public void OnActionExecuting(ActionExecutingContext context) { if (context.ActionDescriptor is ControllerActionDescriptor controllerActionDescriptor) { var authorizeAttributes = controllerActionDescriptor.MethodInfo.GetCustomAttributes(typeof(AuthorizePermissionAttribute), true); if (authorizeAttributes.Length > 0) { var authorizeAttribute = (AuthorizePermissionAttribute)authorizeAttributes[0]; var request = context.HttpContext.Request; var tokens = request.Headers["x-token"]; string token; if (tokens.Count == 0) { throw new AuthorizeException("Token不存在"); } else { token = tokens[0]; } if (string.IsNullOrEmpty(token) || token.Length < 20) { throw new AuthorizeException("Token格式错误"); } var httpContext = context.HttpContext; if (authorizeAttribute.Type == AuthorizeType.System) { var client = authorize.GetSystemClientId(token); if (client == null) { throw new AuthorizeException("Token不正确"); } httpContext.SetClientInfo(client); } else { var tokenInfo = authorize.ParseUserToken(token); if (tokenInfo == null) { throw new AuthorizeException("用户Token不正确"); } var account = authorize.GetAuthorize(tokenInfo); if (account == null) { throw new AuthorizeException("用户未登录"); } if (account.Guid != tokenInfo.Guid) { throw new AuthorizeException("用户已在其他地方登录"); } httpContext.SetUserInfo(account.LoginId, account.UserName, account.Client); if (authorizeAttribute.Type == AuthorizeType.UserAction) { var action = context.HttpContext.Request.Path; if (!ValidUserPermission(account.Roles, action)) { throw new PermissionException("用户无该操作权限"); } } } } } }
public void OnActionExecuting(ActionExecutingContext context) { if (context.ActionDescriptor is ControllerActionDescriptor controllerActionDescriptor) { var authorizeAttributes = controllerActionDescriptor.MethodInfo.GetCustomAttributes(typeof(AuthorizePermissionAttribute), true); if (authorizeAttributes.Length > 0) { var httpContext = context.HttpContext; var authorizeAttribute = (AuthorizePermissionAttribute)authorizeAttributes[0]; var request = context.HttpContext.Request; var tokens = request.Headers["x-token"]; string token; if (tokens.Count == 0) { if (authorizeManagement.TestMode) { httpContext.SetClientInfo("test"); return; } else { throw new AuthorizeException(SR.TokenNotExists, string.Empty); } } else { token = tokens[0]; } if (string.IsNullOrEmpty(token) || token.Length < 20) { throw new AuthorizeException(SR.TokenFormatError, token); } if (authorizeAttribute.Type == AuthorizeType.System) { var client = authorizeManagement.GetSystemClientId(token); if (client == null) { throw new AuthorizeException(SR.TokenError, token); } httpContext.SetClientInfo(client); } else { var tokenInfo = authorizeManagement.ParseUserToken(token); if (tokenInfo == null) { throw new AuthorizeException(SR.UserTokenError, token); } var account = authorizeManagement.GetAuthorize(tokenInfo); if (account == null) { throw new AuthorizeException(SR.UserNotLogin, token); } if (account.Guid != tokenInfo.Guid) { throw new AuthorizeException(SR.UserHasLogin, token); } httpContext.SetUserInfo(account.LoginId, account.UserName, account.Client); if (authorizeAttribute.Type == AuthorizeType.UserAction) { var action = context.HttpContext.Request.Path; if (!ValidUserPermission(account.Roles, action)) { throw new PermissionException(SR.UserNotPermission, account.UserName, action); } } } } } }