no message

zhaojs

2023-09-27 74098f1401afe40f961d1d167bb18dd0a71c4d59

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
using CommonUtil;
using Microsoft.AspNetCore.Mvc.Filters;
using Operater.DAL;
using Operater.DTO.System;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
 
namespace Operater.Common.Filter
{
    public class ActionFilterHelper
    {
        /// <summary>
        /// 忽略鉴权的api
        /// </summary>
        public static IgnoreapiModel ignoreApis = new IgnoreapiModel();
        /// <summary>
        /// 公共鉴权机制
        /// </summary>
        /// <param name="context"></param>
        /// <returns></returns>
        public static FilterResponseMsg FilterAct(ActionExecutingContext context)
        {
            FilterResponseMsg msg = new FilterResponseMsg()
            {
                success = false
            };
 
            FilterErrorMsg errorMsg = new FilterErrorMsg();
 
            if (!context.ModelState.IsValid)
            {
                var error = context.ModelState.Values.SelectMany(e => e.Errors).Select(e => e.ErrorMessage).FirstOrDefault();
                errorMsg.code = "-32602";
                errorMsg.message = error;
                msg.error = errorMsg;
                return msg;
            }
            if (ignoreApis.apiList.IsNull() || ignoreApis.apiList.Count == 0 || ignoreApis.ExpirationTime > DateTime.Now)
            {
                //获取不需要鉴权的接口
                var ignoreapi = new IgnoreapiDAL().ListGet("");
                ignoreApis.apiList = ignoreapi.Select(t => t.Id).ToList();
                ignoreApis.ExpirationTime = DateTime.Now.AddHours(10);
            }
            if (!ignoreApis.apiList.Exists(t => t == context.HttpContext.Request.Path.ToString().ToLower()))
            {
                var req = context.HttpContext.Request;
                string operateToken = "operatertoken";
                string enKey = "ophwuv2E1qyy6R2r";
                if (req.Headers[operateToken].IsNull() || req.Headers[operateToken].ToString().IsNullOrEmpty())
                {
                    errorMsg.code = "-1001";
                    errorMsg.message = "请求不合法";
                    msg.error = errorMsg;
                    return msg;
                }
                //解密
                string EncryStr = SecurityUtil.AesDecrypt(req.Headers[operateToken].ToString(), enKey, "0102030405060708");
                TokenUserInfo enUser = new TokenUserInfo();
                try
                {
                    enUser = JSONUtil.JsonToObject<TokenUserInfo>(EncryStr);
                }
                catch (Exception e)
                {
                    errorMsg.code = "-1001";
                    errorMsg.message = "请求不合法";
                    msg.error = errorMsg;
                    return msg;
                }
                if (enUser.ExpirationTime.IsNull() || enUser.ExpirationTime < DateTime.Now)
                {
                    errorMsg.code = "-001";
                    errorMsg.message = "授权已过期";
                    msg.error = errorMsg;
                    return msg;
                }
                req.Headers["userinfo"] = EncryStr;
            }
 
            msg.success = true;
            return msg;
        }
    }
}