/// <summary>
/// 登录验证
/// </summary>
/// <param name="context">登录上下文信息</param>
/// <returns>登录验证是否通过</returns>
public static async Task <bool> ValidatePrincipalAsync(CookieValidatePrincipalContext context)
{
#region 登录凭据
var authUser = AuthenticationUser <long> .GetUserFromPrincipal(context.Principal);
if (authUser == null)
{
return(await Task.FromResult(false).ConfigureAwait(false));
}
if (authUser.IsAdmin)
{
return(await Task.FromResult(true).ConfigureAwait(false));
}
#endregion
#region 登录用户判断
var userCacheKey = CacheUtil.GetUserCacheKey(authUser.Id.ToString());
var userData = CacheManager.GetData <UserDto>(userCacheKey);
if (userData == null || userData.Status != UserStatus.正常)
{
return(await Task.FromResult(false).ConfigureAwait(false));
}
CacheManager.SetDataByRelativeExpiration(userCacheKey, userData, TimeSpan.FromHours(1), true);
#endregion
return(await Task.FromResult(true).ConfigureAwait(false));
}
/// <summary>
/// 记录操作分组
/// </summary>
/// <param name="authorityOperationGroup">操作分组</param>
static void RecordAuthOperationGroup(AuthorityOperationGroupDto authorityOperationGroup)
{
if (authorityOperationGroup == null)
{
return;
}
var groupCacheKey = CacheUtil.GetOperationGroupCacheKey(authorityOperationGroup.SysNo.ToString());
CacheManager.SetData(groupCacheKey, authorityOperationGroup);
}
static void RecordRole(RoleDto role)
{
if (role == null)
{
return;
}
CacheKey roleKey = CacheUtil.GetRoleCacheKey(role.SysNo.ToString());
CacheManager.SetData(roleKey, role);
}
/// <summary>
/// 记录授权操作
/// </summary>
/// <param name="authorityOperation">授权操作</param>
static void RecordAuthOperation(AuthorityOperationDto authorityOperation)
{
if (authorityOperation == null)
{
return;
}
var operationValue = $"{authorityOperation.ControllerCode}/{authorityOperation.ActionCode}";
var operationCacheKey = CacheUtil.GetOperationCacheKey(operationValue);
CacheManager.SetData(operationCacheKey, authorityOperation);
}
/// <summary>
/// 移除用户授权
/// </summary>
/// <param name="userId">用户编号</param>
public static void RemoveUserAuthorize(long userId)
{
var cacheKey = CacheUtil.GetUserAuthOperationCacheKey(userId.ToString());
CacheManager.Keys.Delete(new DeleteOption()
{
Keys = new List <CacheKey>()
{
cacheKey
}
});
}
/// <summary>
/// 登出
/// </summary>
public static void LoginOut()
{
var loginUser = GetLoginUser();
if (loginUser == null)
{
return;
}
#region 移除登录记录
if (!loginUser.IsAdmin)
{
var userId = loginUser.Id.ToString();
//移除登录记录
CacheManager.Set.Remove(new SetRemoveOption()
{
Key = CacheUtil.AllLoginUserCacheKey,
RemoveValues = new List <string>()
{
userId
}
});
//移除登录用户信息
var userCacheKey = CacheUtil.GetUserCacheKey(userId);
CacheManager.Keys.Delete(new DeleteOption()
{
Keys = new List <CacheKey>()
{
userCacheKey
}
});
//移除用户授权
AuthorizationManager.RemoveUserAuthorize(loginUser.Id);
}
#endregion
HttpContextHelper.Current.SignOutAsync().Wait();
}
/// <summary>
/// 保存登陆信息
/// </summary>
/// <param name="user">用户信息</param>
static void SaveLoginCredential(UserDto user)
{
if (null == user)
{
return;
}
#region 记录登录用户,不记录超级管理员
if (!user.SuperUser)
{
CacheManager.Set.Add(new SetAddOption()
{
Key = CacheUtil.AllLoginUserCacheKey,
Value = user.SysNo.ToString()
});
var userCacheKey = CacheUtil.GetUserCacheKey(user.SysNo.ToString());
CacheManager.SetDataByRelativeExpiration(userCacheKey, user, TimeSpan.FromHours(1), true);
CacheDataManager.RefreshLoginUser(user.SysNo, user.SuperUser);
}
#endregion
#region 记录登录凭据
AuthenticationUser <long> authUser = new AuthenticationUser <long>()
{
Id = user.SysNo,
Name = user.UserName,
RealName = user.RealName,
IsAdmin = user.SuperUser
};
HttpContextHelper.Current.SignInAsync(authUser, new AuthenticationProperties()
{
IsPersistent = true,
ExpiresUtc = DateTimeOffset.UtcNow.AddHours(1)
}).GetAwaiter().GetResult();
#endregion
}
/// <summary>
/// 授权验证
/// </summary>
/// <param name="operation">授权操作</param>
/// <returns></returns>
public static async Task <bool> AuthorizationAsync(AuthenticationUser <long> user, AuthorityOperationCmdDto operation)
{
if (operation == null || user == null)
{
return(false);
}
if (user.IsAdmin)
{
return(true);
}
operation.ControllerCode = operation.ControllerCode?.ToUpper() ?? string.Empty;
operation.ActionCode = operation.ActionCode?.ToUpper() ?? string.Empty;
#region 授权操作判断
string operationValue = $"{operation.ControllerCode}/{operation.ActionCode}";
var operationCacheKey = CacheUtil.GetOperationCacheKey(operationValue);
var nowOperation = CacheManager.GetData <AuthorityOperationDto>(operationCacheKey);
if (nowOperation == null || nowOperation.Status == AuthorityOperationStatus.关闭)
{
return(false);
}
if (nowOperation.AuthorizeType == AuthorityOperationAuthorizeType.无限制)
{
return(true);
}
#endregion
#region 授权操作分组判断
var groupKey = nowOperation.Group?.SysNo.ToString() ?? string.Empty;
if (groupKey.IsNullOrEmpty())
{
return(false);
}
var groupCacheKey = CacheUtil.GetOperationGroupCacheKey(groupKey);
var nowGroup = CacheManager.GetData <AuthorityOperationGroupDto>(groupCacheKey);
if (nowGroup == null || nowGroup.Status == AuthorityOperationGroupStatus.关闭)
{
return(false);
}
while (nowGroup.Level > 1)
{
var parentGroupKey = nowGroup.Parent?.SysNo.ToString() ?? string.Empty;
if (parentGroupKey.IsNullOrEmpty())
{
return(false);
}
var parentGroupCacheKey = CacheUtil.GetOperationGroupCacheKey(parentGroupKey);
var nowParentGroup = CacheManager.GetData <AuthorityOperationGroupDto>(parentGroupCacheKey);
nowGroup = nowParentGroup;
if (nowGroup == null || nowGroup.Status == AuthorityOperationGroupStatus.关闭)
{
return(false);
}
}
#endregion
var cacheKey = CacheUtil.GetUserAuthOperationCacheKey(user.Id.ToString());
var existResult = CacheManager.Set.Contains(new SetContainsOption()
{
Key = cacheKey,
Value = operationValue
})?.Responses ?? new List <SetContainsResponse>(0);
var hasOperation = existResult.IsNullOrEmpty() ? false : (existResult.FirstOrDefault()?.ContainsValue ?? false);
if (!hasOperation)
{
return(false);
}
return(await Task.FromResult(true));
}
/// <summary>
/// 刷新用户登录信息
/// </summary>
/// <param name="userId">用户编号</param>
/// <param name="superAdmin">超级用户</param>
public static void RefreshLoginUser(long userId, bool superAdmin = false)
{
if (userId < 1 || superAdmin)
{
return;
}
#region 判断登录信息
var userCacheKey = CacheUtil.GetUserCacheKey(userId.ToString());
var userData = CacheManager.GetData <UserDto>(userCacheKey);
if (userData == null)
{
CacheManager.Set.Remove(new SetRemoveOption()
{
Key = CacheUtil.AllLoginUserCacheKey,
RemoveValues = new List <string>(1)
{
userId.ToString()
}
});
return;
}
#endregion
#region 刷新授权信息
UserOperationFilterDto operationFilter = new UserOperationFilterDto()
{
UserFilter = new UserFilterDto()
{
SysNos = new List <long>(1)
{
userId
}
}
};
var operations = AuthAppService.GetAuthorityOperationList(operationFilter);
if (operations.IsNullOrEmpty())
{
return;
}
CacheKey userAuthKey = CacheUtil.GetUserAuthOperationCacheKey(userId.ToString());
CacheManager.Keys.Delete(new DeleteOption()
{
Keys = new List <CacheKey>()
{
userAuthKey
}
});
operations.ForEach(c =>
{
CacheManager.Set.Add(new SetAddOption()
{
Key = userAuthKey,
Value = $"{c.ControllerCode}/{c.ActionCode}"
});
});
#endregion
}
