示例#1
0
        /// <summary>
        /// 登錄接口
        /// </summary>
        /// <param name="appKey">應用程式key.</param>
        /// <param name="username">使用者名稱</param>
        /// <param name="pwd">密碼</param>
        /// <returns>System.String.</returns>
        public LoginResult Login(string appKey, string username, string pwd)
        {
            if (_appConfiguration.Value.IsIdentityAuth)
            {
                return(new LoginResult
                {
                    Code = 500,
                    Message = "接口啟動了OAuth認證,暫時不能使用該方式登錄"
                });
            }

            var result = _loginParse.Do(new PassportLoginRequest
            {
                AppKey   = appKey,
                Account  = username,
                Password = pwd
            });

            var log = new SysLog
            {
                Content    = $"使用者登錄,結果:{result.Message}",
                Result     = result.Code == 200 ? 0 : 1,
                CreateId   = username,
                CreateName = username,
                TypeName   = "登錄日誌"
            };

            _logApp.Add(log);

            return(result);
        }
        public void OnActionExecuting(ActionExecutingContext context)
        {
            var description =
                (Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor;

            var Controllername = description.ControllerName.ToLower();
            var Actionname     = description.ActionName.ToLower();

            //匿名标识
            var authorize = description.MethodInfo.GetCustomAttribute(typeof(AllowAnonymousAttribute));

            if (authorize != null)
            {
                return;
            }

            if (!_authUtil.CheckLogin())
            {
                context.HttpContext.Response.StatusCode = 401;
                context.Result = new JsonResult(new Response
                {
                    Code    = 401,
                    Message = "认证失败,请提供认证信息"
                });
            }

            _logApp.Add(new SysLog
            {
                Content    = $"用户访问",
                Href       = $"{Controllername}/{Actionname}",
                CreateName = _authUtil.GetUserName(),
                CreateId   = _authUtil.GetCurrentUser().User.Id,
                TypeName   = "访问日志"
            });
        }
示例#3
0
        public void OnActionExecuting(ActionExecutingContext context)
        {
            var description =
                (Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor;

            //添加有允许匿名的Action,可以不用登录访问,如Login/Index
            var anonymous = description.MethodInfo.GetCustomAttribute(typeof(AllowAnonymousAttribute));

            if (anonymous != null)
            {
                return;
            }

            if (!_authUtil.CheckLogin())
            {
                context.Result = new RedirectResult("/Login/Index");
                return;
            }

            //------------------------以下内容都需要登录--------------------------------------------

            //如果是ajax请求的,跳过模块授权认证
            var headers = context.HttpContext.Request.Headers;
            var xreq    = headers.ContainsKey("x-requested-with");

            if (xreq && headers["x-requested-with"] == "XMLHttpRequest")
            {
                return;
            }

            var Controllername = description.ControllerName.ToLower();
            var Actionname     = description.ActionName.ToLower();
            //控制器白名单,在该名单中的控制器,需要登录,但不需要授权
            var whiteController = new[] { "usersession", "home", "redirects" };

            if (whiteController.Contains(Controllername))
            {
                return;
            }

            var currentModule = _authUtil.GetCurrentUser().Modules.FirstOrDefault(u => u.Url.ToLower().Contains(Controllername));

            //当前登录用户没有Action记录
            if (currentModule == null)
            {
                context.Result = new RedirectResult("/Error/Auth");
            }

            _logApp.Add(new SysLog
            {
                Content    = $"用户访问",
                Href       = $"{Controllername}/{Actionname}",
                CreateName = _authUtil.GetUserName(),
                CreateId   = _authUtil.GetCurrentUser().User.Id,
                TypeName   = "访问日志"
            });
        }
示例#4
0
 public string Add(SysLog obj)
 {
     try
     {
         _app.Add(obj);
     }
     catch (Exception ex)
     {
         Result.Code    = 500;
         Result.Message = ex.Message;
     }
     return(JsonHelper.Instance.Serialize(Result));
 }
        public Response Add(Syslog obj)
        {
            var result = new Response();

            try
            {
                _app.Add(obj);
            }
            catch (Exception ex)
            {
                result.Code    = 500;
                result.Message = ex.InnerException?.Message ?? ex.Message;
            }

            return(result);
        }
示例#6
0
        public void OnActionExecuting(ActionExecutingContext context)
        {
            var description =
                (Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor;

            //新增有允許匿名的Action,可以不用登錄訪問,如Login/Index
            var anonymous = description.MethodInfo.GetCustomAttribute(typeof(AllowAnonymousAttribute));

            if (anonymous != null)
            {
                return;
            }

            if (!_authUtil.CheckLogin())
            {
                context.Result = new RedirectResult("/Login/Index");
                return;
            }

            //------------------------以下內容都需要登錄--------------------------------------------

            //如果是ajax請求的,跳過模組授權認證
            var headers = context.HttpContext.Request.Headers;
            var xreq    = headers.ContainsKey("x-requested-with");

            if (xreq && headers["x-requested-with"] == "XMLHttpRequest")
            {
                return;
            }

            var Controllername = description.ControllerName.ToLower();
            var Actionname     = description.ActionName.ToLower();
            //控制器白名單,在該名單中的控制器,需要登錄,但不需要授權
            var whiteController = new[] { "usersession", "home", "redirects" };

            if (whiteController.Contains(Controllername))
            {
                return;
            }

            //URL白名單
            var whiteurls = new[] { "usermanager/changepassword", "usermanager/profile" };

            if (whiteurls.Contains(Controllername + "/" + Actionname))
            {
                return;
            }

            var currentModule = _authUtil.GetCurrentUser().Modules.FirstOrDefault(u => u.Url.ToLower().Contains(Controllername));

            //當前登錄使用者沒有Action記錄
            if (currentModule == null)
            {
                context.Result = new RedirectResult("/Error/Auth");
            }

            _logApp.Add(new SysLog
            {
                Content    = $"使用者訪問",
                Href       = $"{Controllername}/{Actionname}",
                CreateName = _authUtil.GetUserName(),
                CreateId   = _authUtil.GetCurrentUser().User.Id,
                TypeName   = "訪問日誌"
            });
        }