using Furion;
using Furion.Authorization;
using Furion.DataEncryption;
using Myshipping.Core;
using Myshipping.Core.Service;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using System.Threading.Tasks;
using Furion.Logging;
namespace Myshipping.Web.Core;
public class JwtHandler : AppAuthorizeHandler
{
///
/// 重写 Handler 添加自动刷新
///
///
///
public override async Task HandleAsync(AuthorizationHandlerContext context)
{
// 自动刷新Token
if (JWTEncryption.AutoRefreshToken(context, context.GetCurrentHttpContext()))
{
await AuthorizeHandleAsync(context);
}
else context.Fail(); // 授权失败
}
///
/// 授权判断逻辑,授权通过返回 true,否则返回 false
///
///
///
///
public override async Task PipelineAsync(AuthorizationHandlerContext context, DefaultHttpContext httpContext)
{
// 此处已经自动验证 Jwt Token的有效性了,无需手动验证
return await CheckAuthorzieAsync(httpContext);
}
///
/// 检查权限
///
///
///
private static async Task CheckAuthorzieAsync(DefaultHttpContext httpContext)
{
// 管理员跳过判断
if (UserManager.IsSuperAdmin) return true;
// 路由名称
var routeName = httpContext.Request.Path.Value.Substring(1).Replace("/", ":");
//字典数据前端需要,允许获取
if (routeName == "sysDictType:tree") return true;
var allPermission = await App.GetService().GetAllPermission();
if (!allPermission.Contains(routeName))
{
return true;
}
// 获取用户权限集合(按钮或API接口)
var permissionList = await App.GetService().GetLoginPermissionList(UserManager.UserId);
// 检查授权
return permissionList.Contains(routeName);
}
}