/// <summary>
/// 自定义行为过滤器,实现登录及权限的验证
/// </summary>
public class SystemAuthentication : Attribute, IActionFilter
{
public void OnActionExecuted(ActionExecutedContext context)
{
//throw new NotImplementedException();
}
/// <summary>
/// 在执行控制器中的Action方法之前执行该方法 判断当前用户是否登录
/// </summary>
/// <param name="context"></param>
public void OnActionExecuting(ActionExecutingContext context)
{
//排除可以匿名访问的 未登录时
if (HasAllow(context) == true)
{
return;
}
var headers = context.HttpContext.Request.Headers;
string token = headers["Authorization"]; //从header中获取token
if (string.IsNullOrWhiteSpace(token))
{
context.Result = new JsonResult(new {
Code = StatusCodes.Status401Unauthorized, Msg = "请登录" })
{
StatusCode = StatusCodes.Status401Unauthorized
};
return;
}
token = token.Replace("Bearer ", "");
var model = JwtHelper.JXToken(token);
if (model is null)
{
context.Result = new JsonResult(new {
Code = StatusCodes.Status404NotFound, Msg = "用户不存在" })
{
StatusCode = StatusCodes.Status404NotFound
};
return;
}
var expires = model.Expires ?? "";//超时时间
if (Convert.ToDateTime(expires) < DateTime.Now)
{
context.Result = new JsonResult(new {
Code = StatusCodes.Status419AuthenticationTimeout, Msg = "token过期请重新登录" })
{
StatusCode = StatusCodes.Status419AuthenticationTimeout
};
return;
}
var userCode = model.Account ?? "";
var userPwd = model.Password ?? "";
if (userCode == "mp" && userPwd == "123456")
{
return;
}
else
{
context.Result = new JsonResult(new {
Code = StatusCodes.Status500InternalServerError, Msg = "账号或密码错误" })
{
StatusCode = StatusCodes.Status500InternalServerError
};
}
}
/// <summary>
/// 排除掉控制器不需要鉴权 即加[AllowAnonymous]特性的无需鉴权
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public static bool HasAllow(ActionExecutingContext context)
{
var
net6.0 JWT通过过滤器实现登录及权限的验证
于 2022-09-23 11:00:26 首次发布