feat:添加令牌效验
This commit is contained in:
@@ -0,0 +1,37 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using Microsoft.AspNetCore.Mvc.Controllers;
|
||||
using Microsoft.AspNetCore.Mvc.Filters;
|
||||
using Yi.Framework.Infrastructure.Attributes;
|
||||
using Yi.Framework.Infrastructure.Auth;
|
||||
using Yi.Framework.Infrastructure.Exceptions;
|
||||
|
||||
namespace Yi.Framework.Infrastructure.AspNetCore
|
||||
{
|
||||
internal class PermissionGlobalAttribute : ActionFilterAttribute
|
||||
{
|
||||
private readonly IPermissionHandler _permissionHandler;
|
||||
public PermissionGlobalAttribute(IPermissionHandler permissionHandler)
|
||||
{
|
||||
_permissionHandler = permissionHandler;
|
||||
}
|
||||
public override void OnActionExecuting(ActionExecutingContext context)
|
||||
{
|
||||
if (context.ActionDescriptor is not ControllerActionDescriptor controllerActionDescriptor) return;
|
||||
PermissionAttribute? perAttribute = controllerActionDescriptor.MethodInfo.GetCustomAttributes(inherit: true)
|
||||
.FirstOrDefault(a => a.GetType().Equals(typeof(PermissionAttribute))) as PermissionAttribute;
|
||||
//空对象直接返回
|
||||
if (perAttribute is null) return;
|
||||
|
||||
var result = _permissionHandler.IsPass(perAttribute.Code);
|
||||
|
||||
if (!result)
|
||||
{
|
||||
throw new AuthException(message: $"您无权限访问该接口-{context.HttpContext.Request.Path.Value}");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,23 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using Microsoft.AspNetCore.Mvc.Filters;
|
||||
|
||||
namespace Yi.Framework.Infrastructure.Attributes
|
||||
{
|
||||
[AttributeUsage(AttributeTargets.Method)]
|
||||
|
||||
public class PermissionAttribute : ActionFilterAttribute
|
||||
{
|
||||
internal string Code { get; set; }
|
||||
|
||||
public PermissionAttribute(string code)
|
||||
{
|
||||
Code = code;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,34 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using Yi.Framework.Infrastructure.CurrentUsers;
|
||||
|
||||
namespace Yi.Framework.Infrastructure.Auth
|
||||
{
|
||||
public class DefaultPermissionHandler : IPermissionHandler
|
||||
{
|
||||
private ICurrentUser _currentUser { get; set; }
|
||||
|
||||
public DefaultPermissionHandler(ICurrentUser currentUser)
|
||||
{
|
||||
_currentUser = currentUser;
|
||||
}
|
||||
public bool IsPass(string permission)
|
||||
{
|
||||
if (_currentUser.Permission is not null)
|
||||
{
|
||||
if (_currentUser.Permission.Contains("*:*:*"))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
return _currentUser.Permission.Contains(permission);
|
||||
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,13 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace Yi.Framework.Infrastructure.Auth
|
||||
{
|
||||
public interface IPermissionHandler
|
||||
{
|
||||
bool IsPass(string permission);
|
||||
}
|
||||
}
|
||||
@@ -5,6 +5,7 @@ using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Hosting;
|
||||
using StackExchange.Profiling.SqlFormatters;
|
||||
using Yi.Framework.Infrastructure.AspNetCore;
|
||||
using Yi.Framework.Infrastructure.Auth;
|
||||
using Yi.Framework.Infrastructure.Data;
|
||||
using Yi.Framework.Infrastructure.Data.Filters;
|
||||
using Yi.Framework.Infrastructure.Sqlsugar;
|
||||
@@ -26,6 +27,13 @@ public class Startup : AppStartup
|
||||
services.AddUnitOfWork<SqlsugarUnitOfWork>();
|
||||
|
||||
services.AddTransient<IDataFilter, SqlsugarDataFilter>();
|
||||
|
||||
|
||||
services.AddSingleton<IPermissionHandler, DefaultPermissionHandler>();
|
||||
services.AddSingleton<PermissionGlobalAttribute>();
|
||||
services.AddControllers(options => {
|
||||
options.Filters.Add<PermissionGlobalAttribute>();
|
||||
});
|
||||
}
|
||||
|
||||
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using SqlSugar;
|
||||
using Yi.Framework.Infrastructure.Attributes;
|
||||
using Yi.Framework.Infrastructure.CurrentUsers;
|
||||
using Yi.Framework.Infrastructure.Ddd.Dtos;
|
||||
using Yi.Framework.Infrastructure.Ddd.Services;
|
||||
@@ -35,6 +36,7 @@ namespace Yi.Furion.Application.Rbac.Services.Impl
|
||||
/// </summary>
|
||||
/// <param name="input"></param>
|
||||
/// <returns></returns>
|
||||
[Permission("system:user:list")]
|
||||
public override async Task<PagedResultDto<UserGetListOutputDto>> GetListAsync(UserGetListInputVo input)
|
||||
{
|
||||
var entity = await MapToEntityAsync(input);
|
||||
|
||||
Reference in New Issue
Block a user