using CommonUtil;
using Microsoft.AspNetCore.Mvc.Filters;
using Operater.DAL;
using Operater.DTO.System;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace Operater.Common.Filter
{
public class ActionFilterHelper
{
///
/// 忽略鉴权的api
///
public static IgnoreapiModel ignoreApis = new IgnoreapiModel();
///
/// 公共鉴权机制
///
///
///
public static FilterResponseMsg FilterAct(ActionExecutingContext context)
{
FilterResponseMsg msg = new FilterResponseMsg()
{
success = false
};
FilterErrorMsg errorMsg = new FilterErrorMsg();
if (!context.ModelState.IsValid)
{
var error = context.ModelState.Values.SelectMany(e => e.Errors).Select(e => e.ErrorMessage).FirstOrDefault();
errorMsg.code = "-32602";
errorMsg.message = error;
msg.error = errorMsg;
return msg;
}
if (ignoreApis.apiList.IsNull() || ignoreApis.apiList.Count == 0 || ignoreApis.ExpirationTime > DateTime.Now)
{
//获取不需要鉴权的接口
var ignoreapi = new IgnoreapiDAL().ListGet("");
ignoreApis.apiList = ignoreapi.Select(t => t.Id).ToList();
ignoreApis.ExpirationTime = DateTime.Now.AddHours(10);
}
if (!ignoreApis.apiList.Exists(t => t == context.HttpContext.Request.Path.ToString().ToLower()))
{
var req = context.HttpContext.Request;
string operateToken = "operatertoken";
string enKey = "ophwuv2E1qyy6R2r";
if (req.Headers[operateToken].IsNull() || req.Headers[operateToken].ToString().IsNullOrEmpty())
{
errorMsg.code = "-1001";
errorMsg.message = "请求不合法";
msg.error = errorMsg;
return msg;
}
//解密
string EncryStr = SecurityUtil.AesDecrypt(req.Headers[operateToken].ToString(), enKey, "0102030405060708");
TokenUserInfo enUser = new TokenUserInfo();
try
{
enUser = JSONUtil.JsonToObject(EncryStr);
}
catch (Exception e)
{
errorMsg.code = "-1001";
errorMsg.message = "请求不合法";
msg.error = errorMsg;
return msg;
}
if (enUser.ExpirationTime.IsNull() || enUser.ExpirationTime < DateTime.Now)
{
errorMsg.code = "-001";
errorMsg.message = "授权已过期";
msg.error = errorMsg;
return msg;
}
req.Headers["userinfo"] = EncryStr;
}
msg.success = true;
return msg;
}
}
}