// public TokenModel CurrentUser = new TokenModel(); /// <summary> /// 获取当前用户 /// </summary> /// <returns></returns> protected TokenModel GetCurrentUser() { var headers = HttpContext.Request.Headers; //检测是否包含'Authorization'请求头,如果不包含返回context进行下一个中间件,用于访问不需要认证的API if (!headers.ContainsKey("Authorization")) { return(null); } var tokenStr = headers["Authorization"]; try { string jwtStr = tokenStr.ToString().Substring("FPLDQBearer ".Length).Trim(); //验证缓存中是否存在该jwt字符串 if (!BLOGPIMemoryCache.Exists(jwtStr)) { return(null); } TokenModel tm = ((TokenModel)BLOGPIMemoryCache.Get(jwtStr)); return(tm); } catch (Exception ex) { return(null); } }
/// <summary> /// 中间键执行方法 /// </summary> /// <param name="httpContext"></param> /// <returns></returns> public Task Invoke(HttpContext httpContext) { var headers = httpContext.Request.Headers; //检测是否包含'Authorization'请求头,如果不包含返回context进行下一个中间件,用于访问不需要认证的API if (!headers.ContainsKey("Authorization")) { //return httpContext.Response.WriteAsync("非法请求"); return(_next(httpContext)); } var tokenStr = headers["Authorization"]; try { string jwtStr = tokenStr.ToString().Substring("FPLDQBearer ".Length).Trim(); //验证缓存中是否存在该jwt字符串 if (!BLOGPIMemoryCache.Exists(jwtStr)) { Model.ApiResult <bool> apiResult = new Model.ApiResult <bool>(); apiResult.Code = Model.ApiResultStatu.Error; apiResult.Data = false; apiResult.Msg = "验证不通过,请求非法路径."; apiResult.Success = false; return(httpContext.Response.WriteAsync(apiResult.ToString())); } TokenModel tm = ((TokenModel)BLOGPIMemoryCache.Get(jwtStr)); //提取tokenModel中的Sub属性进行authorize认证 List <Claim> lc = new List <Claim>(); Claim c = new Claim(tm.Sub + "Type", tm.Sub); lc.Add(c); ClaimsIdentity identity = new ClaimsIdentity(lc); ClaimsPrincipal principal = new ClaimsPrincipal(identity); httpContext.User = principal; return(_next(httpContext)); } catch (Exception ex) { Model.ApiResult <bool> apiResult = new Model.ApiResult <bool>(); apiResult.Code = Model.ApiResultStatu.Error; apiResult.Data = false; apiResult.Msg = "token验证异常:" + ex.StackTrace + " 错误信息+" + ex.Message; apiResult.Success = false; return(httpContext.Response.WriteAsync(apiResult.ToString())); } }