diff --git a/ZR.Admin.WebApi/Controllers/System/SysLoginController.cs b/ZR.Admin.WebApi/Controllers/System/SysLoginController.cs index 1cf7d76..05c76f6 100644 --- a/ZR.Admin.WebApi/Controllers/System/SysLoginController.cs +++ b/ZR.Admin.WebApi/Controllers/System/SysLoginController.cs @@ -85,9 +85,9 @@ namespace ZR.Admin.WebApi.Controllers.System //权限集合 eg *:*:*,system:user:list List permissions = permissionService.GetMenuPermission(user); - LoginUser loginUser = new(user, roles, permissions); + LoginUser loginUser = new(user, roles); CacheService.SetUserPerms(GlobalConstant.UserPermKEY + user.UserId, permissions); - return SUCCESS(JwtUtil.GenerateJwtToken(JwtUtil.AddClaims(loginUser), optionSettings.JwtSettings)); + return SUCCESS(JwtUtil.GenerateJwtToken(JwtUtil.AddClaims(loginUser))); } /// diff --git a/ZR.Admin.WebApi/Filters/ActionPermissionFilter.cs b/ZR.Admin.WebApi/Filters/ActionPermissionFilter.cs index 85167be..7e085d8 100644 --- a/ZR.Admin.WebApi/Filters/ActionPermissionFilter.cs +++ b/ZR.Admin.WebApi/Filters/ActionPermissionFilter.cs @@ -1,6 +1,12 @@ -using Microsoft.AspNetCore.Mvc; +using Infrastructure.Extensions; +using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc.Filters; +using System.Data; +using ZR.Admin.WebApi.Framework; +using ZR.Model.System; using ZR.Model.System.Dto; +using ZR.Service.System; +using ZR.Service.System.IService; namespace ZR.Admin.WebApi.Filters { @@ -35,12 +41,22 @@ namespace ZR.Admin.WebApi.Filters /// public override Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { - LoginUser info = Framework.JwtUtil.GetLoginUser(context.HttpContext); + LoginUser info = JwtUtil.GetLoginUser(context.HttpContext); if (info != null && info?.UserId > 0) { - List perms = info.Permissions; + long userId = info.UserId; + List perms = CacheService.GetUserPerms(GlobalConstant.UserPermKEY + userId); List rolePerms = info.RoleIds; + + if (perms == null) + { + var sysPermissionService = App.GetService(); + perms = sysPermissionService.GetMenuPermission(new SysUser() { UserId = userId }); + + CacheService.SetUserPerms(GlobalConstant.UserPermKEY + userId, perms); + } + if (perms.Exists(f => f.Equals(GlobalConstant.AdminPerm))) { HasPermi = true; diff --git a/ZR.Admin.WebApi/Framework/JwtUtil.cs b/ZR.Admin.WebApi/Framework/JwtUtil.cs index f1cb56f..5a41b91 100644 --- a/ZR.Admin.WebApi/Framework/JwtUtil.cs +++ b/ZR.Admin.WebApi/Framework/JwtUtil.cs @@ -4,7 +4,6 @@ using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text; using ZR.Model.System.Dto; -using ZR.Service.System; namespace ZR.Admin.WebApi.Framework { @@ -33,10 +32,12 @@ namespace ZR.Admin.WebApi.Framework /// 生成token /// /// - /// /// - public static string GenerateJwtToken(List claims, JwtSettings jwtSettings) + public static string GenerateJwtToken(List claims) { + JwtSettings jwtSettings = new(); + AppSettings.Bind("JwtSettings", jwtSettings); + var authTime = DateTime.Now; var expiresAt = authTime.AddMinutes(jwtSettings.Expire); var tokenHandler = new JwtSecurityTokenHandler(); @@ -93,7 +94,7 @@ namespace ZR.Admin.WebApi.Framework /// /// 令牌 /// - public static IEnumerable? ParseToken(string token) + public static JwtSecurityToken? ParseToken(string token) { var tokenHandler = new JwtSecurityTokenHandler(); var validateParameter = ValidParameters(); @@ -102,8 +103,7 @@ namespace ZR.Admin.WebApi.Framework { tokenHandler.ValidateToken(token, validateParameter, out SecurityToken validatedToken); - var jwtToken = tokenHandler.ReadJwtToken(token); - return jwtToken.Claims; + return tokenHandler.ReadJwtToken(token); } catch (Exception ex) { @@ -116,26 +116,22 @@ namespace ZR.Admin.WebApi.Framework /// /// jwt token校验 /// - /// + /// /// - public static LoginUser? ValidateJwtToken(IEnumerable jwtToken) + public static LoginUser? ValidateJwtToken(JwtSecurityToken jwtSecurityToken) { try { + IEnumerable claims = jwtSecurityToken.Claims; LoginUser loginUser = null; - - var userData = jwtToken.FirstOrDefault(x => x.Type == ClaimTypes.UserData)?.Value; + + var userData = claims.FirstOrDefault(x => x.Type == ClaimTypes.UserData)?.Value; if (userData != null) { loginUser = JsonConvert.DeserializeObject(userData); - var permissions = CacheService.GetUserPerms(GlobalConstant.UserPermKEY + loginUser?.UserId); - if (loginUser?.UserName == GlobalConstant.AdminRole) - { - permissions = new List() { GlobalConstant.AdminPerm }; - } - if (permissions == null) return null; - loginUser.Permissions = permissions; + loginUser.ExpireTime = jwtSecurityToken.ValidTo; } + //Console.WriteLine("jwt到期时间:" + validTo); return loginUser; } catch (Exception ex) diff --git a/ZR.Model/System/Dto/LoginUser.cs b/ZR.Model/System/Dto/LoginUser.cs index c06f742..762c9b8 100644 --- a/ZR.Model/System/Dto/LoginUser.cs +++ b/ZR.Model/System/Dto/LoginUser.cs @@ -19,21 +19,24 @@ namespace ZR.Model.System.Dto /// public List Roles { get; set; } /// + /// Jwt过期时间 + /// + public DateTime ExpireTime { get; set; } + /// /// 权限集合 /// - public List Permissions { get; set; } = new List(); + //public List Permissions { get; set; } = new List(); public LoginUser() { } - public LoginUser(SysUser user, List roles, List permissions) + public LoginUser(SysUser user, List roles) { UserId = user.UserId; UserName = user.UserName; DeptId = user.DeptId; Roles = roles; RoleIds = roles.Select(f => f.RoleKey).ToList(); - Permissions = permissions; } } }