From 93f235ae2e6dbdc44f74fe6878e32158567d5bbb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=B8=8D=E5=81=9A=E7=A0=81=E5=86=9C?= <599854767@qq.com>
Date: Fri, 7 Jan 2022 21:39:22 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E7=99=BB=E5=BD=95=E6=9D=83?=
=?UTF-8?q?=E9=99=90=E5=AD=98=E5=82=A8jwt?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
Infrastructure/GlobalConstant.cs | 4 ++++
.../Controllers/System/SysLoginController.cs | 10 ++++++----
ZR.Admin.WebApi/Extensions/DbExtension.cs | 6 +++---
ZR.Admin.WebApi/Extensions/HttpContextExtension.cs | 8 --------
ZR.Admin.WebApi/Filters/ActionPermissionFilter.cs | 2 +-
ZR.Model/System/LoginUser.cs | 10 +---------
6 files changed, 15 insertions(+), 25 deletions(-)
diff --git a/Infrastructure/GlobalConstant.cs b/Infrastructure/GlobalConstant.cs
index bfb8039..db66974 100644
--- a/Infrastructure/GlobalConstant.cs
+++ b/Infrastructure/GlobalConstant.cs
@@ -21,5 +21,9 @@ namespace Infrastructure
/// 开发版本API映射路径
///
public static string DevApiProxy = "/dev-api/";
+ ///
+ /// 用户权限缓存key
+ ///
+ public static string UserPermKEY = "CACHE-USER-PERM";
}
}
diff --git a/ZR.Admin.WebApi/Controllers/System/SysLoginController.cs b/ZR.Admin.WebApi/Controllers/System/SysLoginController.cs
index 491430d..0054ff4 100644
--- a/ZR.Admin.WebApi/Controllers/System/SysLoginController.cs
+++ b/ZR.Admin.WebApi/Controllers/System/SysLoginController.cs
@@ -73,15 +73,15 @@ namespace ZR.Admin.WebApi.Controllers.System
}
var user = sysLoginService.Login(loginBody, AsyncFactory.RecordLogInfo(httpContextAccessor.HttpContext, "0", "login"));
+
#region 存入cookie Action校验权限使用
- //角色集合 eg: admin,yunying,common
- //List roles = permissionService.GetRolePermission(user);
- List roles = roleService.SelectRolePermissionByUserId(user.UserId);
+ List roles = roleService.SelectUserRoleListByUserId(user.UserId);
//权限集合 eg *:*:*,system:user:list
List permissions = permissionService.GetMenuPermission(user);
#endregion
- LoginUser loginUser = new LoginUser(user, roles, permissions);
+ LoginUser loginUser = new(user, roles, permissions);
+ CacheHelper.SetCache(GlobalConstant.UserPermKEY + user.UserId, loginUser);
return SUCCESS(JwtUtil.GenerateJwtToken(HttpContext.AddClaims(loginUser)));
}
@@ -98,7 +98,9 @@ namespace ZR.Admin.WebApi.Controllers.System
// //注销登录的用户,相当于ASP.NET中的FormsAuthentication.SignOut
// await HttpContext.SignOutAsync();
//}).Wait();
+ var id = HttpContext.GetUId();
+ CacheHelper.Remove(GlobalConstant.UserPermKEY + id);
return SUCCESS(1);
}
diff --git a/ZR.Admin.WebApi/Extensions/DbExtension.cs b/ZR.Admin.WebApi/Extensions/DbExtension.cs
index 5350b98..958535d 100644
--- a/ZR.Admin.WebApi/Extensions/DbExtension.cs
+++ b/ZR.Admin.WebApi/Extensions/DbExtension.cs
@@ -91,9 +91,9 @@ namespace ZR.Admin.WebApi.Extensions
}
else if ("2".Equals(dataScope))
{
- var roleDepts = db0.Queryable()
- .Where(f => f.RoleId == role.RoleId).Select(f => f.DeptId).ToList();
- var filter1 = new TableFilterItem(it => roleDepts.Contains(it.DeptId));
+ //var roleDepts = db0.Queryable()
+ //.Where(f => f.RoleId == role.RoleId).Select(f => f.DeptId).ToList();
+ //var filter1 = new TableFilterItem(it => roleDepts.Contains(it.DeptId));
}
else if ("3".Equals(dataScope))
{
diff --git a/ZR.Admin.WebApi/Extensions/HttpContextExtension.cs b/ZR.Admin.WebApi/Extensions/HttpContextExtension.cs
index 8f8faca..a582619 100644
--- a/ZR.Admin.WebApi/Extensions/HttpContextExtension.cs
+++ b/ZR.Admin.WebApi/Extensions/HttpContextExtension.cs
@@ -137,14 +137,6 @@ namespace ZR.Admin.WebApi.Extensions
new Claim(ClaimTypes.Name, user.UserName),
new Claim(ClaimTypes.UserData, JsonConvert.SerializeObject(user))
};
- if (user.RoleIds != null)
- {
- claims.Add(new Claim(ClaimTypes.Role, string.Join(",", user.RoleIds)));
- }
- if (user.Permissions != null)
- {
- claims.Add(new Claim("perm", string.Join(",", user.Permissions)));
- }
//写入Cookie
//WhiteCookie(context, claims);
diff --git a/ZR.Admin.WebApi/Filters/ActionPermissionFilter.cs b/ZR.Admin.WebApi/Filters/ActionPermissionFilter.cs
index 817ab46..d895726 100644
--- a/ZR.Admin.WebApi/Filters/ActionPermissionFilter.cs
+++ b/ZR.Admin.WebApi/Filters/ActionPermissionFilter.cs
@@ -67,7 +67,7 @@ namespace ZR.Admin.WebApi.Filters
}
if (!HasPermi && !Permission.Equals("common"))
{
- logger.Info($"用户{info.NickName}没有权限访问{context.HttpContext.Request.Path},当前权限[{Permission}]");
+ logger.Info($"用户{info.UserName}没有权限访问{context.HttpContext.Request.Path},当前权限[{Permission}]");
context.Result = new JsonResult(new { code = ResultCode.FORBIDDEN, msg = "你没有权限访问" });
}
}
diff --git a/ZR.Model/System/LoginUser.cs b/ZR.Model/System/LoginUser.cs
index 3be5bba..9b5e797 100644
--- a/ZR.Model/System/LoginUser.cs
+++ b/ZR.Model/System/LoginUser.cs
@@ -13,13 +13,12 @@ namespace ZR.Model.System
public long UserId { get; set; }
public long DeptId { get; set; }
public string UserName { get; set; }
- public string NickName { get; set; }
///
/// 角色集合
///
public List RoleIds { get; set; }
///
- /// 角色集合
+ /// 角色集合(数据权限过滤使用)
///
public List Roles { get; set; }
///
@@ -30,13 +29,6 @@ namespace ZR.Model.System
{
}
- public LoginUser(long userId, string userName, List roleIds, List permissions)
- {
- UserId = userId;
- UserName = userName;
- RoleIds = roleIds;
- Permissions = permissions;
- }
public LoginUser(SysUser user, List roles, List permissions)
{
UserId = user.UserId;