LoginUrl);
}*/
//var menuModel = (from x in Funs.DB.Sys_Menu where x.Url.Contains(fullPath) select x.MenuId).ToList();//判断访问的页面是否在菜单中
//if (menuModel!=null&&menuModel.Count>0)
//{
// var thisUserAllMenuIdLis = CommonService.GetAllMenuList(this.CurrUser.LoginProjectId, this.CurrUser.UserId);
// if (menuModel.Intersect(thisUserAllMenuIdLis).Count()==0)
// {
// Response.Redirect(FormsAuthentication.LoginUrl);
// }
//}//没有在菜单中则不做权限判断(暂时没有控制弹窗的统一权限校验)
var pm = PageManager.Instance;
if (pm != null)
{
@ -264,7 +314,7 @@ namespace FineUIPro.Web
System.Web.UI.HtmlControls.HtmlGenericControl linkCtrl = new System.Web.UI.HtmlControls.HtmlGenericControl("link");
linkCtrl.Attributes["rel"] = "stylesheet";
linkCtrl.Attributes["type"] = "text/css";
linkCtrl.Attributes["href"] = ResolveClientUrl("~/res/css/common.css?v" + GlobalConfig.ProductVersion);
/*linkCtrl.Attributes["href"] = ResolveClientUrl("~/res/css/common.css?v" + GlobalConfig.ProductVersion);*/
Header.Controls.AddAt(GetHeadStyleCSSIndex(), linkCtrl);