完善授权与认证模块

2023-01-19 17:58:46 +08:00
parent f88655e214
commit 400b14cd75
6 changed files with 37 additions and 11 deletions
--- a/Yi.Framework.Net6/src/framework/Yi.Framework.Auth.JwtBearer/Authorization/DefaultPermissionHandler.cs
+++ b/Yi.Framework.Net6/src/framework/Yi.Framework.Auth.JwtBearer/Authorization/DefaultPermissionHandler.cs
@@ -11,7 +11,13 @@ namespace Yi.Framework.Auth.JwtBearer.Authorization
    {
        public bool IsPass(string permission, ICurrentUser currentUser)
        {
-            return true;
+            if (currentUser.Permission is not null)
+            {
+               return currentUser.Permission.Contains(permission);
+
+            }
+
+            return false;
        }
    }
 }
--- a/Yi.Framework.Net6/src/framework/Yi.Framework.Auth.JwtBearer/Authorization/PermissionAttribute.cs
+++ b/Yi.Framework.Net6/src/framework/Yi.Framework.Auth.JwtBearer/Authorization/PermissionAttribute.cs
@@ -39,7 +39,7 @@ namespace Yi.Framework.Auth.JwtBearer.Authorization

            if (!result)
            {
-                throw new AuthException(message: "您无权限访问该接口");
+                throw new AuthException(message: $"您无权限访问该接口-{ context.HttpContext.Request.Path.Value}");
            }
        }

--- a/Yi.Framework.Net6/src/framework/Yi.Framework.Auth.JwtBearer/YiFrameworkAuthJwtBearerModule.cs
+++ b/Yi.Framework.Net6/src/framework/Yi.Framework.Auth.JwtBearer/YiFrameworkAuthJwtBearerModule.cs
@@ -32,10 +32,10 @@ namespace Yi.Framework.Auth.JwtBearer
            {
                option.AddScheme<YiJwtAuthenticationHandler>(YiJwtAuthenticationHandler.YiJwtSchemeName, YiJwtAuthenticationHandler.YiJwtSchemeName);
            });
-            services.AddSingleton<PermissionAttribute>(_=>new PermissionAttribute(string.Empty));
-            services.AddControllers(options => {
-                options.Filters.Add<PermissionAttribute>();
-            });
+            services.AddSingleton<PermissionAttribute>();
+            //services.AddControllers(options => {
+            //    options.Filters.Add<PermissionAttribute>();
+            //});
        }
    }
 }
--- a/Yi.Framework.Net6/src/framework/Yi.Framework.Core/Extensions/ErrorHandExtensions.cs
+++ b/Yi.Framework.Net6/src/framework/Yi.Framework.Core/Extensions/ErrorHandExtensions.cs
@@ -40,8 +40,8 @@ namespace Yi.Framework.Core.Extensions

                var result = new ExceptionModle
                {
-                    Message= businessEx.Message,
-                    Details= businessEx.Details,
+                    Message = businessEx.Message,
+                    Details = businessEx.Details,
                };
                //业务错误，不记录日志
                await context.Response.WriteAsync(JsonConvert.SerializeObject(result, new JsonSerializerSettings()
@@ -50,6 +50,26 @@ namespace Yi.Framework.Core.Extensions
                    ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver()
                }));

+            }
+            catch (AuthException ex)
+            {
+                context.Response.ContentType = "application/json;charset=utf-8";
+                //系统错误，记录日志
+                _logger.LogError(ex, $"授权失败:{ex.Message}");
+                //await _errorHandle.Invoer(context, ex);
+                context.Response.StatusCode =(int)ex.Code;
+                //系统错误，需要记录
+                var result = new ExceptionModle
+                {
+                    Message = ex.Message,
+                    Details = "授权失败",
+                };
+                await context.Response.WriteAsync(JsonConvert.SerializeObject(result, new JsonSerializerSettings()
+                {
+                    //设置首字母小写
+                    ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver()
+                }));
+
            }
            catch (Exception ex)
            {