Exemplo n.º 1
0
        public void OnActionExecuting(ActionExecutingContext context)
        {
            if (context.ActionDescriptor is ControllerActionDescriptor controllerActionDescriptor)
            {
                var authorizeAttributes = controllerActionDescriptor.MethodInfo.GetCustomAttributes(typeof(AuthorizePermissionAttribute), true);
                if (authorizeAttributes.Length > 0)
                {
                    var    authorizeAttribute = (AuthorizePermissionAttribute)authorizeAttributes[0];
                    var    request            = context.HttpContext.Request;
                    var    tokens             = request.Headers["x-token"];
                    string token;
                    if (tokens.Count == 0)
                    {
                        throw new AuthorizeException("Token不存在");
                    }
                    else
                    {
                        token = tokens[0];
                    }
                    if (string.IsNullOrEmpty(token) || token.Length < 20)
                    {
                        throw new AuthorizeException("Token格式错误");
                    }
                    var httpContext = context.HttpContext;

                    if (authorizeAttribute.Type == AuthorizeType.System)
                    {
                        var client = authorize.GetSystemClientId(token);
                        if (client == null)
                        {
                            throw new AuthorizeException("Token不正确");
                        }
                        httpContext.SetClientInfo(client);
                    }
                    else
                    {
                        var tokenInfo = authorize.ParseUserToken(token);
                        if (tokenInfo == null)
                        {
                            throw new AuthorizeException("用户Token不正确");
                        }
                        var account = authorize.GetAuthorize(tokenInfo);
                        if (account == null)
                        {
                            throw new AuthorizeException("用户未登录");
                        }
                        if (account.Guid != tokenInfo.Guid)
                        {
                            throw new AuthorizeException("用户已在其他地方登录");
                        }
                        httpContext.SetUserInfo(account.LoginId, account.UserName, account.Client);

                        if (authorizeAttribute.Type == AuthorizeType.UserAction)
                        {
                            var action = context.HttpContext.Request.Path;
                            if (!ValidUserPermission(account.Roles, action))
                            {
                                throw new PermissionException("用户无该操作权限");
                            }
                        }
                    }
                }
            }
        }
Exemplo n.º 2
0
        public void OnActionExecuting(ActionExecutingContext context)
        {
            if (context.ActionDescriptor is ControllerActionDescriptor controllerActionDescriptor)
            {
                var authorizeAttributes = controllerActionDescriptor.MethodInfo.GetCustomAttributes(typeof(AuthorizePermissionAttribute), true);
                if (authorizeAttributes.Length > 0)
                {
                    var    httpContext        = context.HttpContext;
                    var    authorizeAttribute = (AuthorizePermissionAttribute)authorizeAttributes[0];
                    var    request            = context.HttpContext.Request;
                    var    tokens             = request.Headers["x-token"];
                    string token;
                    if (tokens.Count == 0)
                    {
                        if (authorizeManagement.TestMode)
                        {
                            httpContext.SetClientInfo("test");
                            return;
                        }
                        else
                        {
                            throw new AuthorizeException(SR.TokenNotExists, string.Empty);
                        }
                    }
                    else
                    {
                        token = tokens[0];
                    }
                    if (string.IsNullOrEmpty(token) || token.Length < 20)
                    {
                        throw new AuthorizeException(SR.TokenFormatError, token);
                    }
                    if (authorizeAttribute.Type == AuthorizeType.System)
                    {
                        var client = authorizeManagement.GetSystemClientId(token);
                        if (client == null)
                        {
                            throw new AuthorizeException(SR.TokenError, token);
                        }
                        httpContext.SetClientInfo(client);
                    }
                    else
                    {
                        var tokenInfo = authorizeManagement.ParseUserToken(token);
                        if (tokenInfo == null)
                        {
                            throw new AuthorizeException(SR.UserTokenError, token);
                        }
                        var account = authorizeManagement.GetAuthorize(tokenInfo);
                        if (account == null)
                        {
                            throw new AuthorizeException(SR.UserNotLogin, token);
                        }
                        if (account.Guid != tokenInfo.Guid)
                        {
                            throw new AuthorizeException(SR.UserHasLogin, token);
                        }
                        httpContext.SetUserInfo(account.LoginId, account.UserName, account.Client);

                        if (authorizeAttribute.Type == AuthorizeType.UserAction)
                        {
                            var action = context.HttpContext.Request.Path;
                            if (!ValidUserPermission(account.Roles, action))
                            {
                                throw new PermissionException(SR.UserNotPermission, account.UserName, action);
                            }
                        }
                    }
                }
            }
        }