using Furion;
using Furion.Authorization;
using Furion.DataEncryption;
using gpt_api.Entity.System;
using gpt_api.Respository;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using System.Security.Claims;
using System.Threading.Tasks;
namespace gpt_api.Web.Core;
public class JwtHandler : AppAuthorizeHandler
{
///
/// 重写 Handler 添加自动刷新收取逻辑
///
///
///
public override async Task HandleAsync(AuthorizationHandlerContext context)
{
// 自动刷新 token
if (JWTEncryption.AutoRefreshToken(context, context.GetCurrentHttpContext()))
{
await AuthorizeHandleAsync(context);
}
else context.Fail();// 授权失败
}
///
/// 验证管道,也就是验证核心代码
///
///
///
///
public override async Task PipelineAsync(AuthorizationHandlerContext context, DefaultHttpContext httpContext)
{
// 这里写您的授权判断逻辑,授权通过返回 true,否则返回 false
return await CheckAuthorzie(httpContext);
}
///
/// 检查权限
///
///
///
private static async Task CheckAuthorzie(DefaultHttpContext httpContext)
{
// 获取权限特性
var securityDefineAttribute = httpContext.GetMetadata();
if (securityDefineAttribute == null)//是否包含鉴权attribute
{
return true;
}
else
{
var path = httpContext.Request.Path.ToString();
var userId = int.Parse(App.User?.FindFirstValue("UserId"));
var _sysUserRoleRepository = App.GetService>();
var _sysRoleSecurityRepository = App.GetService>();
// 解析服务
var roleIds = await _sysUserRoleRepository.GetFieldDistinctListAsync(o => o.UserId == userId, o => o.RoleId);
var securityList = await _sysRoleSecurityRepository.GetFieldDistinctListAsync(o => roleIds.Contains(o.RoleId), o => o.Security);
return securityList.Contains(path);
}
}
}