wenyongda/ZrAdminNetCore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

优化jwt(非管理员用户登录重启服务器后不用重新登录)

Browse Source
This commit is contained in:
不做码农 2023-08-28 18:22:36 +08:00
parent 839e400ed1
commit 6bf4885f85
4 changed files with 40 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ZR.Admin.WebApi/Controllers/System/SysLoginController.cs
View File

@ -85,9 +85,9 @@ namespace ZR.Admin.WebApi.Controllers.System
//权限集合 eg *:*:*,system:user:list
List<string> permissions = permissionService.GetMenuPermission(user);
LoginUser loginUser = new(user, roles, permissions);
LoginUser loginUser = new(user, roles);
CacheService.SetUserPerms(GlobalConstant.UserPermKEY + user.UserId, permissions);
return SUCCESS(JwtUtil.GenerateJwtToken(JwtUtil.AddClaims(loginUser), optionSettings.JwtSettings));
return SUCCESS(JwtUtil.GenerateJwtToken(JwtUtil.AddClaims(loginUser)));
}
/// <summary>

22
ZR.Admin.WebApi/Filters/ActionPermissionFilter.cs
View File

@ -1,6 +1,12 @@
using Microsoft.AspNetCore.Mvc;
using Infrastructure.Extensions;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using System.Data;
using ZR.Admin.WebApi.Framework;
using ZR.Model.System;
using ZR.Model.System.Dto;
using ZR.Service.System;
using ZR.Service.System.IService;
namespace ZR.Admin.WebApi.Filters
{
@ -35,12 +41,22 @@ namespace ZR.Admin.WebApi.Filters
/// <returns></returns>
public override Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
LoginUser info = Framework.JwtUtil.GetLoginUser(context.HttpContext);
LoginUser info = JwtUtil.GetLoginUser(context.HttpContext);
if (info != null && info?.UserId > 0)
{
List<string> perms = info.Permissions;
long userId = info.UserId;
List<string> perms = CacheService.GetUserPerms(GlobalConstant.UserPermKEY + userId);
List<string> rolePerms = info.RoleIds;
if (perms == null)
{
var sysPermissionService = App.GetService<ISysPermissionService>();
perms = sysPermissionService.GetMenuPermission(new SysUser() { UserId = userId });
CacheService.SetUserPerms(GlobalConstant.UserPermKEY + userId, perms);
}
if (perms.Exists(f => f.Equals(GlobalConstant.AdminPerm)))
{
HasPermi = true;

30
ZR.Admin.WebApi/Framework/JwtUtil.cs
View File

@ -4,7 +4,6 @@ using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using ZR.Model.System.Dto;
using ZR.Service.System;
namespace ZR.Admin.WebApi.Framework
{
@ -33,10 +32,12 @@ namespace ZR.Admin.WebApi.Framework
/// 生成token
/// </summary>
/// <param name="claims"></param>
/// <param name="jwtSettings"></param>
/// <returns></returns>
public static string GenerateJwtToken(List<Claim> claims, JwtSettings jwtSettings)
public static string GenerateJwtToken(List<Claim> claims)
{
JwtSettings jwtSettings = new();
AppSettings.Bind("JwtSettings", jwtSettings);
var authTime = DateTime.Now;
var expiresAt = authTime.AddMinutes(jwtSettings.Expire);
var tokenHandler = new JwtSecurityTokenHandler();
@ -93,7 +94,7 @@ namespace ZR.Admin.WebApi.Framework
/// </summary>
/// <param name="token">令牌</param>
/// <returns></returns>
public static IEnumerable<Claim>? ParseToken(string token)
public static JwtSecurityToken? ParseToken(string token)
{
var tokenHandler = new JwtSecurityTokenHandler();
var validateParameter = ValidParameters();
@ -102,8 +103,7 @@ namespace ZR.Admin.WebApi.Framework
{
tokenHandler.ValidateToken(token, validateParameter, out SecurityToken validatedToken);
var jwtToken = tokenHandler.ReadJwtToken(token);
return jwtToken.Claims;
return tokenHandler.ReadJwtToken(token);
}
catch (Exception ex)
{
@ -116,26 +116,22 @@ namespace ZR.Admin.WebApi.Framework
/// <summary>
/// jwt token校验
/// </summary>
/// <param name="jwtToken"></param>
/// <param name="jwtSecurityToken"></param>
/// <returns></returns>
public static LoginUser? ValidateJwtToken(IEnumerable<Claim> jwtToken)
public static LoginUser? ValidateJwtToken(JwtSecurityToken jwtSecurityToken)
{
try
{
IEnumerable<Claim> claims = jwtSecurityToken.Claims;
LoginUser loginUser = null;
var userData = jwtToken.FirstOrDefault(x => x.Type == ClaimTypes.UserData)?.Value;
var userData = claims.FirstOrDefault(x => x.Type == ClaimTypes.UserData)?.Value;
if (userData != null)
{
loginUser = JsonConvert.DeserializeObject<LoginUser>(userData);
var permissions = CacheService.GetUserPerms(GlobalConstant.UserPermKEY + loginUser?.UserId);
if (loginUser?.UserName == GlobalConstant.AdminRole)
{
permissions = new List<string>() { GlobalConstant.AdminPerm };
}
if (permissions == null) return null;
loginUser.Permissions = permissions;
loginUser.ExpireTime = jwtSecurityToken.ValidTo;
}
//Console.WriteLine("jwt到期时间" + validTo);
return loginUser;
}
catch (Exception ex)

9
ZR.Model/System/Dto/LoginUser.cs
View File

@ -19,21 +19,24 @@ namespace ZR.Model.System.Dto
/// </summary>
public List<SysRole> Roles { get; set; }
/// <summary>
/// Jwt过期时间
/// </summary>
public DateTime ExpireTime { get; set; }
/// <summary>
/// 权限集合
/// </summary>
public List<string> Permissions { get; set; } = new List<string>();
//public List<string> Permissions { get; set; } = new List<string>();
public LoginUser()
{
}
public LoginUser(SysUser user, List<SysRole> roles, List<string> permissions)
public LoginUser(SysUser user, List<SysRole> roles)
{
UserId = user.UserId;
UserName = user.UserName;
DeptId = user.DeptId;
Roles = roles;
RoleIds = roles.Select(f => f.RoleKey).ToList();
Permissions = permissions;
}
}
}