XCKJ
/
irc-netcore-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

hangfire授权--025

Uat_Study
hang 2023-08-25 09:56:23 +08:00
parent a084a6b49b
commit eee828ca46
3 changed files with 51 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
IRaCIS.Core.API/Controllers/ExtraController.cs
View File

@ -118,10 +118,10 @@ namespace IRaCIS.Api.Controllers
// 创建一个 CookieOptions 对象,用于设置 Cookie 的属性
var option = new CookieOptions
{
Expires = DateTime.Now.AddMonths(1), // 设置过期时间为 30 分钟之后
HttpOnly = false, // 确保 cookie 只能通过 HTTP 访问
Expires = DateTime.Now.AddMonths(1),
HttpOnly = true, // 确保 cookie 只能通过 HTTP 访问
SameSite = Microsoft.AspNetCore.Http.SameSiteMode.None, // 设置 SameSite 属性
Secure = false // 确保 cookie 只能通过 HTTPS 访问
Secure = true // 确保 cookie 只能通过 HTTPS 访问
};
HttpContext.Response.Cookies.Append("access_token", returnModel.Data.JWTStr, option);

24
IRaCIS.Core.API/_PipelineExtensions/Dashboard/hangfireAuthorizationFilter.cs
View File

@ -1,7 +1,13 @@
using Hangfire.Dashboard;
using System.IdentityModel.Tokens.Jwt;
using System;
using System.Linq;
using IRaCIS.Core.Domain.Share;
namespace IRaCIS.Core.API.Filter
{
//从cookie 中取值
public class hangfireAuthorizationFilter : IDashboardAuthorizationFilter
{
public bool Authorize(DashboardContext context)
@ -11,7 +17,23 @@ namespace IRaCIS.Core.API.Filter
// Allow all authenticated users to see the Dashboard (potentially dangerous).
//return httpContext.User.Identity.IsAuthenticated;
return true;
var jwtToken = httpContext.Request.Cookies["access_token"]?.ToString();
var handler = new JwtSecurityTokenHandler();
if (handler.CanReadToken(jwtToken))
{
var jwtSecurityToken = handler.ReadJwtToken(jwtToken);
return jwtSecurityToken.Claims.Any(t => t.Type == JwtIRaCISClaimType.UserTypeEnum && (t.Value == UserTypeEnum.Admin.ToString()|| t.Value== UserTypeEnum.SuperAdmin.ToString()));
}
else
{
return false;
}
}
}
}

35
IRaCIS.Core.API/_PipelineExtensions/HangfireConfig.cs
View File

@ -20,27 +20,42 @@ namespace IRaCIS.Core.API
app.UseHangfireDashboard("/back/hangfire", new DashboardOptions()
{
//直接访问没有带token 获取不到用户身份信息,所以这种自定义授权暂时没法使用
//Authorization = new[] { new hangfireAuthorizationFilter() }
//本地请求 才能看
//Authorization = new[] { new LocalRequestsOnlyAuthorizationFilter() }
DashboardTitle="后台任务管理",
Authorization = new BasicAuthAuthorizationFilter[] {
new BasicAuthAuthorizationFilter(new BasicAuthAuthorizationFilterOptions(){
Authorization = new IDashboardAuthorizationFilter[] { /*new hangfireAuthorizationFilter(),*/
new BasicAuthAuthorizationFilter(new BasicAuthAuthorizationFilterOptions(){
SslRedirect=false,
RequireSsl=false,
Users=new BasicAuthAuthorizationUser[]{
new BasicAuthAuthorizationUser(){
Login="admin",
PasswordClear="test",
PasswordClear="admin",
}
}
})
}
},
DashboardTitle ="后台任务管理",
//Authorization = new BasicAuthAuthorizationFilter[] {
// new BasicAuthAuthorizationFilter(new BasicAuthAuthorizationFilterOptions(){
// SslRedirect=false,
// RequireSsl=false,
// Users=new BasicAuthAuthorizationUser[]{
// new BasicAuthAuthorizationUser(){
// Login="admin",
// PasswordClear="test",
// }
// }
// })
//}
});