/// <summary>
/// 获取用户列表
/// </summary>
/// <returns></returns>
public async Task <IActionResult> GetUserListAsync()
{
string token = cookieHelper.GetCookies(HttpContext, "Token");
List <UserInfo> re = new List <UserInfo>();
if (token != null)
{
string url = GlobalVar.Author_url + "/JWT/GetUser?token=" + token;
re = await _httpClientFactoryHelper.GetJsonResult <List <UserInfo> >(url, "", System.Net.Http.HttpMethod.Get);
return(Json(re));
}
return(Json(re));
}
//public UserAuthorizeMiddleware(RequestDelegate next, AuthServerConfig authServerConfig, IServiceProvider serviceProvider)
//{
// if (next == null)
// {
// throw new ArgumentNullException(nameof(next));
// }
// _next = next;
// _authServerConfig = authServerConfig;
// _serviceProvider = serviceProvider;
// var _emailRepository = serviceProvider.GetRequiredService<IHttpClientFactoryHelper>();
//}
/// <summary>
/// Scoped的接口只能从Invoke进行方法注入,否则无法获取到对象
/// </summary>
/// <param name="context"></param>
/// <param name="httpRequest"></param>
/// <returns></returns>
public async Task Invoke(HttpContext context, IHttpClientFactoryHelper httpClient)
{
string token = string.Empty;
token = context.Request.Headers["Authorization"];//先从请求头获取token
if (string.IsNullOrEmpty(token))
{
token = context.Session.GetString("token");//再从session中获取token
}
string url = $"{_authServerConfig.TokenServerUrl}/Security/Token/ValidateToken";
string posData = JsonConvert.SerializeObject(token);
TokenAuthorizeInfo tokenAuthorizeInfo = await httpClient.GetJsonResult <TokenAuthorizeInfo>(url, posData, HttpMethod.Get);
if (tokenAuthorizeInfo != null)
{
if (tokenAuthorizeInfo.Status)
{
await _next(context);
}
else
{
context.Response.StatusCode = 401;
}
}
else
{
context.Response.StatusCode = 401;
}
}
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
string token = string.Empty;
token = context.HttpContext.Request.Headers["Authorization"];//先从请求头获取token
if (string.IsNullOrEmpty(token))
{
token = context.HttpContext.Session.GetString("token");//再从session中获取token
}
var objectResult = context.Result as ObjectResult;
string url = $"{_authServerConfig.TokenServerUrl}/security/Token/ValidateToken";
string posData = JsonConvert.SerializeObject(token);
TokenAuthorizeInfo tokenAuthorizeInfo = await _httpClient.GetJsonResult <TokenAuthorizeInfo>(url, posData, HttpMethod.Get);
if (tokenAuthorizeInfo != null)
{
if (tokenAuthorizeInfo.Status)
{
//continue;
//context.Result = objectResult;
await next.Invoke();
}
else
{
if (_IsRedirectToLogin)
{
context.HttpContext.Response.StatusCode = 401;
context.Result = new RedirectResult(_authServerConfig.LoginUrl);//跳转到登录页面
}
else
{
objectResult = new ObjectResult(new { code = 401, msg = "用户未有授权" });
context.Result = objectResult;
context.HttpContext.Response.StatusCode = 401;
}
}
}
else
{
if (_IsRedirectToLogin)
{
context.HttpContext.Response.StatusCode = 401;
context.Result = new RedirectResult(_authServerConfig.LoginUrl);//跳转到登录页面
}
else
{
objectResult = new ObjectResult(new { code = 401, msg = "用户未有授权" });
context.Result = objectResult;
context.HttpContext.Response.StatusCode = 401;
}
}
}
public async Task <IActionResult> Check(string username, string password)
{
string url = GlobalVar.Author_url + "/JWT/Login?user_name=" + username + "&password="******"user_name", userToken.UserName, userToken.expire);
cookieHelper.SetCookies(HttpContext, "user_role", userToken.Role, userToken.expire);
cookieHelper.SetCookies(HttpContext, "Token", userToken.Token, userToken.expire);
return(Json("Success"));
}
return(Json("Fail"));
}