root
/
znyc.cloudcar.admin.api
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
543 KiB
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
znyc.cloudcar.admin.api/Znyc.Cloudcar.Admin.AspNetCore/Mvc/ApiController.cs

253 lines
10 KiB
Raw Permalink Blame History

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Cors;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Controllers;
using Microsoft.AspNetCore.Mvc.Filters;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Reflection;
using System.Security.Claims;
using System.Text.Encodings.Web;
using System.Text.Json;
using System.Text.Unicode;
using Znyc.Cloudcar.Admin.AspNetCore.Common;
using Znyc.Cloudcar.Admin.AspNetCore.Entitys;
using Znyc.Cloudcar.Admin.AspNetCore.Mvc;
using Znyc.Cloudcar.Admin.AspNetCore.Mvc.Filter;
using Znyc.Cloudcar.Admin.Commons.Cache;
using Znyc.Cloudcar.Admin.Commons.Entitys;
using Znyc.Cloudcar.Admin.Commons.Extensions;
using Znyc.Cloudcar.Admin.Commons.Helpers;
using Znyc.Cloudcar.Admin.Commons.Json;
using Znyc.Cloudcar.Admin.Commons.Log;
using Znyc.Cloudcar.Admin.Commons.Pages;
using Znyc.Cloudcar.Admin.Security.Dtos;
namespace Znyc.Cloudcar.Admin.AspNetCore.Controllers
{
/// <summary>
/// WebApi控制器基类
/// </summary>
[ApiController]
[EnableCors("Cors")]
public class ApiController : Controller
{
/// <summary>
/// 当前登录的用户属性
/// </summary>
public AdminCurrentUser CurrentUser;
#region
/// <summary>
/// 重写基类在Action执行之前的事情
/// 根据token获得当前用户,允许匿名的不需要获取用户
/// </summary>
/// <param name="context">重写方法的参数</param>
public override void OnActionExecuting(ActionExecutingContext context)
{
try
{
ControllerActionDescriptor controllerActionDescriptor = context.ActionDescriptor as ControllerActionDescriptor;
//匿名访问,不需要token认证、签名和登录
Attribute allowanyone =
controllerActionDescriptor.MethodInfo.GetCustomAttribute(typeof(AllowAnonymousAttribute), true);
if (allowanyone != null)
{
return;
}
CommonResult result = new CommonResult();
//需要token认证
string authHeader = context.HttpContext.Request.Headers["Authorization"]; //Header中的token
if (string.IsNullOrEmpty(authHeader))
{
result.ErrCode = "40004";
result.ErrMsg = ErrCode.err40004;
context.Result = ToJsonContent(result);
}
else
{
string token = string.Empty;
if (authHeader != null && authHeader.StartsWith("Bearer ", StringComparison.Ordinal))
{
token = authHeader.Substring(7);
}
TokenProvider tokenProvider = new TokenProvider();
result = tokenProvider.ValidateToken(token);
//token验证失败
if (!result.Success)
{
context.Result = ToJsonContent(result);
}
else
{
#region 是否需要验证用户登录以及相关的功能权限
//是否需要用户登录
Attribute isDefined =
controllerActionDescriptor.MethodInfo.GetCustomAttribute(
typeof(NoPermissionRequiredAttribute));
//不需要登录
if (isDefined != null)
{
return;
}
//需要登录和验证功能权限
if (result.ResData != null)
{
List<Claim> claimlist = result.ResData as List<Claim>;
string userId = claimlist[3].Value;
Claim[] claims =
{
new(ZnycClaimTypes.UserId, userId),
new(ZnycClaimTypes.UserName, claimlist[2].Value),
new(ZnycClaimTypes.Role, claimlist[4].Value)
};
ClaimsIdentity identity = new ClaimsIdentity(claims);
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
context.HttpContext.User = principal;
CacheHelper yuebonCacheHelper = new CacheHelper();
AdminCurrentUser user = yuebonCacheHelper.Get<AdminCurrentUser>("login_user_" + userId);
if (user != null)
{
CurrentUser = user;
}
bool isAdmin = Permission.IsAdmin(user);
if (!isAdmin)
{
IEnumerable<FunctionAuthorizeAttribute> authorizeAttributes = controllerActionDescriptor.MethodInfo
.GetCustomAttributes(typeof(FunctionAuthorizeAttribute), true)
.OfType<FunctionAuthorizeAttribute>();
if (authorizeAttributes.FirstOrDefault() != null)
{
string function = authorizeAttributes.First().Function;
if (!string.IsNullOrEmpty(function))
{
string functionCode = controllerActionDescriptor.ControllerName + "/" + function;
bool bl = Permission.HasFunction(functionCode, userId.ToInt());
if (!bl)
{
result.ErrCode = "40006";
result.ErrMsg = ErrCode.err40006;
context.Result = ToJsonContent(result);
}
}
}
}
}
else
{
result.ErrCode = "40008";
result.ErrMsg = ErrCode.err40008;
context.Result = ToJsonContent(result);
}
#endregion 是否需要验证用户登录以及相关的功能权限
}
}
}
catch (Exception ex)
{
Log4NetHelper.Error("", ex);
}
}
#endregion
/// <summary>
/// 把object对象转换为ContentResult
/// </summary>
/// <param name="obj"></param>
/// <returns></returns>
[HttpPost]
[Route("api/ToJsonContent")]
protected IActionResult ToJsonContent(object obj)
{
return Content(obj.ToJson());
}
/// <summary>
/// 把object对象转换为ContentResult
/// </summary>
/// <param name="obj">转换对象</param>
/// <param name="isNull">是否忽略空值</param>
/// <returns></returns>
[HttpPost]
[Route("api/ToJsonContent")]
protected IActionResult ToJsonContent(object obj, bool isNull = false)
{
JsonSerializerOptions options = new JsonSerializerOptions
{
WriteIndented = true, //格式化json字符串
AllowTrailingCommas = true, //可以结尾有逗号
IgnoreNullValues = true, //可以有空值,转换json去除空值属性
IgnoreReadOnlyProperties = true, //忽略只读属性
PropertyNameCaseInsensitive = true, //忽略大小写
Encoder = JavaScriptEncoder.Create(UnicodeRanges.All)
};
options.Converters.Add(new DateTimeJsonConverter());
return Content(JsonSerializer.Serialize(obj, options));
}
/// <summary>
/// 根据Request参数获取分页对象数据
/// </summary>
/// <returns></returns>
protected virtual PagerInfo GetPagerInfo()
{
int pageSize = Request.Query["length"].ToString() == null ? 1 : Request.Query["length"].ToString().ToInt();
int pageIndex = 1;
string currentPage = Request.Query["CurrentPage"].ToString();
if (string.IsNullOrWhiteSpace(currentPage))
{
string start = Request.Query["start"].ToString();
if (!string.IsNullOrWhiteSpace(start))
{
pageIndex = start.ToInt() / pageSize + 1;
}
}
else
{
pageIndex = currentPage.ToInt();
}
PagerInfo pagerInfo = new PagerInfo
{
CurrenetPageIndex = pageIndex,
PageSize = pageSize
};
return pagerInfo;
}
/// <summary>
/// 获取token
/// </summary>
/// <returns></returns>
[HttpGet("GetToken")]
[HiddenApi]
public string GetToken()
{
string token = HttpContext.Request.Query["Token"];
if (!string.IsNullOrEmpty(token))
{
return token;
}
string authHeader = HttpContext.Request.Headers["Authorization"]; //Header中的token
if (authHeader != null && authHeader.StartsWith("Bearer"))
{
token = authHeader.Substring("Bearer ".Length).Trim();
return token;
}
string cookie = HttpContext.Request.Cookies["Token"];
return cookie == null ? string.Empty : cookie;
}
}
}