/// <summary>
/// 访问控制
/// </summary>
/// <param name="context"></param>
/// <param name="_accessOptions"></param>
/// <returns></returns>
public async Task Access(HttpContext context, AccessOptions _accessOptions)
{
bool needCheck = true;
IWorkContext workContext = context.RequestServices.GetService <IWorkContext>();
//API Path/Action访问限制检查
needCheck = _accessOptions.LimitActions.FirstOrDefault(s => context.Request.Path.Value.ToLower().Contains(s)) != null;
if (needCheck && !context.Request.Headers.ContainsKey(FLAG_TOKEN))
{
//Headers中无token
throw new MaxException(ResultCode.HasNotToken);
}
if (context.Request.Headers.TryGetValue(FLAG_TOKEN, out StringValues values))
{
IIdentityService identityService = context.RequestServices.GetService <IIdentityService>();
AccessChain accessChain = await identityService.GetAsync(values[0].ToString());
if (needCheck && (accessChain == null || (accessChain.AccessSession.ForceCheck && (accessChain.User == null || !accessChain.User.IsLogin || accessChain.AccessSession.Expires < DateTime.Now || accessChain.User.Expires < DateTime.Now || accessChain.User.Status == 0))))
{
throw new MaxException(ResultCode.UnLogin);
}
workContext.AccessChain = accessChain;
workContext.Session.Id = accessChain?.AccessSession?.Token;
}
}
public AccessMiddleware(RequestDelegate next, AccessOptions accessOptions = null)
{
_next = next;
_accessOptions = accessOptions;
}