移除两个认证类到公共类中,以便前台项目使用
This commit is contained in:
parent
f24632b080
commit
f8ac050f5f
|
@ -1,59 +0,0 @@
|
|||
using Bootstrap.Admin.Controllers;
|
||||
using Bootstrap.DataAccess;
|
||||
using Longbow.Caching;
|
||||
using Longbow.Security.Principal;
|
||||
using System.Linq;
|
||||
using System.Security.Principal;
|
||||
using System.Web.Http;
|
||||
using System.Web.Http.Controllers;
|
||||
|
||||
namespace Bootstrap.Admin
|
||||
{
|
||||
/// <summary>
|
||||
///
|
||||
/// </summary>
|
||||
public class BAAPIAuthorizaAttribute : AuthorizeAttribute
|
||||
{
|
||||
/// <summary>
|
||||
///
|
||||
/// </summary>
|
||||
/// <param name="actionContext"></param>
|
||||
/// <returns></returns>
|
||||
protected override bool IsAuthorized(HttpActionContext actionContext)
|
||||
{
|
||||
IPrincipal principal = actionContext.ControllerContext.RequestContext.Principal;
|
||||
if (principal.Identity.IsAuthenticated)
|
||||
{
|
||||
if (LgbPrincipal.IsAdmin(principal.Identity.Name)) return true;
|
||||
SetPrincipal(principal.Identity, actionContext);
|
||||
}
|
||||
else
|
||||
{
|
||||
if (actionContext.Request.Headers.Contains("Token"))
|
||||
{
|
||||
try
|
||||
{
|
||||
var token = actionContext.Request.Headers.GetValues("Token").First();
|
||||
if (!string.IsNullOrEmpty(token))
|
||||
{
|
||||
var auth = CacheManager.Get<LoginInfo>(token);
|
||||
if (auth != null && !string.IsNullOrEmpty(auth.UserName))
|
||||
{
|
||||
SetPrincipal(new GenericIdentity(auth.UserName, "BAToken"), actionContext);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
catch { }
|
||||
}
|
||||
}
|
||||
return base.IsAuthorized(actionContext);
|
||||
}
|
||||
|
||||
private static void SetPrincipal(IIdentity identity, HttpActionContext actionContext)
|
||||
{
|
||||
var roles = RoleHelper.RetrieveRolesByUserName(identity.Name).Select(r => r.RoleName);
|
||||
actionContext.ControllerContext.RequestContext.Principal = new LgbPrincipal(identity, roles);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,50 +0,0 @@
|
|||
using Bootstrap.DataAccess;
|
||||
using Longbow.Web.Mvc;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Web.Mvc;
|
||||
|
||||
namespace Bootstrap.Admin
|
||||
{
|
||||
/// <summary>
|
||||
///
|
||||
/// </summary>
|
||||
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
|
||||
class BAAuthorizeAttribute : LgbAuthorizeAttribute
|
||||
{
|
||||
/// <summary>
|
||||
///
|
||||
/// </summary>
|
||||
/// <param name="userName"></param>
|
||||
/// <returns></returns>
|
||||
protected override IEnumerable<string> RetrieveRolesByUserName(string userName)
|
||||
{
|
||||
return RoleHelper.RetrieveRolesByUserName(userName).Select(r => r.RoleName);
|
||||
}
|
||||
/// <summary>
|
||||
///
|
||||
/// </summary>
|
||||
/// <param name="url"></param>
|
||||
/// <returns></returns>
|
||||
protected override IEnumerable<string> RetrieveRolesByUrl(string url)
|
||||
{
|
||||
return RoleHelper.RetrieveRolesByUrl(url).Select(r => r.RoleName);
|
||||
}
|
||||
/// <summary>
|
||||
///
|
||||
/// </summary>
|
||||
/// <param name="filterContext"></param>
|
||||
protected override void HandleUnauthorizedRequest(System.Web.Mvc.AuthorizationContext filterContext)
|
||||
{
|
||||
if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
|
||||
{
|
||||
base.HandleUnauthorizedRequest(filterContext);
|
||||
return;
|
||||
}
|
||||
var view = new ViewResult();
|
||||
view.ViewName = "UnAuthorized";
|
||||
filterContext.Result = view;
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,4 +1,5 @@
|
|||
using Longbow.Web.Mvc;
|
||||
using Bootstrap.Security.Mvc;
|
||||
using Longbow.Web.Mvc;
|
||||
using System;
|
||||
using System.Web.Mvc;
|
||||
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
using System.Web.Http;
|
||||
using Bootstrap.Security.Mvc;
|
||||
using System.Web.Http;
|
||||
|
||||
namespace Bootstrap.Admin
|
||||
{
|
||||
|
|
|
@ -43,6 +43,8 @@
|
|||
<WarningLevel>4</WarningLevel>
|
||||
</PropertyGroup>
|
||||
<ItemGroup>
|
||||
<Reference Include="Bootstrap.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=c20f2177a7066899, processorArchitecture=MSIL" />
|
||||
<Reference Include="Bootstrap.Security.Mvc, Version=4.0.0.0, Culture=neutral, PublicKeyToken=c20f2177a7066899, processorArchitecture=MSIL" />
|
||||
<Reference Include="Longbow, Version=3.0.0.0, Culture=neutral, PublicKeyToken=c20f2177a7066899, processorArchitecture=MSIL" />
|
||||
<Reference Include="Longbow.ExceptionManagement, Version=3.0.0.0, Culture=neutral, PublicKeyToken=c20f2177a7066899, processorArchitecture=MSIL" />
|
||||
<Reference Include="Longbow.V4, Version=4.0.0.0, Culture=neutral, PublicKeyToken=c20f2177a7066899, processorArchitecture=MSIL" />
|
||||
|
@ -237,8 +239,6 @@
|
|||
<Compile Include="..\bldver.cs">
|
||||
<Link>bldver.cs</Link>
|
||||
</Compile>
|
||||
<Compile Include="App_Start\BAAPIAuthorizaAttribute.cs" />
|
||||
<Compile Include="App_Start\BAAuthorizeAttribute.cs" />
|
||||
<Compile Include="App_Start\DBPublisher.cs" />
|
||||
<Compile Include="App_Start\FilterConfig.cs" />
|
||||
<Compile Include="App_Start\RouteConfig.cs" />
|
||||
|
|
|
@ -22,6 +22,7 @@
|
|||
|
||||
<connectionStrings>
|
||||
<add name="SQL" providerName="System.Data.SqlClient" connectionString="Data Source=.;Initial Catalog=BootstrapAdmin;User ID=sa;Password=sa"/>
|
||||
<add name="ba" providerName="System.Data.SqlClient" connectionString="Data Source=.;Initial Catalog=BootstrapAdmin;User ID=sa;Password=sa"/>
|
||||
</connectionStrings>
|
||||
|
||||
<cacheManager>
|
||||
|
@ -35,8 +36,6 @@
|
|||
<add key="RoleHelper-RetrieveRolesByUserId" interval="600" desc="指定用户角色数据缓存"/>
|
||||
<add key="RoleHelper-RetrieveRolesByMenuId" interval="600" desc="指定菜单角色数据缓存"/>
|
||||
<add key="RoleHelper-RetrieveRolesByGroupId" interval="600" desc="指定组角色数据缓存"/>
|
||||
<add key="RoleHelper-RetrieveRolesByUserName" interval="600" desc="指定用户名角色数据缓存"/>
|
||||
<add key="RoleHelper-RetrieveRolesByUrl" interval="600" desc="指定菜单的角色数据缓存"/>
|
||||
<add key="GroupHelper-RetrieveGroups" interval="600" desc="所有组数据缓存"/>
|
||||
<add key="GroupHelper-RetrieveGroupsByUserId" interval="600" desc="指定用户组数据缓存"/>
|
||||
<add key="GroupHelper-RetrieveGroupsByRoleId" interval="600" desc="指定角色组数据缓存"/>
|
||||
|
@ -50,6 +49,8 @@
|
|||
<add key="ExceptionHelper-RetrieveExceptions" interval="600" desc="程序异常数据缓存"/>
|
||||
<add key="MessageHelper-RetrieveMessages" interval="600" desc="站内消息数据缓存" />
|
||||
<add key="TaskHelper-RetrieveTasks" interval="600" desc="所有任务数据缓存" />
|
||||
<add key="BootstrapAdminPrincipal-RetrieveRolesByUrl" interval="600" desc="指定菜单的角色数据缓存"/>
|
||||
<add key="BootstrapAdminPrincipal-RetrieveRolesByUserName" interval="600" desc="指定用户名角色数据缓存"/>
|
||||
</cacheManager>
|
||||
|
||||
|
||||
|
@ -81,6 +82,7 @@
|
|||
</pages>
|
||||
<httpModules>
|
||||
</httpModules>
|
||||
<machineKey validation="SHA1" validationKey="78EA3850338FBADCE59D8DDF58C9E4518E75AC149C46142D7AAD7F1AD49D95D4" decryptionKey="684FC9301F404DE1B9565E7D9520AC579E823307BED44885" />
|
||||
</system.web>
|
||||
<system.webServer>
|
||||
<staticContent>
|
||||
|
|
|
@ -8,7 +8,6 @@ using System.Collections.Generic;
|
|||
using System.Data;
|
||||
using System.Data.Common;
|
||||
using System.Data.SqlClient;
|
||||
using System.Globalization;
|
||||
using System.Linq;
|
||||
|
||||
namespace Bootstrap.DataAccess
|
||||
|
@ -18,9 +17,8 @@ namespace Bootstrap.DataAccess
|
|||
/// </summary>
|
||||
public static class RoleHelper
|
||||
{
|
||||
internal const string RetrieveRolesDataKey = "RoleHelper-RetrieveRoles";
|
||||
private const string RetrieveRolesByUrlDataKey = "RoleHelper-RetrieveRolesByUrl";
|
||||
internal const string RetrieveRolesByUserNameDataKey = "RoleHelper-RetrieveRolesByUserName";
|
||||
internal const string RetrieveRolesDataKey = "RoleHelper-RetrieveRoles";
|
||||
internal const string RetrieveRolesByUserIDDataKey = "RoleHelper-RetrieveRolesByUserId";
|
||||
internal const string RetrieveRolesByMenuIDDataKey = "RoleHelper-RetrieveRolesByMenuId";
|
||||
internal const string RetrieveRolesByGroupIDDataKey = "RoleHelper-RetrieveRolesByGroupId";
|
||||
|
@ -350,73 +348,5 @@ namespace Bootstrap.DataAccess
|
|||
}
|
||||
return ret;
|
||||
}
|
||||
/// <summary>
|
||||
/// 根据用户名查询某个用户所拥有的角色
|
||||
/// 从UserRole表查
|
||||
/// 从User-〉Group-〉GroupRole查
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
public static IEnumerable<Role> RetrieveRolesByUserName(string username)
|
||||
{
|
||||
string key = string.Format("{0}-{1}", RetrieveRolesByUserNameDataKey, username);
|
||||
return CacheManager.GetOrAdd(key, CacheSection.RetrieveIntervalByKey(RetrieveRolesByUserNameDataKey), k =>
|
||||
{
|
||||
List<Role> Roles = new List<Role>();
|
||||
try
|
||||
{
|
||||
string sql = "select r.ID, r.RoleName, r.[Description] from Roles r inner join UserRole ur on r.ID=ur.RoleID inner join Users u on ur.UserID=u.ID and u.UserName=@UserName union select r.ID, r.RoleName, r.[Description] from Roles r inner join RoleGroup rg on r.ID=rg.RoleID inner join Groups g on rg.GroupID=g.ID inner join UserGroup ug on ug.GroupID=g.ID inner join Users u on ug.UserID=u.ID and u.UserName=@UserName";
|
||||
DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql);
|
||||
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@UserName", username, ParameterDirection.Input));
|
||||
using (DbDataReader reader = DBAccessManager.SqlDBAccess.ExecuteReader(cmd))
|
||||
{
|
||||
while (reader.Read())
|
||||
{
|
||||
Roles.Add(new Role()
|
||||
{
|
||||
ID = (int)reader[0],
|
||||
RoleName = (string)reader[1],
|
||||
Description = (string)reader[2],
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
catch (Exception ex) { ExceptionManager.Publish(ex); }
|
||||
return Roles;
|
||||
}, CacheSection.RetrieveDescByKey(RetrieveRolesByUserNameDataKey));
|
||||
}
|
||||
/// <summary>
|
||||
/// 根据菜单url查询某个所拥有的角色
|
||||
/// 从NavigatorRole表查
|
||||
/// 从Navigators-〉GroupNavigatorRole-〉Role查查询某个用户所拥有的角色
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
public static IEnumerable<Role> RetrieveRolesByUrl(string url)
|
||||
{
|
||||
string key = string.Format("{0}-{1}", RetrieveRolesByUrlDataKey, url);
|
||||
return CacheManager.GetOrAdd(key, CacheSection.RetrieveIntervalByKey(RetrieveRolesByUrlDataKey), k =>
|
||||
{
|
||||
string sql = "select r.ID, r.RoleName, r.[Description] from Roles r inner join NavigationRole nr on r.ID = nr.RoleID inner join Navigations n on nr.NavigationID = n.ID and n.Url = @URl";
|
||||
List<Role> Roles = new List<Role>();
|
||||
try
|
||||
{
|
||||
DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql);
|
||||
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@URl", url, ParameterDirection.Input));
|
||||
using (DbDataReader reader = DBAccessManager.SqlDBAccess.ExecuteReader(cmd))
|
||||
{
|
||||
while (reader.Read())
|
||||
{
|
||||
Roles.Add(new Role()
|
||||
{
|
||||
ID = (int)reader[0],
|
||||
RoleName = (string)reader[1],
|
||||
Description = (string)reader[2],
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
catch (Exception ex) { ExceptionManager.Publish(ex); }
|
||||
return Roles;
|
||||
}, CacheSection.RetrieveDescByKey(RetrieveRolesByUrlDataKey));
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue