1

zrg

2026-04-07 ec622206f5adcbd7cb96f06d75ec03e6dc83a7fd

 WebAPI/Service/JwtAuthorizeAttribute.cs

@@ -2,6 +2,7 @@
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Reflection;
using System.Security.Claims;
using System.Threading;
using System.Threading.Tasks;
@@ -32,7 +33,7 @@
    {
        try
        {
            // 检查匿名访问
            // 检查匿名访问(认证)
            if (IsAnonymousAllowed(actionContext)) return;

            // 获取Token
@@ -52,28 +53,63 @@
                return;
            }

            // 验证是否拥有访问模块的权限
            // 有两种判断方式 一种是通过角色去判断，一种是通过用户去判断 目前暂时不做区分，后续可增加系统参数来进行区分
            //string HModName = actionContext.Request.Headers.GetValues("x-hmodname")?.FirstOrDefault();
            // if (!string.IsNullOrWhiteSpace(HModName)) // 如果没有配置模组名字段，则默认为不需要鉴权
            // {
            //     //var operateAttr = actionContext.ActionDescriptor
            //     //.GetCustomAttributes<ModOperateAttribute>()
            //     //.FirstOrDefault();
            //     //if(!string.IsNullOrWhiteSpace(operateAttr.Operate))
            //     //{
            //         //HModName += operateAttr.Operate;
            //     //}
            //     if (!DBUtility.ClsPub.Security_Log(HModName, 1, false, JWTHelper.getUserName(token)))
            //     {
            //         HandleForbidden(actionContext);
            //         return;
            //     }
            // }

           
            // 设置用户
            actionContext.RequestContext.Principal = principal;

            // 验证是否拥有访问模块的权限
            // 有两种判断方式 一种是通过角色去判断，一种是通过用户去判断 目前暂时不做区分，后续可增加系统参数来进行区分
            // 安全控制器描标签
            var controllerAttr = actionContext.ControllerContext?.ControllerDescriptor?.GetCustomAttributes<PermissionAttribute>().FirstOrDefault();

            // 安全获取Action标签
            var actionAttr = actionContext.ActionDescriptor?.GetCustomAttributes<PermissionAttribute>().FirstOrDefault();

            string PermissionStr = string.Empty;
            // 判断控制器级别上是否启用了鉴权标签
            if(controllerAttr != null && !string.IsNullOrWhiteSpace(controllerAttr?.HModName))
            {
                PermissionStr += controllerAttr.HModName;

                // 查看是否需要更细粒度的控制
                if(actionAttr != null && !string.IsNullOrWhiteSpace(actionAttr?.Operate))
                {
                    // 该动作对应的模块名和控制器名是否不一致
                    if (string.IsNullOrWhiteSpace(actionAttr.HModName))
                    {
                        PermissionStr = actionAttr.HModName + actionAttr.Operate;
                    }
                    else
                    {
                        PermissionStr += actionAttr.Operate;
                    }

                }

                if(!string.IsNullOrWhiteSpace(PermissionStr))
                {
                    if (!DBUtility.ClsPub.Security_Log(PermissionStr, 1, false, JWTHelper.getUserName(token)))
                    {
                        HandleForbidden(actionContext);
                        return;
                    }
                }
                
            }else if (actionAttr != null && !string.IsNullOrWhiteSpace(actionAttr?.HModName) && !string.IsNullOrWhiteSpace(actionAttr?.Operate))
            {
                // 单独在动作上启用鉴权功能
                PermissionStr = actionAttr.HModName + actionAttr.Operate;

                if (!string.IsNullOrWhiteSpace(PermissionStr))
                {
                    if (!DBUtility.ClsPub.Security_Log(PermissionStr, 1, false, JWTHelper.getUserName(token)))
                    {
                        HandleForbidden(actionContext);
                        return;
                    }
                }
            }

           
        }
        catch (Exception e)
        {