using Furion.Authorization;
|
using Furion.DataEncryption;
|
using Microsoft.AspNetCore.Authorization;
|
using Microsoft.AspNetCore.Http;
|
|
namespace Yw.WebApi
|
{
|
/// <summary>
|
/// JWT 授权自定义处理程序
|
/// </summary>
|
public class JwtHandler : AppAuthorizeHandler
|
{
|
|
/// <summary>
|
/// 自动刷新Token
|
/// </summary>
|
/// <param name="context"></param>
|
/// <returns></returns>
|
public override async Task HandleAsync(AuthorizationHandlerContext context)
|
{
|
var accessTokenExpire = Settings.Settings.ParasHelper.Auth.JWT.AccessTokenExpire;
|
var refreshTokenExpire = Settings.Settings.ParasHelper.Auth.JWT.RefreshTokenExpire;
|
|
if (JWTEncryption.AutoRefreshToken(context, context.GetCurrentHttpContext(), accessTokenExpire, refreshTokenExpire))
|
{
|
await AuthorizeHandleAsync(context);
|
}
|
else
|
{
|
context.Fail(); // 授权失败
|
}
|
}
|
|
/// <summary>
|
/// 请求管道
|
/// </summary>
|
/// <param name="context"></param>
|
/// <param name="httpContext"></param>
|
/// <returns></returns>
|
public override Task<bool> PipelineAsync(AuthorizationHandlerContext context, DefaultHttpContext httpContext)
|
{
|
// 此处已经自动验证 Jwt token的有效性了,无需手动验证
|
Yw.Untity.UserRegister.Regist
|
(
|
Yw.JWT.UserManager.CorpID,
|
Yw.JWT.UserManager.UserID,
|
Yw.JWT.UserManager.AdminType,
|
Yw.JWT.UserManager.UserName,
|
Yw.JWT.UserManager.UserTag,
|
Yw.JWT.UserManager.LoginAccountID,
|
Yw.JWT.UserManager.LoginTypeID,
|
Yw.JWT.UserManager.ProjectID,
|
Yw.JWT.UserManager.SoftwareID
|
);
|
// 检查权限,如果方法是异步的就不用 Task.FromResult 包裹,直接使用 async/await 即可
|
return Task.FromResult(CheckAuthorzie(httpContext));
|
}
|
|
/// <summary>
|
/// 检查权限
|
/// </summary>
|
/// <param name="httpContext"></param>
|
/// <returns></returns>
|
private static bool CheckAuthorzie(DefaultHttpContext httpContext)
|
{
|
// 获取权限特性
|
var securityDefineAttribute = httpContext.GetMetadata<SecurityDefineAttribute>();
|
if (securityDefineAttribute == null)
|
return true;
|
return true;
|
}
|
}
|
}
|
