namespace DncZeus.Api.Extensions.CustomException
{
/// <summary>
///
/// </summary>
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]
public class CustomAuthorizeAttribute : AuthorizeAttribute, IAuthorizationFilter
{
public string Permission { get; set; }redis
public bool AuthCheckApi { get; set; }
/// <summary>
///
/// </summary>
public CustomAuthorizeAttribute()
{
//_someFilterParameter = someFilterParameter;
}緩存
/// <summary>
///
/// </summary>
/// <param name="context"></param>
public void OnAuthorization(AuthorizationFilterContext context)
{
var user = context.HttpContext.User;
var header = context.HttpContext.Request.Headers["Authorization"];
if (!user.Identity.IsAuthenticated)
{
// it isn't needed to set unauthorized result
// as the base class already requires the user to be authenticated
// this also makes redirect to a login page work properly
//context.Result = new UnauthorizedResult();
//return;
throw new UnauthorizeException();
}cookie
if (Permission == null && AuthCheckApi == false)
return;ui
var pemissions = context.HttpContext.User.Claims.First(x => x.Type == "Pemission");
IEnumerable<string> pemissionList = pemissions != null ? JsonConvert.DeserializeObject<List<string>>(pemissions.Value) : null;this
if (AuthCheckApi == true)
{
//TODO: 請求參數中獲取permission參數。 跟token比對。 若是包含 return; 不包含401
var acka = context.HttpContext.Request.Query["permission"].ToArray();
Console.WriteLine(Permission);
foreach (string item in pemissionList)
{
if (item.Equals(acka.First()))
return;
}
}url
if (Permission != null)
{
foreach (string item in pemissionList)
{
if (item.Equals(Permission))
return;
}
}spa
throw new UnauthorizeException();
//TODO: 把失效用戶存在redis緩存中, 查詢是否失效用戶
//登出時將相關的信息好比用戶名存儲在redis中 修改某用戶權限也讓他失效 jwt中解析出用戶名去redis中查找
//每次登錄 從失效列表刪除jwt
}
}
}token
自定義方法ip
public static HttpWebResponse CreateGetHttpResponse(string url, int? timeout, string authorization, CookieCollection cookies) { if (string.IsNullOrEmpty(url)) { throw new ArgumentNullException("url"); } HttpWebRequest request = WebRequest.Create(url) as HttpWebRequest; request.Method = "GET"; request.UserAgent = DefaultUserAgent; request.Proxy = null; request.Headers.Add("Authorization", authorization); if (timeout.HasValue) { request.Timeout = timeout.Value; } if (cookies != null) { request.CookieContainer = new CookieContainer(); request.CookieContainer.Add(cookies); } ServicePointManager.DefaultConnectionLimit = 120; return request.GetResponse() as HttpWebResponse; }