lsm/OpenAuth.Net
1
0
Fork 0
mirror of https://gitee.com/dotnetchina/OpenAuth.Net.git synced 2025-05-10 07:38:01 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
e0c8c46c9b
OpenAuth.Net/OpenAuth.Mvc/Models/OpenAuthFilter.cs

92 lines
3.0 KiB
C#
Raw Normal View History

转移.net core 3.1,为.NET 5做准备
2020-10-22 14:59:36 +08:00
using System.Linq;
using System.Reflection;
增加PostgreSQL支持; 修复DES加密
2023-02-16 21:45:01 +08:00
转移.net core 3.1,为.NET 5做准备
2020-10-22 14:59:36 +08:00
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
增加PostgreSQL支持; 修复DES加密
2023-02-16 21:45:01 +08:00
转移.net core 3.1,为.NET 5做准备
2020-10-22 14:59:36 +08:00
using OpenAuth.App;
using OpenAuth.App.Interface;
using OpenAuth.Repository.Domain;
namespace OpenAuth.Mvc.Models
{
public class OpenAuthFilter : IActionFilter
{
private readonly IAuth _authUtil;
private readonly SysLogApp _logApp;
public OpenAuthFilter(IAuth authUtil, SysLogApp logApp)
{
_authUtil = authUtil;
_logApp = logApp;
}
public void OnActionExecuting(ActionExecutingContext context)
{
var description =
(Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor;
//添加有允许匿名的Action可以不用登录访问如Login/Index
var anonymous = description.MethodInfo.GetCustomAttribute(typeof(AllowAnonymousAttribute));
增加PostgreSQL支持; 修复DES加密
2023-02-16 21:45:01 +08:00
if(anonymous != null)
转移.net core 3.1,为.NET 5做准备
2020-10-22 14:59:36 +08:00
{
return;
}
增加PostgreSQL支持; 修复DES加密
2023-02-16 21:45:01 +08:00
if(!_authUtil.CheckLogin())
转移.net core 3.1,为.NET 5做准备
2020-10-22 14:59:36 +08:00
{
context.Result = new RedirectResult("/Login/Index");
return;
}
//------------------------以下内容都需要登录--------------------------------------------
//如果是ajax请求的跳过模块授权认证
var headers = context.HttpContext.Request.Headers;
var xreq = headers.ContainsKey("x-requested-with");
增加PostgreSQL支持; 修复DES加密
2023-02-16 21:45:01 +08:00
if(xreq && headers["x-requested-with"] == "XMLHttpRequest")
转移.net core 3.1,为.NET 5做准备
2020-10-22 14:59:36 +08:00
{
return;
}
var Controllername = description.ControllerName.ToLower();
var Actionname = description.ActionName.ToLower();
//控制器白名单,在该名单中的控制器,需要登录,但不需要授权
增加PostgreSQL支持; 修复DES加密
2023-02-16 21:45:01 +08:00
var whiteController = new[] { "usersession", "home", "redirects" };
if(whiteController.Contains(Controllername))
转移.net core 3.1,为.NET 5做准备
2020-10-22 14:59:36 +08:00
{
return;
}
增加PostgreSQL支持; 修复DES加密
2023-02-16 21:45:01 +08:00
转移.net core 3.1,为.NET 5做准备
2020-10-22 14:59:36 +08:00
//URL白名单
增加PostgreSQL支持; 修复DES加密
2023-02-16 21:45:01 +08:00
var whiteurls = new[] { "usermanager/changepassword", "usermanager/profile" };
if(whiteurls.Contains(Controllername + "/" + Actionname))
转移.net core 3.1,为.NET 5做准备
2020-10-22 14:59:36 +08:00
{
return;
}
var currentModule = _authUtil.GetCurrentUser().Modules.FirstOrDefault(u => u.Url.ToLower().Contains(Controllername));
//当前登录用户没有Action记录
增加PostgreSQL支持; 修复DES加密
2023-02-16 21:45:01 +08:00
if(currentModule == null)
转移.net core 3.1,为.NET 5做准备
2020-10-22 14:59:36 +08:00
{
context.Result = new RedirectResult("/Error/Auth");
}
_logApp.Add(new SysLog
{
Content = $"用户访问",
Href = $"{Controllername}/{Actionname}",
CreateName = _authUtil.GetUserName(),
CreateId = _authUtil.GetCurrentUser().User.Id,
TypeName = "访问日志"
});
}
public void OnActionExecuted(ActionExecutedContext context)
{
return;
}
}
}
Reference in New Issue Copy Permalink