智云MES后端API代码
blame | 历史 | 原始文档
chenhaozhe
昨天 77e34c929ccd44767c31b98c4bf4ce84319e2eb3 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130

using System;


using System.Net;


using System.Net.Http;


using System.Security.Claims;


using System.Threading;


using System.Threading.Tasks;


using System.Web.Http;


using System.Web.Http.Controllers;


using System.Web.Http.Filters;


using WebAPI.Models;


using WebAPI.Utility;


 


public class JwtAuthorizeAttribute : AuthorizationFilterAttribute


{


    private json objjson = new json();


    private SQLHelper.ClsCN oCN = new SQLHelper.ClsCN();


    private Pub_Class.ClsXt_SystemParameter oSystemParameter = new Pub_Class.ClsXt_SystemParameter();


    private string campanyName = "";


 


    public JwtAuthorizeAttribute()


    {


        if (oSystemParameter.ShowBill(ref DBUtility.ClsPub.sErrInfo))


        {


            campanyName = oSystemParameter.omodel.WMS_CampanyName;


        }


    }


 


 


    // 同步鉴权


    public override void OnAuthorization(HttpActionContext actionContext)


    {


        try


        {


            // 检查匿名访问


            if (IsAnonymousAllowed(actionContext)) return;


 


            // 获取Token


            var token = GetTokenFromHeader(actionContext);


            if (string.IsNullOrEmpty(token))


            {


                HandleUnauthorized(actionContext);


                return;


            }


            


            // 验证Token 


            // 可以增加更细粒度的控制,添加 根据组织ID 判断(问题: 公司名不能使用中文,可能需要添加英文字段)


            var principal = JWTHelper.ValidateToken(token);


            if (principal == null)


            {


                HandleUnauthorized(actionContext);


                return;


            }


 


            // 验证是否拥有访问模块的权限


            // 有两种判断方式 一种是通过角色去判断,一种是通过用户去判断 目前暂时不做区分,后续可增加系统参数来进行区分


            


 


            // 设置用户


            actionContext.RequestContext.Principal = principal;


        }


        catch (Exception e)


        {


            HandleError(actionContext, e.Message);


        }


    }


 


    // 异步鉴权


    public override Task OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken)


    {


        OnAuthorization(actionContext);


 


        return Task.FromResult(0);


    }


 


    // 是否允许匿名访问(控制器级别和动作级别都可用)


    private bool IsAnonymousAllowed(HttpActionContext context)


    {


        return


            context.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().Count > 0 ||


            context.ControllerContext.ControllerDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().Count > 0;


    }


 


    // 从Header提取Token


    private string GetTokenFromHeader(HttpActionContext context)


    {


        var authHeader = context.Request.Headers.Authorization;


        if (authHeader != null


            && authHeader.Scheme.Equals("Bearer", StringComparison.OrdinalIgnoreCase)


            && !string.IsNullOrEmpty(authHeader.Parameter))


        {


            return authHeader.Parameter;


        }


        return null;


    }


 


    // 401 未授权


    private void HandleUnauthorized(HttpActionContext context)


    {


        var response = new HttpResponseMessage(HttpStatusCode.Unauthorized);


        objjson.code = "0";


        objjson.count = 0;


        objjson.Message = "未授权,请登录后重试";


        response.Content = new StringContent(Newtonsoft.Json.JsonConvert.SerializeObject(objjson),


            System.Text.Encoding.UTF8, "application/json");


        context.Response = response;


    }


 


    // 403 无权限


    private void HandleForbidden(HttpActionContext context)


    {


        var response = new HttpResponseMessage(HttpStatusCode.Forbidden);


        objjson.code = "0";


        objjson.count = 0;


        objjson.Message = "当前角色无权限";


        response.Content = new StringContent(Newtonsoft.Json.JsonConvert.SerializeObject(objjson),


            System.Text.Encoding.UTF8, "application/json");


        context.Response = response;


    }


 


    private void HandleError(HttpActionContext context, string ErrorInfo)


    {


        var response = new HttpResponseMessage(HttpStatusCode.InternalServerError);


        objjson.code = "0";


        objjson.count = 0;


        objjson.Message = "服务器异常: " + ErrorInfo;


        response.Content = new StringContent(Newtonsoft.Json.JsonConvert.SerializeObject(objjson),


            System.Text.Encoding.UTF8, "application/json");


        context.Response = response;


    }


}