feat：添加令牌效验

2023-04-18 20:29:53 +08:00
parent 92d9c532c2
commit 85d1cbff34
6 changed files with 117 additions and 0 deletions
--- a/Yi.Furion.Net6/Yi.Framework.Infrastructure/AspNetCore/PermissionGlobalAttribute.cs
+++ b/Yi.Furion.Net6/Yi.Framework.Infrastructure/AspNetCore/PermissionGlobalAttribute.cs
@@ -0,0 +1,37 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc.Controllers;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Yi.Framework.Infrastructure.Attributes;
+using Yi.Framework.Infrastructure.Auth;
+using Yi.Framework.Infrastructure.Exceptions;
+
+namespace Yi.Framework.Infrastructure.AspNetCore
+{
+    internal class PermissionGlobalAttribute : ActionFilterAttribute
+    {
+        private readonly IPermissionHandler _permissionHandler;
+        public PermissionGlobalAttribute(IPermissionHandler permissionHandler)
+        {
+            _permissionHandler = permissionHandler;
+        }
+        public override void OnActionExecuting(ActionExecutingContext context)
+        {
+            if (context.ActionDescriptor is not ControllerActionDescriptor controllerActionDescriptor) return;
+            PermissionAttribute? perAttribute = controllerActionDescriptor.MethodInfo.GetCustomAttributes(inherit: true)
+                   .FirstOrDefault(a => a.GetType().Equals(typeof(PermissionAttribute))) as PermissionAttribute;
+            //空对象直接返回
+            if (perAttribute is null) return;
+
+            var result = _permissionHandler.IsPass(perAttribute.Code);
+
+            if (!result)
+            {
+                throw new AuthException(message: $"您无权限访问该接口-{context.HttpContext.Request.Path.Value}");
+            }
+        }
+    }
+}
--- a/Yi.Furion.Net6/Yi.Framework.Infrastructure/Attributes/PermissionAttribute.cs
+++ b/Yi.Furion.Net6/Yi.Framework.Infrastructure/Attributes/PermissionAttribute.cs
@@ -0,0 +1,23 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace Yi.Framework.Infrastructure.Attributes
+{
+    [AttributeUsage(AttributeTargets.Method)]
+
+    public class PermissionAttribute : ActionFilterAttribute
+    {
+        internal string Code { get; set; }
+
+        public PermissionAttribute(string code)
+        {
+            Code = code;
+        }
+
+
+    }
+}
--- a/Yi.Furion.Net6/Yi.Framework.Infrastructure/Auth/DefaultPermissionHandler.cs
+++ b/Yi.Furion.Net6/Yi.Framework.Infrastructure/Auth/DefaultPermissionHandler.cs
@@ -0,0 +1,34 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using Yi.Framework.Infrastructure.CurrentUsers;
+
+namespace Yi.Framework.Infrastructure.Auth
+{
+    public class DefaultPermissionHandler : IPermissionHandler
+    {
+        private ICurrentUser _currentUser { get; set; }
+
+        public DefaultPermissionHandler(ICurrentUser currentUser)
+        {
+            _currentUser = currentUser;
+        }
+        public bool IsPass(string permission)
+        {
+            if (_currentUser.Permission is not null)
+            {
+                if (_currentUser.Permission.Contains("*:*:*"))
+                {
+                    return true;
+                }
+
+                return _currentUser.Permission.Contains(permission);
+
+            }
+
+            return false;
+        }
+    }
+}
--- a/Yi.Furion.Net6/Yi.Framework.Infrastructure/Auth/IPermissionHandler.cs
+++ b/Yi.Furion.Net6/Yi.Framework.Infrastructure/Auth/IPermissionHandler.cs
@@ -0,0 +1,13 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Yi.Framework.Infrastructure.Auth
+{
+    public interface IPermissionHandler
+    {
+        bool IsPass(string permission);
+    }
+}
--- a/Yi.Furion.Net6/Yi.Framework.Infrastructure/Startup.cs
+++ b/Yi.Furion.Net6/Yi.Framework.Infrastructure/Startup.cs
@@ -5,6 +5,7 @@ using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
 using StackExchange.Profiling.SqlFormatters;
 using Yi.Framework.Infrastructure.AspNetCore;
+using Yi.Framework.Infrastructure.Auth;
 using Yi.Framework.Infrastructure.Data;
 using Yi.Framework.Infrastructure.Data.Filters;
 using Yi.Framework.Infrastructure.Sqlsugar;
@@ -26,6 +27,13 @@ public class Startup : AppStartup
        services.AddUnitOfWork<SqlsugarUnitOfWork>();

        services.AddTransient<IDataFilter, SqlsugarDataFilter>();
+
+
+        services.AddSingleton<IPermissionHandler, DefaultPermissionHandler>();
+        services.AddSingleton<PermissionGlobalAttribute>();
+        services.AddControllers(options => {
+            options.Filters.Add<PermissionGlobalAttribute>();
+        });
    }

    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
--- a/Yi.Furion.Net6/Yi.Furion.Application/Rbac/Services/Impl/UserService.cs
+++ b/Yi.Furion.Net6/Yi.Furion.Application/Rbac/Services/Impl/UserService.cs
@@ -1,4 +1,5 @@
 using SqlSugar;
+using Yi.Framework.Infrastructure.Attributes;
 using Yi.Framework.Infrastructure.CurrentUsers;
 using Yi.Framework.Infrastructure.Ddd.Dtos;
 using Yi.Framework.Infrastructure.Ddd.Services;
@@ -35,6 +36,7 @@ namespace Yi.Furion.Application.Rbac.Services.Impl
        /// </summary>
        /// <param name="input"></param>
        /// <returns></returns>
+        [Permission("system:user:list")]
        public override async Task<PagedResultDto<UserGetListOutputDto>> GetListAsync(UserGetListInputVo input)
        {
            var entity = await MapToEntityAsync(input);