lsm/OpenAuth.Net
1
0
Fork 0
mirror of https://gitee.com/dotnetchina/OpenAuth.Net.git synced 2025-09-19 10:08:04 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

增加PostgreSQL支持;

Browse Source 
修复DES加密
This commit is contained in:
yubaolee
2023-02-16 21:45:01 +08:00
parent 3890aa3fba
commit e0c8c46c9b
12 changed files with 1724 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
OpenAuth.Mvc/Models/OpenAuthFilter.cs
View File

@@ -1,8 +1,10 @@
using System.Linq;
using System.Reflection;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using OpenAuth.App;
using OpenAuth.App.Interface;
using OpenAuth.Repository.Domain;
@@ -27,12 +29,12 @@ namespace OpenAuth.Mvc.Models
//添加有允许匿名的Action可以不用登录访问如Login/Index
var anonymous = description.MethodInfo.GetCustomAttribute(typeof(AllowAnonymousAttribute));
if (anonymous != null)
if(anonymous != null)
{
return;
}
if (!_authUtil.CheckLogin())
if(!_authUtil.CheckLogin())
{
context.Result = new RedirectResult("/Login/Index");
return;
@@ -43,7 +45,7 @@ namespace OpenAuth.Mvc.Models
//如果是ajax请求的跳过模块授权认证
var headers = context.HttpContext.Request.Headers;
var xreq = headers.ContainsKey("x-requested-with");
if (xreq && headers["x-requested-with"] == "XMLHttpRequest")
if(xreq && headers["x-requested-with"] == "XMLHttpRequest")
{
return;
}
@@ -51,22 +53,22 @@ namespace OpenAuth.Mvc.Models
var Controllername = description.ControllerName.ToLower();
var Actionname = description.ActionName.ToLower();
//控制器白名单,在该名单中的控制器,需要登录,但不需要授权
var whiteController = new[] {"usersession","home","redirects"};
if (whiteController.Contains(Controllername))
var whiteController = new[] { "usersession", "home", "redirects" };
if(whiteController.Contains(Controllername))
{
return;
}
//URL白名单
var whiteurls = new[] {"usermanager/changepassword", "usermanager/profile"};
if (whiteurls.Contains(Controllername + "/" + Actionname))
var whiteurls = new[] { "usermanager/changepassword", "usermanager/profile" };
if(whiteurls.Contains(Controllername + "/" + Actionname))
{
return;
}
var currentModule = _authUtil.GetCurrentUser().Modules.FirstOrDefault(u => u.Url.ToLower().Contains(Controllername));
//当前登录用户没有Action记录
if (currentModule == null)
if(currentModule == null)
{
context.Result = new RedirectResult("/Error/Auth");
}