using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.Extensions.DependencyInjection;
using System;
using System.Linq;
using System.Threading.Tasks;
using Znyc.Recruitment.Api.Auth;
namespace Znyc.Recruitment.Attributes
{
///
/// 定时任务启动密钥
///
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true)]
public class QuartzAttribute : AuthorizeAttribute, IAuthorizationFilter, IAsyncAuthorizationFilter
{
private IApiHandler _apiHandler;
public Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
OnAuthorization(context);
return Task.CompletedTask;
}
public async void OnAuthorization(AuthorizationFilterContext context)
{
//排除匿名访问
if (context.ActionDescriptor.EndpointMetadata.Any(m => m.GetType() == typeof(AllowAnonymousAttribute)))
{
return;
}
string apiUrl = context.HttpContext.Request.Path.Value;
_apiHandler = context.HttpContext.RequestServices.GetService();
Model.ApiEntity entity = await _apiHandler.ValidateAsync(apiUrl);
//key/value 存入数据库去查询,不同的api对应不同的key/value
string authHeader = context.HttpContext.Request.Headers[entity.AuthKey];
if (authHeader != null && authHeader.Equals(entity.AuthValue))
{
return;
}
context.Result = new StatusCodeResult(StatusCodes.Status401Unauthorized);
}
public void OnAuthorizationTest(AuthorizationFilterContext context)
{
//key/value 存入数据库去查询,不同的api对应不同的key/value
string authHeader = context.HttpContext.Request.Headers["Authorization"];
if (authHeader != null && authHeader.StartsWith("Quartz"))
{
if (authHeader.Equals("Quartz 5r59#ioFJLQ@Pye6"))
{
return;
}
context.Result = new StatusCodeResult(StatusCodes.Status401Unauthorized);
}
else
{
context.Result = new StatusCodeResult(StatusCodes.Status401Unauthorized);
}
}
}
}