From 31c86c5d4a0856915ae36e07ff7c653bbce58cf7 Mon Sep 17 00:00:00 2001
From: hang <872297557@qq.com>
Date: Fri, 15 Aug 2025 13:22:04 +0800
Subject: [PATCH] =?UTF-8?q?=E5=8D=87=E7=BA=A7swagger=20=E7=89=88=E6=9C=AC?=
=?UTF-8?q?=E6=B5=8B=E8=AF=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
IRC.Core.SCP/IRC.Core.SCP.csproj | 2 +-
IRaCIS.Core.API/IRaCIS.Core.API.csproj | 2 +-
IRaCIS.Core.API/IRaCIS.Core.API.xml | 39 -------------------
IRaCIS.Core.API/Progranm.cs | 4 --
.../_ServiceExtensions/SwaggerSetup.cs | 9 +++--
.../LimitUserRequestAuthorization.cs | 25 +++++++++---
...tUserRequestAuthorizationEndpointFilter.cs | 10 ++---
.../IRaCIS.Core.Application.csproj | 2 +-
8 files changed, 34 insertions(+), 59 deletions(-)
diff --git a/IRC.Core.SCP/IRC.Core.SCP.csproj b/IRC.Core.SCP/IRC.Core.SCP.csproj
index 05f80e8e8..eb6f40253 100644
--- a/IRC.Core.SCP/IRC.Core.SCP.csproj
+++ b/IRC.Core.SCP/IRC.Core.SCP.csproj
@@ -28,7 +28,7 @@
-
+
diff --git a/IRaCIS.Core.API/IRaCIS.Core.API.csproj b/IRaCIS.Core.API/IRaCIS.Core.API.csproj
index 3ffabed9e..cd48e2095 100644
--- a/IRaCIS.Core.API/IRaCIS.Core.API.csproj
+++ b/IRaCIS.Core.API/IRaCIS.Core.API.csproj
@@ -86,7 +86,7 @@
-
+
diff --git a/IRaCIS.Core.API/IRaCIS.Core.API.xml b/IRaCIS.Core.API/IRaCIS.Core.API.xml
index 7ef85e91f..0c6a9ce27 100644
--- a/IRaCIS.Core.API/IRaCIS.Core.API.xml
+++ b/IRaCIS.Core.API/IRaCIS.Core.API.xml
@@ -11,45 +11,6 @@
-
-
- 医生基本信息 、工作信息 专业信息、审核状态
-
-
-
-
- 医生基本信息 、工作信息 专业信息、审核状态
-
-
-
-
- 获取医生详情
-
-
-
-
-
-
-
-
-
-
-
-
- 回调到前端,前端调用后端的接口
- 参考链接:https://www.ruanyifeng.com/blog/2019/04/oauth-grant-types.html
- 后端通过这个code ,带上客户端信息,和授权类型 可以向单点登录提供商,获取厂商token
-
- 但是单点登录提供商提供的token 和我们系统的token 是有区别的,我们的token里面有我们业务系统的UserId,涉及到很多业务操作,所以在此出现了两种方案
- 1、前端使用厂商的Token。 后端通过code 获取厂商的Token 返回前端的同时返回我们系统的UserId,前段在http 请求头加上一个自定义参数,带上UserId 后端取用户Id的地方变动下,
- 但是除了UserId外,后端还有其他信息也是从Token取的,所以在请求头也需要带上,此外后端认证Token的方式也需要变化,改造成本稍大(如果是微服务,做这种处理还是可以的)。
- 2、前端还是使用我们后台自己的Token。后端通过code 获取厂商Token的同时,后端做一个隐藏登录,返回厂商的Token的同时,也返回我们系统的Token。
- (像我们单体,这种方式最简单,我们用单点登录,无非就是不想记多个系统的密码,自动登录而已,其他不支持的项目改造成本也是最低的)
-
- 回调的厂商类型 比如github, google, 我们用的logto ,不同的厂商回调到前端的地址可以不同的,但是请求后端的接口可以是同一个
- 在第三方平台登录成功后,回调前端的时候会返回一个code
-
-
添加实验项目-返回新增Id[AUTH]
新记录Id
diff --git a/IRaCIS.Core.API/Progranm.cs b/IRaCIS.Core.API/Progranm.cs
index 8e25dd90c..532873b62 100644
--- a/IRaCIS.Core.API/Progranm.cs
+++ b/IRaCIS.Core.API/Progranm.cs
@@ -125,8 +125,6 @@ builder.Services.AddFusionCache();
// hangfire 定时任务框架 有界面,更友好~
builder.Services.AddhangfireSetup(_configuration);
-//Serilog 日志可视化 LogDashboard日志
-builder.Services.AddLogDashboardSetup();
//Dicom影像渲染图片 跨平台
builder.Services.AddDicomSetup();
@@ -210,8 +208,6 @@ app.UseResponseCompression();
//不需要 token 访问的静态文件 wwwroot css, JavaScript, and images don't require authentication.
app.UseStaticFiles();
-//LogDashboard
-app.UseLogDashboard("/LogDashboard");
//hangfire
app.UseHangfireConfig(env);
diff --git a/IRaCIS.Core.API/_ServiceExtensions/SwaggerSetup.cs b/IRaCIS.Core.API/_ServiceExtensions/SwaggerSetup.cs
index a9f6f2b00..e2878576b 100644
--- a/IRaCIS.Core.API/_ServiceExtensions/SwaggerSetup.cs
+++ b/IRaCIS.Core.API/_ServiceExtensions/SwaggerSetup.cs
@@ -16,9 +16,12 @@ namespace IRaCIS.Core.API;
public enum SwaggerVersion
{
+ [Description("测试")]
+ Test = -1,
[Description("医生模块")]
Reviewer = 1,
+
[Description("项目模块")]
Trial = 2,
[Description("入组模块")]
@@ -34,11 +37,11 @@ public enum SwaggerVersion
[Description("财务模块")]
Financial = 8,
[Description("管理模块")]
- Management =9,
+ Management = 9,
[Description("影像模块")]
- Image =10,
+ Image = 10,
[Description("读片模块")]
- Reading =11
+ Reading = 11
};
diff --git a/IRaCIS.Core.Application/BusinessFilter/LegacyController/LimitUserRequestAuthorization.cs b/IRaCIS.Core.Application/BusinessFilter/LegacyController/LimitUserRequestAuthorization.cs
index 62e89fe54..97488374f 100644
--- a/IRaCIS.Core.Application/BusinessFilter/LegacyController/LimitUserRequestAuthorization.cs
+++ b/IRaCIS.Core.Application/BusinessFilter/LegacyController/LimitUserRequestAuthorization.cs
@@ -48,7 +48,7 @@ public class LimitUserRequestAuthorization(
//2、在这里取缓存 进行比较 看是否有其他人进行了登陆,如果其他人登陆了,就把之前用户挤掉
- var cacheUserToken = await _fusionCache.GetOrDefaultAsync(CacheKeys.UserToken(_userInfo.UserRoleId));
+ var cacheUserToken = await _fusionCache.GetOrDefaultAsync(CacheKeys.UserToken(_userInfo.IdentityUserId));
@@ -58,17 +58,17 @@ public class LimitUserRequestAuthorization(
cacheUserToken = _userInfo.UserToken;
//设置当前用户最新Token
- await _fusionCache.SetAsync(CacheKeys.UserToken(_userInfo.UserRoleId), _userInfo.UserToken, TimeSpan.FromDays(7));
+ await _fusionCache.SetAsync(CacheKeys.UserToken(_userInfo.IdentityUserId), _userInfo.UserToken, TimeSpan.FromDays(7));
//重启应用程序,所有人续期,不一下子踢出所有人
- await _fusionCache.SetAsync(CacheKeys.UserAutoLoginOut(_userInfo.UserRoleId), DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), TimeSpan.FromMinutes(minutes));
+ await _fusionCache.SetAsync(CacheKeys.UserAutoLoginOut(_userInfo.IdentityUserId), DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), TimeSpan.FromMinutes(minutes));
}
//是同一个人
else if (cacheUserToken == _userInfo.UserToken)
{
- var cacheTime = await _fusionCache.GetOrDefaultAsync(CacheKeys.UserAutoLoginOut(_userInfo.UserRoleId));
+ var cacheTime = await _fusionCache.GetOrDefaultAsync(CacheKeys.UserAutoLoginOut(_userInfo.IdentityUserId));
//过期了 需要自动退出
if (string.IsNullOrEmpty(cacheTime))
@@ -80,7 +80,7 @@ public class LimitUserRequestAuthorization(
}
else
{
- await _fusionCache.SetAsync(CacheKeys.UserAutoLoginOut(_userInfo.UserRoleId), DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), TimeSpan.FromMinutes(minutes));
+ await _fusionCache.SetAsync(CacheKeys.UserAutoLoginOut(_userInfo.IdentityUserId), DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), TimeSpan.FromMinutes(minutes));
}
}
else
@@ -93,6 +93,21 @@ public class LimitUserRequestAuthorization(
}
+ //用户或者角色禁用,那么操作的人退出
+
+ var isDisable = await _fusionCache.GetOrDefaultAsync(CacheKeys.UserDisable(_userInfo.IdentityUserId), false);
+
+ var isRoleDisable = await _fusionCache.GetOrDefaultAsync(CacheKeys.UserRoleDisable(_userInfo.UserRoleId), false);
+
+ if (isDisable == true || isRoleDisable == true)
+ {
+ context.HttpContext.Response.ContentType = "application/json";
+ context.HttpContext.Response.StatusCode = StatusCodes.Status403Forbidden;
+ // 用户或者角色被禁用。
+
+ context.Result = new JsonResult(ResponseOutput.NotOk(_localizer["LimitUser_AccountOrRoleDisable"], ApiResponseCodeEnum.AutoLoginOut));
+ }
+
}
}
diff --git a/IRaCIS.Core.Application/BusinessFilter/MinimalAPI/LimitUserRequestAuthorizationEndpointFilter.cs b/IRaCIS.Core.Application/BusinessFilter/MinimalAPI/LimitUserRequestAuthorizationEndpointFilter.cs
index 2644dbce9..551b74978 100644
--- a/IRaCIS.Core.Application/BusinessFilter/MinimalAPI/LimitUserRequestAuthorizationEndpointFilter.cs
+++ b/IRaCIS.Core.Application/BusinessFilter/MinimalAPI/LimitUserRequestAuthorizationEndpointFilter.cs
@@ -41,19 +41,19 @@ public class LimitUserRequestAuthorizationEndpointFilter(
}
// 获取缓存中的用户 token
- var cacheUserToken = await _fusionCache.GetOrDefaultAsync(CacheKeys.UserToken(_userInfo.UserRoleId));
+ var cacheUserToken = await _fusionCache.GetOrDefaultAsync(CacheKeys.UserToken(_userInfo.IdentityUserId));
// 缓存中没有取到 token
if (string.IsNullOrWhiteSpace(cacheUserToken))
{
// 设置当前用户最新 token
- await _fusionCache.SetAsync(CacheKeys.UserToken(_userInfo.UserRoleId), _userInfo.UserToken, TimeSpan.FromDays(7));
- await _fusionCache.SetAsync(CacheKeys.UserAutoLoginOut(_userInfo.UserRoleId), DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), TimeSpan.FromMinutes(minutes));
+ await _fusionCache.SetAsync(CacheKeys.UserToken(_userInfo.IdentityUserId), _userInfo.UserToken, TimeSpan.FromDays(7));
+ await _fusionCache.SetAsync(CacheKeys.UserAutoLoginOut(_userInfo.IdentityUserId), DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), TimeSpan.FromMinutes(minutes));
}
// 如果是同一个用户
else if (cacheUserToken == _userInfo.UserToken)
{
- var cacheTime = await _fusionCache.GetOrDefaultAsync(CacheKeys.UserAutoLoginOut(_userInfo.UserRoleId));
+ var cacheTime = await _fusionCache.GetOrDefaultAsync(CacheKeys.UserAutoLoginOut(_userInfo.IdentityUserId));
// 如果过期,自动登出
if (string.IsNullOrEmpty(cacheTime))
@@ -63,7 +63,7 @@ public class LimitUserRequestAuthorizationEndpointFilter(
}
else
{
- await _fusionCache.SetAsync(CacheKeys.UserAutoLoginOut(_userInfo.UserRoleId), DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), TimeSpan.FromMinutes(minutes));
+ await _fusionCache.SetAsync(CacheKeys.UserAutoLoginOut(_userInfo.IdentityUserId), DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), TimeSpan.FromMinutes(minutes));
}
}
else
diff --git a/IRaCIS.Core.Application/IRaCIS.Core.Application.csproj b/IRaCIS.Core.Application/IRaCIS.Core.Application.csproj
index f4524f5c8..e829ee14b 100644
--- a/IRaCIS.Core.Application/IRaCIS.Core.Application.csproj
+++ b/IRaCIS.Core.Application/IRaCIS.Core.Application.csproj
@@ -63,7 +63,7 @@
-
+