wenyongda/ZrAdminNetCore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

优化登录权限存储jwt

Browse Source
This commit is contained in:
不做码农 2022-01-07 21:39:22 +08:00
parent 197b5975f3
commit 93f235ae2e
6 changed files with 15 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Infrastructure/GlobalConstant.cs
View File

@ -21,5 +21,9 @@ namespace Infrastructure
/// 开发版本API映射路径
/// </summary>
public static string DevApiProxy = "/dev-api/";
/// <summary>
/// 用户权限缓存key
/// </summary>
public static string UserPermKEY = "CACHE-USER-PERM";
}
}

10
ZR.Admin.WebApi/Controllers/System/SysLoginController.cs
View File

@ -73,15 +73,15 @@ namespace ZR.Admin.WebApi.Controllers.System
}
var user = sysLoginService.Login(loginBody, AsyncFactory.RecordLogInfo(httpContextAccessor.HttpContext, "0", "login"));
#region cookie Action校验权限使用
//角色集合 eg: admin,yunying,common
//List<string> roles = permissionService.GetRolePermission(user);
List<SysRole> roles = roleService.SelectRolePermissionByUserId(user.UserId);
List<SysRole> roles = roleService.SelectUserRoleListByUserId(user.UserId);
//权限集合 eg *:*:*,system:user:list
List<string> permissions = permissionService.GetMenuPermission(user);
#endregion
LoginUser loginUser = new LoginUser(user, roles, permissions);
LoginUser loginUser = new(user, roles, permissions);
CacheHelper.SetCache(GlobalConstant.UserPermKEY + user.UserId, loginUser);
return SUCCESS(JwtUtil.GenerateJwtToken(HttpContext.AddClaims(loginUser)));
}
@ -98,7 +98,9 @@ namespace ZR.Admin.WebApi.Controllers.System
// //注销登录的用户相当于ASP.NET中的FormsAuthentication.SignOut
// await HttpContext.SignOutAsync();
//}).Wait();
var id = HttpContext.GetUId();
CacheHelper.Remove(GlobalConstant.UserPermKEY + id);
return SUCCESS(1);
}

6
ZR.Admin.WebApi/Extensions/DbExtension.cs
View File

@ -91,9 +91,9 @@ namespace ZR.Admin.WebApi.Extensions
}
else if ("2".Equals(dataScope))
{
var roleDepts = db0.Queryable<SysRoleDept>()
.Where(f => f.RoleId == role.RoleId).Select(f => f.DeptId).ToList();
var filter1 = new TableFilterItem<SysDept>(it => roleDepts.Contains(it.DeptId));
//var roleDepts = db0.Queryable<SysRoleDept>()
//.Where(f => f.RoleId == role.RoleId).Select(f => f.DeptId).ToList();
//var filter1 = new TableFilterItem<SysDept>(it => roleDepts.Contains(it.DeptId));
}
else if ("3".Equals(dataScope))
{

8
ZR.Admin.WebApi/Extensions/HttpContextExtension.cs
View File

@ -137,14 +137,6 @@ namespace ZR.Admin.WebApi.Extensions
new Claim(ClaimTypes.Name, user.UserName),
new Claim(ClaimTypes.UserData, JsonConvert.SerializeObject(user))
};
if (user.RoleIds != null)
{
claims.Add(new Claim(ClaimTypes.Role, string.Join(",", user.RoleIds)));
}
if (user.Permissions != null)
{
claims.Add(new Claim("perm", string.Join(",", user.Permissions)));
}
//写入Cookie
//WhiteCookie(context, claims);

2
ZR.Admin.WebApi/Filters/ActionPermissionFilter.cs
View File

@ -67,7 +67,7 @@ namespace ZR.Admin.WebApi.Filters
}
if (!HasPermi && !Permission.Equals("common"))
{
logger.Info($"用户{info.NickName}没有权限访问{context.HttpContext.Request.Path},当前权限[{Permission}]");
logger.Info($"用户{info.UserName}没有权限访问{context.HttpContext.Request.Path},当前权限[{Permission}]");
context.Result = new JsonResult(new { code = ResultCode.FORBIDDEN, msg = "你没有权限访问" });
}
}

10
ZR.Model/System/LoginUser.cs
View File

@ -13,13 +13,12 @@ namespace ZR.Model.System
public long UserId { get; set; }
public long DeptId { get; set; }
public string UserName { get; set; }
public string NickName { get; set; }
/// <summary>
/// 角色集合
/// </summary>
public List<string> RoleIds { get; set; }
/// <summary>
/// 角色集合
/// 角色集合(数据权限过滤使用)
/// </summary>
public List<SysRole> Roles { get; set; }
/// <summary>
@ -30,13 +29,6 @@ namespace ZR.Model.System
{
}
public LoginUser(long userId, string userName, List<string> roleIds, List<string> permissions)
{
UserId = userId;
UserName = userName;
RoleIds = roleIds;
Permissions = permissions;
}
public LoginUser(SysUser user, List<SysRole> roles, List<string> permissions)
{
UserId = user.UserId;