赖素文
authored
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Dynamic;
using System.Linq;
using Hh.Mes.Api;
using Hh.Mes.Common.config;
using Hh.Mes.Common.Json;
using Hh.Mes.Common.log;
using Hh.Mes.POJO.Entity;
using Hh.Mes.Pojo.System;
using Hh.Mes.Service.Logs;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Controllers;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.Net.Http.Headers;
|
唐召明
authored
|
18
|
using Microsoft.Extensions.Caching.Distributed;
|
赖素文
authored
|
19
|
using Newtonsoft.Json;
|
唐召明
authored
|
20
|
using JsonSerializer = System.Text.Json.JsonSerializer;
|
赖素文
authored
|
21
22
23
24
25
26
27
28
29
|
namespace Hh.Mes.API.AOP
{
/// <summary>
/// 全局登入token认证 验证
/// </summary>
public class AuthFilterAttribute : ActionFilterAttribute
{
#region 属性
|
赖素文
authored
|
30
|
private readonly string ReturnMsgTokens = "{\"code\":401,\"status\":false,\"message\":\"Tokens失效 请重新登入\",\"result\":null}";
|
赖素文
authored
|
31
32
33
34
35
36
37
38
|
private string requestContext { get; set; }
private Stopwatch Stopwatch { get; set; }
private UserAuthSession user { get; set; }
private string token { get; set; }
private HttpRequest httpContext { get; set; }
private ControllerActionDescriptor description { get; set; }
private string ip { get; set; }
private readonly string[] alloweLog = { "PdaOfflineMenu", "GetOrderState" };
|
唐召明
authored
|
39
|
private readonly IDistributedCache _cache;
|
赖素文
authored
|
40
41
|
#endregion
|
唐召明
authored
|
42
43
44
45
46
|
public AuthFilterAttribute(IDistributedCache cache)
{
_cache = cache;
}
|
赖素文
authored
|
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
public override void OnActionExecuting(ActionExecutingContext context)
{
#region 初始化 赋值
Stopwatch = new Stopwatch();
Stopwatch.Start();
httpContext = context.HttpContext.Request;
description = (ControllerActionDescriptor)context.ActionDescriptor;
requestContext = JsonConvert.SerializeObject(context.ActionArguments);
if (requestContext == "{}" && httpContext.ContentType != null && httpContext.Method == "POST")
{
if (httpContext.ContentType.IndexOf("form-data", StringComparison.Ordinal) > -1)
{
requestContext = "{";
foreach (var item in context.HttpContext.Request.Form.Keys)
{
requestContext += item == "password" ? $"\"{item}\":\"{string.Concat(Enumerable.Repeat("*", context.HttpContext.Request.Form[item].ToString().Count()))}\"" : $"\"{item}\":\"{context.HttpContext.Request.Form[item]}\"";
if (item != context.HttpContext.Request.Form.Keys.Last()) requestContext += ",";
}
requestContext += "}";
}
}
token = GetToken(context);
ip = context.HttpContext.Connection.RemoteIpAddress.ToString();
#endregion
#region 获取请求参数 写日志
//dynamic response;
//if (httpContext.Method.ToLower() == "get")
//{
// response = httpContext.QueryString.ToString();
//}
//else
//{
// dynamic result = context.Result;
// response = IsPropertyExist(result, "Value") ? result.Value : "返回结果前";
//}
//EnqueueInterLog(response, user?.Account);
#endregion
#region 忽略拦截
if (AopAllowed())
{
base.OnActionExecuting(context);
return;
}
#endregion
#region token 读取 日志写入队列
if (string.IsNullOrEmpty(token))
{
ContextResponse(context);
Log4NetHelper.Instance.Info("tokens 为null");
}
else
{
|
唐召明
authored
|
103
104
105
106
107
108
109
110
|
var userBytes = _cache.Get(token);
UserAuthSession user = null;
if (userBytes != null)
{
user = JsonSerializer.Deserialize<UserAuthSession>(userBytes);
}
if (user == null || string.IsNullOrWhiteSpace(user.Account))
|
赖素文
authored
|
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
{
Log4NetHelper.Instance.Info("user 为null:" + token);
ContextResponse(context);
Stopwatch.Stop();
EnqueueInterLog(ReturnMsgTokens, "");
}
}
base.OnActionExecuting(context);
#endregion
}
public override void OnActionExecuted(ActionExecutedContext context)
{
base.OnActionExecuted(context);
Stopwatch.Stop();
#region 获取请求参数 写日志
dynamic response;
|
赖素文
authored
|
129
|
var resultType = context.Result.GetType();
|
赖素文
authored
|
130
131
|
if (httpContext.Method.ToLower() == "get")
{
|
赖素文
authored
|
132
133
|
var objectResult = context.Result as ObjectResult;
response = IsPropertyExist(objectResult, "Value") ? objectResult.Value : $"返回结果只处理JSON 格式,当前类型: {resultType}";
|
赖素文
authored
|
134
135
136
137
|
}
else
{
dynamic result = context.Result;
|
赖素文
authored
|
138
|
response = IsPropertyExist(result, "Value") ? result.Value : $"返回结果只处理JSON 格式,当前类型: {resultType}";
|
赖素文
authored
|
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
|
}
var keyUrl = context.HttpContext.Request.Path.Value;
EnqueueInterLog(response, user?.Account, keyUrl);
#endregion
#region 忽略拦截
if (AopAllowed()) return;
#endregion
}
#region 自定义方法
private string GetToken(ActionExecutingContext context)
{
var temp = context.HttpContext.Request.Query[Program.tokens];
if (string.IsNullOrEmpty(temp)) temp = context.HttpContext.Request.Cookies[Program.tokens];
if (string.IsNullOrEmpty(temp)) temp = context.HttpContext.Request.Headers[Program.tokens];
return temp;
}
private void ContextResponse(ActionExecutingContext context)
{
context.HttpContext.Response.ContentType = "application/json";
context.Result = new ContentResult
{
Content = ReturnMsgTokens,
StatusCode = StatusCodes.Status200OK,
ContentType = "application/json"
};
}
/// <summary>
/// 动态类型 dynamic 是否存在某个属性
/// </summary>
private static bool IsPropertyExist(dynamic data, string propertyname)
{
try
{
if (data == null) return false;
if (data is ExpandoObject)
return ((IDictionary<string, object>)data).ContainsKey(propertyname);
return data.GetType().GetProperty(propertyname) != null;
}
catch (Exception)
{
Log4NetHelper.Instance.Info("【AuthFilterAttribute、IsPropertyExist】方法异常,不影响程序运行,反复出现请检查程序");
return false;
}
}
private void EnqueueInterLog(dynamic response, string name, string keyUrl = "")
{
var path = httpContext.Path.ToString();
if (alloweLog.Any(t => path.IndexOf(t, StringComparison.Ordinal) > -1)) return;
var browser = httpContext.Headers[HeaderNames.UserAgent].ToString();
var system = "api";
if (browser.IndexOf("Android", StringComparison.Ordinal) > -1) system = "app Android";
bool isOk = response is string;
if (!isOk) response = JsonHelper.Instance.Serialize(response);
var type = "接收";
var isSaveLog = true;
if (SystemVariable.apiList.Count == 0) SystemVariable.InitApiList();
if (!string.IsNullOrEmpty(keyUrl) && SystemVariable.apiList.ContainsKey(keyUrl))
{
type = SystemVariable.apiList[keyUrl].Item1;
isSaveLog = SystemVariable.apiList[keyUrl].Item2;
}
//InitApiList 配置false 不写入数据库队列日志
if (!isSaveLog) return;
QueueInterLog.GetInstance.Queue().Enqueue(new sys_interface_log()
{
type = type,
system = system,
method = httpContext.Method,
server = httpContext.Host.ToString(),
path = path,
apiGroup = description.ControllerName,
actionName = description.ActionName,
queryString = httpContext.QueryString.ToString(),
request = requestContext,
response = response,
totalMilliseconds = Stopwatch.Elapsed.TotalSeconds,
logTime = DateTime.Now,
createBy = user == null ? system : user.Name,
name = name,
ip = ip,
browser = browser,
result = "token:" + token
});
}
/// <summary>
/// 当前url 是否匹配 忽略拦截的 配置路径
/// </summary>
/// <returns></returns>
private bool AopAllowed()
{
var allowedUrl = ConfigRead.GetInstance.GetAppsetConnection().allowed;
if (allowedUrl == null || allowedUrl.Length == 0) return false;
var url = httpContext.Path.Value;
return allowedUrl.Any(item => url.IndexOf(item, StringComparison.Ordinal) > -1);
}
#endregion
}
}
|
