优化swagger 接口授权验证

ZR.Admin.WebApi/Extensions/SwaggerExtension.cs

@@ -0,0 +1,57 @@
+using Infrastructure;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.OpenApi.Models;
+using Swashbuckle.AspNetCore.Filters;
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace ZR.Admin.WebApi.Extensions
+{
+    public static class SwaggerExtension
+    {
+        public static void AddSwaggerConfig(this IServiceCollection services)
+        {
+            if (services == null) throw new ArgumentNullException(nameof(services));
+            IWebHostEnvironment hostEnvironment = App.GetRequiredService<IWebHostEnvironment>();
+
+            services.AddSwaggerGen(c =>
+            {
+                c.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "ZrAdmin.NET Api - .NET5",
+                    Version = "v1",
+                    Description = "",
+                });
+                //if (CurrentEnvironment.IsDevelopment())
+                //{
+                //添加文档注释
+                c.IncludeXmlComments(Path.Combine(hostEnvironment.ContentRootPath, "ZRAdmin.xml"), true);
+                //}
+                //参考文章：http://www.zyiz.net/tech/detail-134965.html
+                //需要安装包Swashbuckle.AspNetCore.Filters
+                // 开启权限小锁 需要在对应的Action上添加[Authorize]才能看到
+                c.OperationFilter<AddResponseHeadersFilter>();
+                c.OperationFilter<AppendAuthorizeToSummaryOperationFilter>();
+
+                //在header 中添加token，传递到后台
+                c.OperationFilter<SecurityRequirementsOperationFilter>();
+
+                c.AddSecurityDefinition(JwtBearerDefaults.AuthenticationScheme,
+                    new OpenApiSecurityScheme
+                    {
+                        In = ParameterLocation.Header,
+                        Description = "请输入Login接口返回的Token，前置Bearer。示例：Bearer {Token}",
+                        Name = "Authorization",//jwt默认的参数名称,
+                        Type = SecuritySchemeType.ApiKey, //指定ApiKey
+                        BearerFormat = "JWT",//标识承载令牌的格式 该信息主要是出于文档目的
+                        Scheme = JwtBearerDefaults.AuthenticationScheme//授权中要使用的HTTP授权方案的名称
+                    });
+            });
+        }
+    }
+}

ZR.Admin.WebApi/Startup.cs

@@ -13,6 +13,7 @@ using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
 using Microsoft.OpenApi.Models;
 using SqlSugar.IOC;
+using Swashbuckle.AspNetCore.Filters;
 using System;
 using System.Collections.Generic;
 using System.IO;
@@ -74,44 +75,19 @@ namespace ZR.Admin.WebApi
                 o.TokenValidationParameters = JwtUtil.ValidParameters();
             });
 
-            InjectRepositories(services);
+            InjectServices(services);
 
             services.AddMvc(options =>
             {
                 options.Filters.Add(typeof(GlobalActionMonitor));//È«¾Ö×¢²áÒì³£
             })
-            .AddMvcLocalization()
-            .AddViewLocalization(LanguageViewLocationExpanderFormat.Suffix)
             .AddJsonOptions(options =>
             {
                 options.JsonSerializerOptions.Converters.Add(new JsonConverterUtil.DateTimeConverter());
                 options.JsonSerializerOptions.Converters.Add(new JsonConverterUtil.DateTimeNullConverter());
             });
 
-            services.AddSwaggerGen(c =>
-            {
-                c.SwaggerDoc("v1", new OpenApiInfo
-                {
-                    Title = "ZrAdmin.NET Api - .NET5",
-                    Version = "v1",
-                    Description = "",
-                });
-                //if (CurrentEnvironment.IsDevelopment())
-                //{
-                //添加文档注释
-                c.IncludeXmlComments(Path.Combine(CurrentEnvironment.ContentRootPath, "ZRAdmin.xml"), true);
-                //}
-                c.AddSecurityDefinition("Bearer",
-                    new OpenApiSecurityScheme
-                    {
-                        In = ParameterLocation.Header,
-                        Description = "请输入OAuth接口返回的Token，前置Bearer。示例：Bearer {Token}",
-                        Name = "Authorization",//jwt默认的参数名称,
-                        Type = SecuritySchemeType.ApiKey, //指定ApiKey
-                        BearerFormat = "JWT",//标识承载令牌的格式 该信息主要是出于文档目的
-                        Scheme = JwtBearerDefaults.AuthenticationScheme//授权中要使用的HTTP授权方案的名称
-                    });
-            });
+            services.AddSwaggerConfig();
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@@ -163,7 +139,7 @@ namespace ZR.Admin.WebApi
         /// ×¢²áServices·þÎñ
         /// </summary>
         /// <param name="services"></param>
-        private void InjectRepositories(IServiceCollection services)
+        private void InjectServices(IServiceCollection services)
         {
             services.AddAppService();
 

ZR.Admin.WebApi/ZR.Admin.WebApi.csproj

@@ -34,6 +34,7 @@
   <PackageReference Include="Snowflake.Core" Version="2.0.0" />
   <PackageReference Include="SqlSugar.IOC" Version="1.7.0" />
   <PackageReference Include="Swashbuckle.AspNetCore" Version="6.1.4" />
+  <PackageReference Include="Swashbuckle.AspNetCore.Filters" Version="7.0.2" />
   <PackageReference Include="UAParser" Version="3.1.46" />
   </ItemGroup>