using AdminAPI.Filters;using AdminAPI.Libraries;using AdminAPI.Services;using AdminShared.Models;using AdminShared.Models.Authorize;using Microsoft.AspNetCore.Authorization;using Microsoft.AspNetCore.Cryptography.KeyDerivation;using Microsoft.AspNetCore.Mvc;using Microsoft.EntityFrameworkCore;using Repository.Database;using System.Text;namespace AdminAPI.Controllers{/// <summary>/// 系统访问授权模块/// </summary>[Route("[controller]")][ApiController]public class AuthorizeController : ControllerBase{private readonly DatabaseContext db;private readonly AuthorizeService authorizeService;private readonly long userId;public AuthorizeController(DatabaseContext db, AuthorizeService authorizeService, IHttpContextAccessor httpContextAccessor){this.db = db;this.authorizeService = authorizeService;var userIdStr = httpContextAccessor.HttpContext?.GetClaimByAuthorization("userId");if (userIdStr != null){userId = long.Parse(userIdStr);}}/// <summary>/// 获取Token认证信息/// </summary>/// <param name="login">登录信息集合</param>/// <returns></returns>[HttpPost("GetToken")]public string? GetToken(DtoLogin login){var userList = db.TUser.Where(t => t.IsDelete == false && (t.Name == login.Name || t.Phone == login.Name || t.Email == login.Name)).Select(t => new { t.Id, t.PassWord }).ToList();var user = userList.Where(t => t.PassWord == Convert.ToBase64String(KeyDerivation.Pbkdf2(login.PassWord, Encoding.UTF8.GetBytes(t.Id.ToString()), KeyDerivationPrf.HMACSHA256, 1000, 32))).FirstOrDefault();if (user != null){return authorizeService.GetTokenByUserId(user.Id);}else{HttpContext.Response.StatusCode = 400;HttpContext.Items.Add("errMsg", "用户名或密码错误");return default;}}/// <summary>/// 获取授权功能列表/// </summary>/// <param name="sign">模块标记</param>/// <returns></returns>[SignVerifyFilter][Authorize][CacheDataFilter(TTL = 60, IsUseToken = true)][HttpGet("GetFunctionList")]public List<DtoKeyValue> GetFunctionList(string sign){var roleIds = db.TUserRole.AsNoTracking().Where(t => t.IsDelete == false && t.UserId == userId).Select(t => t.RoleId).ToList();var kvList = db.TFunctionAuthorize.Where(t => t.IsDelete == false && (roleIds.Contains(t.RoleId!.Value) || t.UserId == userId) && t.Function.Parent!.Sign == sign).Select(t => new DtoKeyValue{Key = t.Function.Sign,Value = t.Function.Name}).ToList();return kvList;}}}
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。