xwl2023/Yi.Framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6a58af8dfbfde8058f503a8e299d8c9908b2a890
Yi.Framework/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Authorization/RefreshTokenMiddleware.cs
ccnetcore 6a58af8dfb feat: 完成双token刷新
2025-06-29 15:18:30 +08:00

74 lines
2.8 KiB
C#
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using JetBrains.Annotations;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
using Volo.Abp.DependencyInjection;
using Volo.Abp.Security.Claims;
using Yi.Framework.Rbac.Domain.Managers;
using Yi.Framework.Rbac.Domain.Shared.Consts;
namespace Yi.Framework.Rbac.Domain.Authorization
{
[DebuggerStepThrough]
public class RefreshTokenMiddleware : IMiddleware, ITransientDependency
{
private AccountManager _accountManager;
public RefreshTokenMiddleware(AccountManager accountManager)
{
_accountManager = accountManager;
}
public async Task InvokeAsync(HttpContext context, RequestDelegate next)
{
var refreshToken = context.Request.Headers["refresh_token"].ToString();
if (!string.IsNullOrEmpty(refreshToken))
{
//Jwt鉴权失败过期了再去找刷新token进行刷新处理不用每次都去刷新
var bearerAuthResult = await context.AuthenticateAsync("Bearer");
if (!bearerAuthResult.Succeeded)
{
//每个用户的token刷新频率可以进行控制防止刷新token当访问token使用
var authResult = await context.AuthenticateAsync(TokenTypeConst.Refresh);
//token鉴权刷新成功
if (authResult.Succeeded)
{
var userId = Guid.Parse(authResult.Principal.FindFirst(AbpClaimTypes.UserId).Value.ToString());
var access_Token = await _accountManager.GetTokenByUserIdAsync(userId);
var refresh_Token = _accountManager.CreateRefreshToken(userId);
context.Response.Headers["access_token"] = access_Token;
context.Response.Headers["refresh_token"] = refresh_Token;
//请求头替换,补充后续鉴权逻辑
context.Request.Headers["Authorization"] = "Bearer " + access_Token;
}
//刷新token 与 access_token都失效了
// else
// {
//context.Response.StatusCode = StatusCodes.Status401Unauthorized;
//return;
// }
}
}
await next(context);
}
}
public static class RefreshTokenExtensions
{
public static IApplicationBuilder UseRefreshToken([NotNull] this IApplicationBuilder app)
{
app.UseMiddleware<RefreshTokenMiddleware>();
return app;
}
}
}
Reference in New Issue View Git Blame Copy Permalink