diff --git a/IRaCIS.Core.API/Controllers/ExtraController.cs b/IRaCIS.Core.API/Controllers/ExtraController.cs
index 6139b92..041e450 100644
--- a/IRaCIS.Core.API/Controllers/ExtraController.cs
+++ b/IRaCIS.Core.API/Controllers/ExtraController.cs
@@ -266,7 +266,7 @@ namespace IRaCIS.Api.Controllers
if (!await _userRepository.AnyAsync(t => t.Id == Guid.Parse(userId) && t.EmailToken == token && t.IsFirstAdd))
{
- decodeUrl = errorUrl+ $"?ErrorMessage={System.Web.HttpUtility.UrlEncode("您的初始化链接已过期")} ";
+ decodeUrl = errorUrl+ $"?ErrorMessage={System.Web.HttpUtility.UrlEncode("Error!The initialization link has expired. Return")} ";
}
return Redirect(decodeUrl);
diff --git a/IRaCIS.Core.API/IRaCIS.Core.API.csproj b/IRaCIS.Core.API/IRaCIS.Core.API.csproj
index 104ab32..1e271cc 100644
--- a/IRaCIS.Core.API/IRaCIS.Core.API.csproj
+++ b/IRaCIS.Core.API/IRaCIS.Core.API.csproj
@@ -175,6 +175,7 @@
+
diff --git a/IRaCIS.Core.API/Startup.cs b/IRaCIS.Core.API/Startup.cs
index 9130032..3db4baf 100644
--- a/IRaCIS.Core.API/Startup.cs
+++ b/IRaCIS.Core.API/Startup.cs
@@ -23,6 +23,7 @@ using IRaCIS.Core.Infra.EFCore.Common;
using Invio.Extensions.Authentication.JwtBearer;
using Microsoft.AspNetCore.SignalR;
using IRaCIS.Core.Domain.Share;
+using IRaCIS.Core.API.Middleware;
namespace IRaCIS.Core.API
{
@@ -45,6 +46,10 @@ namespace IRaCIS.Core.API
{
containerBuilder.RegisterModule();
+
+
+
+ //containerBuilder.RegisterType().AsSelf().InstancePerLifetimeScope();
#region Test
//containerBuilder.RegisterType().PropertiesAutowired().InstancePerLifetimeScope();//עִ
@@ -215,6 +220,8 @@ namespace IRaCIS.Core.API
app.UseAuthentication();
app.UseAuthorization();
+ app.UseMiddleware();
+
app.UseEndpoints(endpoints =>
{
diff --git a/IRaCIS.Core.API/_ServiceExtensions/AutofacModuleSetup.cs b/IRaCIS.Core.API/_ServiceExtensions/AutofacModuleSetup.cs
index fd32159..76c37a5 100644
--- a/IRaCIS.Core.API/_ServiceExtensions/AutofacModuleSetup.cs
+++ b/IRaCIS.Core.API/_ServiceExtensions/AutofacModuleSetup.cs
@@ -15,6 +15,8 @@ using MediatR;
using IRaCIS.Application.Services;
using IRaCIS.Application.Interfaces;
using AutoMapper;
+using Microsoft.AspNetCore.Builder.Extensions;
+using IRaCIS.Core.API.Middleware;
namespace IRaCIS.Core.API
{
@@ -43,9 +45,9 @@ namespace IRaCIS.Core.API
//获取所有控制器类型并使用属性注入
containerBuilder.RegisterAssemblyTypes(typeof(BaseService).Assembly)
.Where(type => typeof(IDynamicWebApi).IsAssignableFrom(type))
- .PropertiesAutowired();
-
+ .PropertiesAutowired();
+ //containerBuilder.RegisterType().AsSelf().InstancePerLifetimeScope();
#endregion
diff --git a/IRaCIS.Core.Application/Middleware/AuthenticationMiddleware.cs b/IRaCIS.Core.Application/Middleware/AuthenticationMiddleware.cs
new file mode 100644
index 0000000..0fdf5cb
--- /dev/null
+++ b/IRaCIS.Core.Application/Middleware/AuthenticationMiddleware.cs
@@ -0,0 +1,79 @@
+
+using Microsoft.AspNetCore.Http;
+using System.Threading.Tasks;
+using IRaCIS.Core.Domain.Share;
+using IRaCIS.Application.Contracts;
+using Dicom.IO;
+using IRaCIS.Core.Infrastructure;
+using Newtonsoft.Json;
+
+namespace IRaCIS.Core.API.Middleware
+{
+ public class AuthenticationMiddleware
+ {
+ private readonly RequestDelegate _next;
+
+ private readonly IRepository _userTypeMenuRepository;
+
+ private readonly IUserInfo _userInfo;
+
+ public AuthenticationMiddleware(RequestDelegate next,
+ IRepository userTypeMenuTypeRepository,
+ IUserInfo userInfo)
+ {
+ _next = next;
+ _userTypeMenuRepository = userTypeMenuTypeRepository;
+ _userInfo = userInfo;
+
+ }
+
+ public async Task InvokeAsync(HttpContext context)
+ {
+ if (!await IsValidRequest(context))
+ {
+ context.Response.StatusCode = StatusCodes.Status409Conflict; ;
+ context.Response.ContentType = "application/json";
+ var msg = JsonConvert.SerializeObject(ResponseOutput.NotOk("You do not have permission"));
+ Console.WriteLine(msg);
+ await context.Response.WriteAsync(msg);
+ await context.Response.Body.FlushAsync();
+ context.Response.Body.Close();
+ }
+ else
+ {
+ await _next(context);
+ }
+
+
+ }
+
+ private async Task IsValidRequest(HttpContext context)
+ {
+ var apiPathList =await _userTypeMenuRepository.Where(x => x.Menu.ApiPath != null && x.Menu.ApiPath != string.Empty)
+ .Select(x => new MenuApi()
+ {
+
+ UserTypeEnum = (int)x.UserType.UserTypeEnum,
+ ApiPath = x.Menu.ApiPath,
+
+ }).ToListAsync();
+
+ apiPathList = apiPathList.Select(x => new MenuApi()
+ {
+ UserTypeEnum = x.UserTypeEnum,
+ ApiPath = x.ApiPath.ToLower(),
+ }).ToList();
+
+ if (_userInfo.UserTypeEnumInt != 0)
+ {
+ var url = _userInfo.RequestUrl.ToLower(); ;
+ if (apiPathList.Any(x => x.ApiPath.Contains(url)) && !apiPathList.Any(x => x.ApiPath.Contains(url) && x.UserTypeEnum == _userInfo.UserTypeEnumInt))
+ {
+ return false;
+ }
+ }
+
+ return true;
+ }
+ }
+}
diff --git a/IRaCIS.Core.Application/Service/Management/DTO/MenuModel.cs b/IRaCIS.Core.Application/Service/Management/DTO/MenuModel.cs
index afdf671..c69fda4 100644
--- a/IRaCIS.Core.Application/Service/Management/DTO/MenuModel.cs
+++ b/IRaCIS.Core.Application/Service/Management/DTO/MenuModel.cs
@@ -1,4 +1,6 @@
-namespace IRaCIS.Application.Contracts
+using IRaCIS.Core.Domain.Share;
+
+namespace IRaCIS.Application.Contracts
{
public class MenuCommand
{
@@ -99,4 +101,12 @@
public bool IsSelect { get; set; }
}
+
+ public class MenuApi
+ {
+ public int UserTypeEnum { get; set; }
+
+ public string ApiPath { get; set; }
+ }
+
}