完善授权与认证模块
This commit is contained in:
橙子
@@ -11,7 +11,13 @@ namespace Yi.Framework.Auth.JwtBearer.Authorization
|
|||||||
{
|
{
|
||||||
public bool IsPass(string permission, ICurrentUser currentUser)
|
public bool IsPass(string permission, ICurrentUser currentUser)
|
||||||
{
|
{
|
||||||
return true;
|
if (currentUser.Permission is not null)
|
||||||
|
{
|
||||||
|
return currentUser.Permission.Contains(permission);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -39,7 +39,7 @@ namespace Yi.Framework.Auth.JwtBearer.Authorization
|
|||||||
|
|
||||||
if (!result)
|
if (!result)
|
||||||
{
|
{
|
||||||
throw new AuthException(message: "您无权限访问该接口");
|
throw new AuthException(message: $"您无权限访问该接口-{ context.HttpContext.Request.Path.Value}");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -32,10 +32,10 @@ namespace Yi.Framework.Auth.JwtBearer
|
|||||||
{
|
{
|
||||||
option.AddScheme<YiJwtAuthenticationHandler>(YiJwtAuthenticationHandler.YiJwtSchemeName, YiJwtAuthenticationHandler.YiJwtSchemeName);
|
option.AddScheme<YiJwtAuthenticationHandler>(YiJwtAuthenticationHandler.YiJwtSchemeName, YiJwtAuthenticationHandler.YiJwtSchemeName);
|
||||||
});
|
});
|
||||||
services.AddSingleton<PermissionAttribute>(_=>new PermissionAttribute(string.Empty));
|
services.AddSingleton<PermissionAttribute>();
|
||||||
services.AddControllers(options => {
|
//services.AddControllers(options => {
|
||||||
options.Filters.Add<PermissionAttribute>();
|
// options.Filters.Add<PermissionAttribute>();
|
||||||
});
|
//});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -40,8 +40,8 @@ namespace Yi.Framework.Core.Extensions
|
|||||||
|
|
||||||
var result = new ExceptionModle
|
var result = new ExceptionModle
|
||||||
{
|
{
|
||||||
Message= businessEx.Message,
|
Message = businessEx.Message,
|
||||||
Details= businessEx.Details,
|
Details = businessEx.Details,
|
||||||
};
|
};
|
||||||
//业务错误,不记录日志
|
//业务错误,不记录日志
|
||||||
await context.Response.WriteAsync(JsonConvert.SerializeObject(result, new JsonSerializerSettings()
|
await context.Response.WriteAsync(JsonConvert.SerializeObject(result, new JsonSerializerSettings()
|
||||||
@@ -50,6 +50,26 @@ namespace Yi.Framework.Core.Extensions
|
|||||||
ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver()
|
ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver()
|
||||||
}));
|
}));
|
||||||
|
|
||||||
|
}
|
||||||
|
catch (AuthException ex)
|
||||||
|
{
|
||||||
|
context.Response.ContentType = "application/json;charset=utf-8";
|
||||||
|
//系统错误,记录日志
|
||||||
|
_logger.LogError(ex, $"授权失败:{ex.Message}");
|
||||||
|
//await _errorHandle.Invoer(context, ex);
|
||||||
|
context.Response.StatusCode =(int)ex.Code;
|
||||||
|
//系统错误,需要记录
|
||||||
|
var result = new ExceptionModle
|
||||||
|
{
|
||||||
|
Message = ex.Message,
|
||||||
|
Details = "授权失败",
|
||||||
|
};
|
||||||
|
await context.Response.WriteAsync(JsonConvert.SerializeObject(result, new JsonSerializerSettings()
|
||||||
|
{
|
||||||
|
//设置首字母小写
|
||||||
|
ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver()
|
||||||
|
}));
|
||||||
|
|
||||||
}
|
}
|
||||||
catch (Exception ex)
|
catch (Exception ex)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -43,14 +43,14 @@ namespace Yi.Framework.Application.Student
|
|||||||
_studentManager = studentManager;
|
_studentManager = studentManager;
|
||||||
_unitOfWorkManager = unitOfWorkManager;
|
_unitOfWorkManager = unitOfWorkManager;
|
||||||
_jwtTokenManager = jwtTokenManager;
|
_jwtTokenManager = jwtTokenManager;
|
||||||
_currentUser=currentUser;
|
_currentUser = currentUser;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// 测试token
|
/// 测试token
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
public string GetToken()
|
public string GetToken()
|
||||||
{
|
{
|
||||||
var claimDic = new Dictionary<string, object>() { { TokenTypeConst.Id, "123" }, { TokenTypeConst.UserName, "cc" } };
|
var claimDic = new Dictionary<string, object>() { { TokenTypeConst.Id, "123" }, { TokenTypeConst.UserName, "cc" } };
|
||||||
return _jwtTokenManager.CreateToken(claimDic);
|
return _jwtTokenManager.CreateToken(claimDic);
|
||||||
@@ -64,7 +64,7 @@ namespace Yi.Framework.Application.Student
|
|||||||
[Permission(AuthStudentConst.查询)]
|
[Permission(AuthStudentConst.查询)]
|
||||||
public async Task<StudentGetOutputDto> PostUow()
|
public async Task<StudentGetOutputDto> PostUow()
|
||||||
{
|
{
|
||||||
var o= _currentUser;
|
var o = _currentUser;
|
||||||
StudentGetOutputDto res = new();
|
StudentGetOutputDto res = new();
|
||||||
using (var uow = _unitOfWorkManager.CreateContext())
|
using (var uow = _unitOfWorkManager.CreateContext())
|
||||||
{
|
{
|
||||||
|
|||||||
Binary file not shown.
Reference in New Issue
Block a user