From 92d1bbcb1a5a8b363cdb0ff177f775b2e9101052 Mon Sep 17 00:00:00 2001
From: he <109787524@qq.com>
Date: Fri, 6 Dec 2024 16:12:18 +0800
Subject: [PATCH] =?UTF-8?q?=E8=B6=8A=E6=9D=83=E4=BF=AE=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../Controllers/ExtraController.cs | 2 +-
IRaCIS.Core.API/IRaCIS.Core.API.csproj | 1 +
IRaCIS.Core.API/Startup.cs | 7 ++
.../_ServiceExtensions/AutofacModuleSetup.cs | 6 +-
.../Middleware/AuthenticationMiddleware.cs | 79 +++++++++++++++++++
.../Service/Management/DTO/MenuModel.cs | 12 ++-
6 files changed, 103 insertions(+), 4 deletions(-)
create mode 100644 IRaCIS.Core.Application/Middleware/AuthenticationMiddleware.cs
diff --git a/IRaCIS.Core.API/Controllers/ExtraController.cs b/IRaCIS.Core.API/Controllers/ExtraController.cs
index 6139b92..041e450 100644
--- a/IRaCIS.Core.API/Controllers/ExtraController.cs
+++ b/IRaCIS.Core.API/Controllers/ExtraController.cs
@@ -266,7 +266,7 @@ namespace IRaCIS.Api.Controllers
if (!await _userRepository.AnyAsync(t => t.Id == Guid.Parse(userId) && t.EmailToken == token && t.IsFirstAdd))
{
- decodeUrl = errorUrl+ $"?ErrorMessage={System.Web.HttpUtility.UrlEncode("您的初始化链接已过期")} ";
+ decodeUrl = errorUrl+ $"?ErrorMessage={System.Web.HttpUtility.UrlEncode("Error!The initialization link has expired. Return")} ";
}
return Redirect(decodeUrl);
diff --git a/IRaCIS.Core.API/IRaCIS.Core.API.csproj b/IRaCIS.Core.API/IRaCIS.Core.API.csproj
index 104ab32..1e271cc 100644
--- a/IRaCIS.Core.API/IRaCIS.Core.API.csproj
+++ b/IRaCIS.Core.API/IRaCIS.Core.API.csproj
@@ -175,6 +175,7 @@
+
diff --git a/IRaCIS.Core.API/Startup.cs b/IRaCIS.Core.API/Startup.cs
index 9130032..3db4baf 100644
--- a/IRaCIS.Core.API/Startup.cs
+++ b/IRaCIS.Core.API/Startup.cs
@@ -23,6 +23,7 @@ using IRaCIS.Core.Infra.EFCore.Common;
using Invio.Extensions.Authentication.JwtBearer;
using Microsoft.AspNetCore.SignalR;
using IRaCIS.Core.Domain.Share;
+using IRaCIS.Core.API.Middleware;
namespace IRaCIS.Core.API
{
@@ -45,6 +46,10 @@ namespace IRaCIS.Core.API
{
containerBuilder.RegisterModule();
+
+
+
+ //containerBuilder.RegisterType().AsSelf().InstancePerLifetimeScope();
#region Test
//containerBuilder.RegisterType().PropertiesAutowired().InstancePerLifetimeScope();//עִ
@@ -215,6 +220,8 @@ namespace IRaCIS.Core.API
app.UseAuthentication();
app.UseAuthorization();
+ app.UseMiddleware();
+
app.UseEndpoints(endpoints =>
{
diff --git a/IRaCIS.Core.API/_ServiceExtensions/AutofacModuleSetup.cs b/IRaCIS.Core.API/_ServiceExtensions/AutofacModuleSetup.cs
index fd32159..76c37a5 100644
--- a/IRaCIS.Core.API/_ServiceExtensions/AutofacModuleSetup.cs
+++ b/IRaCIS.Core.API/_ServiceExtensions/AutofacModuleSetup.cs
@@ -15,6 +15,8 @@ using MediatR;
using IRaCIS.Application.Services;
using IRaCIS.Application.Interfaces;
using AutoMapper;
+using Microsoft.AspNetCore.Builder.Extensions;
+using IRaCIS.Core.API.Middleware;
namespace IRaCIS.Core.API
{
@@ -43,9 +45,9 @@ namespace IRaCIS.Core.API
//获取所有控制器类型并使用属性注入
containerBuilder.RegisterAssemblyTypes(typeof(BaseService).Assembly)
.Where(type => typeof(IDynamicWebApi).IsAssignableFrom(type))
- .PropertiesAutowired();
-
+ .PropertiesAutowired();
+ //containerBuilder.RegisterType().AsSelf().InstancePerLifetimeScope();
#endregion
diff --git a/IRaCIS.Core.Application/Middleware/AuthenticationMiddleware.cs b/IRaCIS.Core.Application/Middleware/AuthenticationMiddleware.cs
new file mode 100644
index 0000000..0fdf5cb
--- /dev/null
+++ b/IRaCIS.Core.Application/Middleware/AuthenticationMiddleware.cs
@@ -0,0 +1,79 @@
+
+using Microsoft.AspNetCore.Http;
+using System.Threading.Tasks;
+using IRaCIS.Core.Domain.Share;
+using IRaCIS.Application.Contracts;
+using Dicom.IO;
+using IRaCIS.Core.Infrastructure;
+using Newtonsoft.Json;
+
+namespace IRaCIS.Core.API.Middleware
+{
+ public class AuthenticationMiddleware
+ {
+ private readonly RequestDelegate _next;
+
+ private readonly IRepository _userTypeMenuRepository;
+
+ private readonly IUserInfo _userInfo;
+
+ public AuthenticationMiddleware(RequestDelegate next,
+ IRepository userTypeMenuTypeRepository,
+ IUserInfo userInfo)
+ {
+ _next = next;
+ _userTypeMenuRepository = userTypeMenuTypeRepository;
+ _userInfo = userInfo;
+
+ }
+
+ public async Task InvokeAsync(HttpContext context)
+ {
+ if (!await IsValidRequest(context))
+ {
+ context.Response.StatusCode = StatusCodes.Status409Conflict; ;
+ context.Response.ContentType = "application/json";
+ var msg = JsonConvert.SerializeObject(ResponseOutput.NotOk("You do not have permission"));
+ Console.WriteLine(msg);
+ await context.Response.WriteAsync(msg);
+ await context.Response.Body.FlushAsync();
+ context.Response.Body.Close();
+ }
+ else
+ {
+ await _next(context);
+ }
+
+
+ }
+
+ private async Task IsValidRequest(HttpContext context)
+ {
+ var apiPathList =await _userTypeMenuRepository.Where(x => x.Menu.ApiPath != null && x.Menu.ApiPath != string.Empty)
+ .Select(x => new MenuApi()
+ {
+
+ UserTypeEnum = (int)x.UserType.UserTypeEnum,
+ ApiPath = x.Menu.ApiPath,
+
+ }).ToListAsync();
+
+ apiPathList = apiPathList.Select(x => new MenuApi()
+ {
+ UserTypeEnum = x.UserTypeEnum,
+ ApiPath = x.ApiPath.ToLower(),
+ }).ToList();
+
+ if (_userInfo.UserTypeEnumInt != 0)
+ {
+ var url = _userInfo.RequestUrl.ToLower(); ;
+ if (apiPathList.Any(x => x.ApiPath.Contains(url)) && !apiPathList.Any(x => x.ApiPath.Contains(url) && x.UserTypeEnum == _userInfo.UserTypeEnumInt))
+ {
+ return false;
+ }
+ }
+
+ return true;
+ }
+ }
+}
diff --git a/IRaCIS.Core.Application/Service/Management/DTO/MenuModel.cs b/IRaCIS.Core.Application/Service/Management/DTO/MenuModel.cs
index afdf671..c69fda4 100644
--- a/IRaCIS.Core.Application/Service/Management/DTO/MenuModel.cs
+++ b/IRaCIS.Core.Application/Service/Management/DTO/MenuModel.cs
@@ -1,4 +1,6 @@
-namespace IRaCIS.Application.Contracts
+using IRaCIS.Core.Domain.Share;
+
+namespace IRaCIS.Application.Contracts
{
public class MenuCommand
{
@@ -99,4 +101,12 @@
public bool IsSelect { get; set; }
}
+
+ public class MenuApi
+ {
+ public int UserTypeEnum { get; set; }
+
+ public string ApiPath { get; set; }
+ }
+
}