104 lines
3.2 KiB
C#
104 lines
3.2 KiB
C#
|
using Microsoft.AspNetCore.Authorization;
|
|||
|
|
using Microsoft.AspNetCore.Mvc;
|
|||
|
|
using Microsoft.AspNetCore.Mvc.Filters;
|
|||
|
|
using System.Diagnostics;
|
|||
|
|
using System.Linq;
|
|||
|
|
using System.Reflection;
|
|||
|
|
using System.Threading.Tasks;
|
|||
|
|
using HT.Cloud.Code;
|
|||
|
|
using HT.Cloud.Service.SystemOrganize;
|
|||
|
|
|
|||
|
|
namespace HT.Cloud.Web
|
|||
|
|
{
|
|||
|
|
/// <summary>
|
|||
|
|
/// 验证token
|
|||
|
|
/// </summary>
|
|||
|
|
public class LoginFilterAttribute : ActionFilterAttribute
|
|||
|
|
{
|
|||
|
|
private readonly bool _needLogin;
|
|||
|
|
|
|||
|
|
/// <summary>
|
|||
|
|
/// 登录特性
|
|||
|
|
/// </summary>
|
|||
|
|
/// <param name="needLogin">是否验证</param>
|
|||
|
|
public LoginFilterAttribute(bool needLogin = true)
|
|||
|
|
{
|
|||
|
|
_needLogin = needLogin;
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
/// <summary>
|
|||
|
|
/// 验证
|
|||
|
|
/// </summary>
|
|||
|
|
/// <param name="context"></param>
|
|||
|
|
/// <param name="next"></param>
|
|||
|
|
/// <returns></returns>
|
|||
|
|
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
|
|||
|
|
{
|
|||
|
|
Stopwatch sw = new Stopwatch();
|
|||
|
|
sw.Start();
|
|||
|
|
string token = context.HttpContext.Request.Headers[GlobalContext.SystemConfig.TokenName].ParseToString();
|
|||
|
|
OperatorModel user = OperatorProvider.Provider.GetCurrent();
|
|||
|
|
var description =
|
|||
|
|
(Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor;
|
|||
|
|
|
|||
|
|
//添加有允许匿名的Action,可以不用登录访问,如Login/Index
|
|||
|
|
//控制器整体忽略或者单独方法忽略
|
|||
|
|
var anonymous = description.ControllerTypeInfo.GetCustomAttribute(typeof(AllowAnonymousAttribute));
|
|||
|
|
var methodanonymous = description.MethodInfo.GetCustomAttribute(typeof(AllowAnonymousAttribute));
|
|||
|
|
if (user != null && RoleAuthorize())
|
|||
|
|
{
|
|||
|
|
//延长过期时间
|
|||
|
|
int LoginExpire = GlobalContext.SystemConfig.LoginExpire;
|
|||
|
|
string cacheKeyOperator = GlobalContext.SystemConfig.ProjectPrefix + "_operator_";// +登录者token
|
|||
|
|
await CacheHelper.ExpireAsync(cacheKeyOperator + token, LoginExpire);
|
|||
|
|
await CacheHelper.ExpireAsync(cacheKeyOperator + "api_" + user.UserId, LoginExpire);
|
|||
|
|
// 根据传入的Token,添加token和客户参数
|
|||
|
|
if (context.ActionArguments != null && context.ActionArguments.Count > 0)
|
|||
|
|
{
|
|||
|
|
PropertyInfo property = context.ActionArguments.First().Value.GetType().GetProperty("Token");
|
|||
|
|
if (property != null)
|
|||
|
|
{
|
|||
|
|
property.SetValue(context.ActionArguments.First().Value, token, null);
|
|||
|
|
}
|
|||
|
|
switch (context.HttpContext.Request.Method.ToUpper())
|
|||
|
|
{
|
|||
|
|
case "GET":
|
|||
|
|
break;
|
|||
|
|
|
|||
|
|
case "POST":
|
|||
|
|
property = context.ActionArguments.First().Value.GetType().GetProperty("CustomerId");
|
|||
|
|
if (property != null)
|
|||
|
|
{
|
|||
|
|
property.SetValue(context.ActionArguments.First().Value, user.UserId, null);
|
|||
|
|
}
|
|||
|
|
break;
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
else if (anonymous == null && methodanonymous == null && _needLogin)
|
|||
|
|
{
|
|||
|
|
AlwaysResult obj = new AlwaysResult();
|
|||
|
|
obj.message = "抱歉,没有操作权限";
|
|||
|
|
obj.state = ResultType.error.ToString();
|
|||
|
|
context.Result = new JsonResult(obj);
|
|||
|
|
return;
|
|||
|
|
}
|
|||
|
|
var resultContext = await next();
|
|||
|
|
|
|||
|
|
sw.Stop();
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
private bool RoleAuthorize()
|
|||
|
|
{
|
|||
|
|
try
|
|||
|
|
{
|
|||
|
|
return GlobalContext.GetRequiredService<RoleAuthorizeService>().RoleValidate().GetAwaiter().GetResult();
|
|||
|
|
}
|
|||
|
|
catch (System.Exception ex)
|
|||
|
|
{
|
|||
|
|
LogHelper.WriteWithTime(ex);
|
|||
|
|
return false;
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|