Apq
/
Masuit.MyBlogs
tükrözi: https://gitee.com/masuit/Masuit.MyBlogs.git


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
							using Masuit.MyBlogs.Core.Configs;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using System.Web;

namespace Masuit.MyBlogs.Core.Extensions;

/// <summary>
/// 授权验证过滤器
/// </summary>
public sealed class MyAuthorizeAttribute : ActionFilterAttribute
{
	/// <summary>在执行操作方法之前由 ASP.NET MVC 框架调用。</summary>
	/// <param name="filterContext">筛选器上下文。</param>
	public override void OnActionExecuting(ActionExecutingContext filterContext)
	{
		if (filterContext.ActionDescriptor.EndpointMetadata.OfType<AllowAnonymousAttribute>().Any())
		{
			return;
		}
#if !DEBUG
		var user = filterContext.HttpContext.Session.Get<UserInfoDto>(SessionKey.UserInfo);
		if (user?.IsAdmin == true)
		{
			return;
		}

		//先尝试自动登录
		if (filterContext.HttpContext.Request.Cookies.Any(x => x.Key == "username" || x.Key == "password"))
		{
			string name = filterContext.HttpContext.Request.Cookies["username"] ?? "";
			string pwd = filterContext.HttpContext.Request.Cookies["password"]?.DesDecrypt(AppConfig.BaiduAK) ?? "";
			var userInfo = filterContext.HttpContext.RequestServices.GetRequiredService<IUserInfoService>().Login(name, pwd);
			if (userInfo != null)
			{
				filterContext.HttpContext.Response.Cookies.Append("username", name, new CookieOptions()
				{
					Expires = DateTime.Now.AddYears(1),
					SameSite = SameSiteMode.Lax
				});
				filterContext.HttpContext.Response.Cookies.Append("password", filterContext.HttpContext.Request.Cookies["password"], new CookieOptions()
				{
					Expires = DateTime.Now.AddYears(1),
					SameSite = SameSiteMode.Lax
				});
				filterContext.HttpContext.Session.Set(SessionKey.UserInfo, userInfo);
			}
			else
			{
				if (filterContext.HttpContext.Request.Method.Equals(HttpMethods.Get))
				{
					filterContext.Result = new RedirectResult("/passport/login?from=" + HttpUtility.UrlEncode(filterContext.HttpContext.Request.Path.ToString())?.Replace("#", "%23"));
				}
				else
				{
					filterContext.Result = new UnauthorizedObjectResult(new { StatusCode = 401, Success = false, IsLogin = false, Message = "未登录系统，请先登录！" });
				}
			}
		}
		else
		{
			if (filterContext.HttpContext.Request.Method.Equals(HttpMethods.Get))
			{
				filterContext.Result = new RedirectResult("/passport/login?from=" + HttpUtility.UrlEncode(filterContext.HttpContext.Request.Path.ToString()));
			}
			else
			{
				filterContext.Result = new UnauthorizedObjectResult(new { StatusCode = 401, Success = false, IsLogin = false, Message = "未登录系统，请先登录！" });
			}
		}
#endif
	}
}