You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

72 lines
2.9 KiB
C#

1 year ago
using DS.Module.Core;
using System.Security.Policy;
1 year ago
namespace DS.WMS.Gateway;
public class JwtSafeMiddleware
{
private readonly RequestDelegate _next;
public IConfiguration _configuration;
public JwtSafeMiddleware(RequestDelegate next, IConfiguration configuration)
{
_next = next;
_configuration = configuration;
}
public async Task Invoke(HttpContext context)
{
//表示如果RequestTokenServer1配置在网关下则访问它获取token的请求不走jwt校验哦
//if(!context.Request.Path.Value.StartsWith("/auth"))
if (context.Request.Method == "GET" || context.Request.Method == "POST")
{
var ignoreUrl = AppSetting.app(new string[] { "Cors", "IgnorePath" });
1 year ago
// Console.WriteLine(context.Request.Path);
var path = context.Request.Path.ToString().ToLower();
5 months ago
//if(ignoreUrl.Split(",", StringSplitOptions.RemoveEmptyEntries).ToArray().Contains(path))
if (path.Contains("swagger") || path.Contains("login") || path.Contains("tenantregister") || path.Contains("linkattach") || path.Contains("printtempfile")
4 months ago
|| path.Contains("favicon") || path.Contains("clientuserlogin") || path.Contains("addbookingstatuslog") || path.Contains("createbctaskjob") || path.Contains("clientuserrefreshtoken")
|| path.Contains("createtaskjob") || path.Contains("querybookingslot"))
1 year ago
{
//跳过swagger及login
}
else
{
string jwtStr = context.Request.Headers["Authorization"].FirstOrDefault();
// Console.WriteLine(jwtStr);
if (string.IsNullOrEmpty(jwtStr))
{
context.Response.StatusCode = 401; //401未授权
await context.Response.WriteAsync("token为空");
return;
}
//校验auth的正确性
var result = JwtHelper.SerializeJwt(jwtStr);
if (result == "expired")
{
context.Response.StatusCode = 401; //401未授权
await context.Response.WriteAsync("非法请求,参数已经过期");
return;
}
else if (result == "invalid")
{
context.Response.StatusCode = 401; //401未授权
await context.Response.WriteAsync("非法请求,未通过校验");
return;
}
else if (result == "error")
{
context.Response.StatusCode = 401; //401未授权
await context.Response.WriteAsync("非法请求,未通过校验");
return;
}
else
{
//表示校验通过
}
}
}
await _next.Invoke(context);
}
}