From fd963a634442d11265a55d50ad284627795f7c8e Mon Sep 17 00:00:00 2001
From: chenhaozhe <cgz@hz-kingdee.com>
Date: 星期一, 30 三月 2026 09:14:26 +0800
Subject: [PATCH] JWT 鉴权方式修改 改为在 控制器或者Action上加标签控制 是否 启用鉴权
---
WebAPI/Service/JwtAuthorizeAttribute.cs | 139 +++++++++++++++++++++++++++++++++++++++------
1 files changed, 119 insertions(+), 20 deletions(-)
diff --git a/WebAPI/Service/JwtAuthorizeAttribute.cs b/WebAPI/Service/JwtAuthorizeAttribute.cs
index d641d3b..7e773e5 100644
--- a/WebAPI/Service/JwtAuthorizeAttribute.cs
+++ b/WebAPI/Service/JwtAuthorizeAttribute.cs
@@ -1,43 +1,115 @@
锘縰sing System;
+using System.Linq;
using System.Net;
using System.Net.Http;
+using System.Reflection;
using System.Security.Claims;
using System.Threading;
using System.Threading.Tasks;
using System.Web.Http;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
+using WebAPI.Models;
using WebAPI.Utility;
public class JwtAuthorizeAttribute : AuthorizationFilterAttribute
{
+ private json objjson = new json();
+ private SQLHelper.ClsCN oCN = new SQLHelper.ClsCN();
+ private Pub_Class.ClsXt_SystemParameter oSystemParameter = new Pub_Class.ClsXt_SystemParameter();
+ private string campanyName = "";
+
+ public JwtAuthorizeAttribute()
+ {
+ if (oSystemParameter.ShowBill(ref DBUtility.ClsPub.sErrInfo))
+ {
+ campanyName = oSystemParameter.omodel.WMS_CampanyName;
+ }
+ }
+
+
// 鍚屾閴存潈
public override void OnAuthorization(HttpActionContext actionContext)
{
- // 妫�鏌ュ尶鍚嶈闂�
- if (IsAnonymousAllowed(actionContext)) return;
-
- // 鑾峰彇Token
- var token = GetTokenFromHeader(actionContext);
- if (string.IsNullOrEmpty(token))
+ try
{
- HandleUnauthorized(actionContext);
- return;
- }
+ // 妫�鏌ュ尶鍚嶈闂�
+ if (IsAnonymousAllowed(actionContext)) return;
- // 楠岃瘉Token
- var principal = JWTHelper.ValidateToken(token, "123");
- if (principal == null)
+ // 鑾峰彇Token
+ var token = GetTokenFromHeader(actionContext);
+ if (string.IsNullOrEmpty(token))
+ {
+ HandleUnauthorized(actionContext);
+ return;
+ }
+
+ // 楠岃瘉Token
+ // 鍙互澧炲姞鏇寸粏绮掑害鐨勬帶鍒讹紝娣诲姞 鏍规嵁缁勭粐ID 鍒ゆ柇锛堥棶棰�: 鍏徃鍚嶄笉鑳戒娇鐢ㄤ腑鏂囷紝鍙兘闇�瑕佹坊鍔犺嫳鏂囧瓧娈碉級
+ var principal = JWTHelper.ValidateToken(token);
+ if (principal == null)
+ {
+ HandleUnauthorized(actionContext);
+ return;
+ }
+
+ // 璁剧疆鐢ㄦ埛
+ actionContext.RequestContext.Principal = principal;
+
+ // 楠岃瘉鏄惁鎷ユ湁璁块棶妯″潡鐨勬潈闄�
+ // 鏈変袱绉嶅垽鏂柟寮� 涓�绉嶆槸閫氳繃瑙掕壊鍘诲垽鏂紝涓�绉嶆槸閫氳繃鐢ㄦ埛鍘诲垽鏂� 鐩墠鏆傛椂涓嶅仛鍖哄垎锛屽悗缁彲澧炲姞绯荤粺鍙傛暟鏉ヨ繘琛屽尯鍒�
+ // 鑾峰彇鎺у埗鍣ㄦ弿杩板櫒
+ HttpControllerDescriptor controllerDescriptor = actionContext.ControllerContext.ControllerDescriptor;
+ // //鑾峰彇鎺у埗鍣ㄧ被鍨�
+ Type controllerType = controllerDescriptor.ControllerType;
+ // // 鑾峰彇鎺у埗鍣ㄧ骇鍒爣绛�
+ var controllerAttr = controllerType.GetCustomAttribute<PermissionAttribute>();
+ //
+ var actionAttr = actionContext.ActionDescriptor
+ .GetCustomAttributes<PermissionAttribute>()
+ .FirstOrDefault();
+
+ string PermissionStr = string.Empty;
+ // 鍒ゆ柇鎺у埗鍣ㄧ骇鍒笂鏄惁鍚敤浜嗛壌鏉冩爣绛�
+ if(controllerAttr != null && !string.IsNullOrWhiteSpace(controllerAttr.HModName))
+ {
+ PermissionStr += controllerAttr.HModName;
+
+ // 鏌ョ湅鏄惁闇�瑕佹洿缁嗙矑搴︾殑鎺у埗
+ if(actionAttr != null && !string.IsNullOrWhiteSpace(actionAttr.Operate))
+ {
+ // 璇ュ姩浣滃搴旂殑妯″潡鍚嶅拰鎺у埗鍣ㄥ悕鏄惁涓嶄竴鑷�
+ if (string.IsNullOrWhiteSpace(actionAttr.HModName))
+ {
+ PermissionStr = actionAttr.HModName + actionAttr.Operate;
+ }
+ else
+ {
+ PermissionStr += actionAttr.Operate;
+ }
+
+ }
+
+ if(!string.IsNullOrWhiteSpace(PermissionStr))
+ {
+ if (!DBUtility.ClsPub.Security_Log(PermissionStr, 1, false, JWTHelper.getUserName(token)))
+ {
+ HandleForbidden(actionContext);
+ return;
+ }
+ }
+
+ }
+
+
+ }
+ catch (Exception e)
{
- HandleUnauthorized(actionContext);
- return;
+ HandleError(actionContext, e.Message);
}
-
- // 璁剧疆鐢ㄦ埛
- actionContext.RequestContext.Principal = principal;
}
- // 寮傛閴存潈锛堟弧瓒砏ebAPI 2瑕佹眰锛屽吋瀹�.NET4.5锛�
+ // 寮傛閴存潈
public override Task OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
{
OnAuthorization(actionContext);
@@ -45,7 +117,7 @@
return Task.FromResult(0);
}
- // 鏄惁鍏佽鍖垮悕璁块棶
+ // 鏄惁鍏佽鍖垮悕璁块棶(鎺у埗鍣ㄧ骇鍒拰鍔ㄤ綔绾у埆閮藉彲鐢�)
private bool IsAnonymousAllowed(HttpActionContext context)
{
return
@@ -70,7 +142,34 @@
private void HandleUnauthorized(HttpActionContext context)
{
var response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
- response.Content = new StringContent("鏈巿鏉冿紝璇风櫥褰曞悗閲嶈瘯");
+ objjson.code = "0";
+ objjson.count = 0;
+ objjson.Message = "鏈巿鏉冿紝璇风櫥褰曞悗閲嶈瘯";
+ response.Content = new StringContent(Newtonsoft.Json.JsonConvert.SerializeObject(objjson),
+ System.Text.Encoding.UTF8, "application/json");
+ context.Response = response;
+ }
+
+ // 403 鏃犳潈闄�
+ private void HandleForbidden(HttpActionContext context)
+ {
+ var response = new HttpResponseMessage(HttpStatusCode.Forbidden);
+ objjson.code = "0";
+ objjson.count = 0;
+ objjson.Message = "鎮ㄦ病鏈夎妯″潡鏉冮檺,璇蜂笌绠$悊鍛樿仈绯伙紒";
+ response.Content = new StringContent(Newtonsoft.Json.JsonConvert.SerializeObject(objjson),
+ System.Text.Encoding.UTF8, "application/json");
+ context.Response = response;
+ }
+
+ private void HandleError(HttpActionContext context, string ErrorInfo)
+ {
+ var response = new HttpResponseMessage(HttpStatusCode.InternalServerError);
+ objjson.code = "0";
+ objjson.count = 0;
+ objjson.Message = "鏈嶅姟鍣ㄥ紓甯�: " + ErrorInfo;
+ response.Content = new StringContent(Newtonsoft.Json.JsonConvert.SerializeObject(objjson),
+ System.Text.Encoding.UTF8, "application/json");
context.Response = response;
}
}
\ No newline at end of file
--
Gitblit v1.9.1