using System.Text; using System.Web; using Common; using Extensions; using Infrastructure; using Model.Base; using Util; namespace Filters { public class AuthMiddleware { public static string Do(HttpContext context) { string url = context.Request.Path; var options = App.OptionsSetting; var paths = options.GatewayFilterUrl; if(paths.Where(m => !m.Contains("*")).Contains(url)) { return "success"; } foreach(var path in paths.Where(m => m.Contains("*"))) { if(url.StartsWith(path.TrimEnd('*'))) { return "success"; } } string ip = HttpContextExtension.GetClientUserIp(context); var isAuthed = context.User.Identity.IsAuthenticated; string osType = context.Request.Headers["os"]; //使用jwt token校验2020-11-21 TokenModel loginUser = JwtUtil.GetLoginUser(context); if (loginUser != null) { var nowTime = DateTime.UtcNow; TimeSpan ts = loginUser.ExpireTime - nowTime; //Console.WriteLine($"jwt到期剩余:{ts.TotalMinutes}分,{ts.TotalSeconds}秒"); var CK = "token_" + loginUser.userId; if (!CacheHelper.Exists(CK) && ts.TotalMinutes < 5) { var newToken = JwtUtil.GenerateJwtToken(JwtUtil.AddClaims(loginUser)); CacheHelper.SetCache(CK, CK, 1); //移动端不加下面这个获取不到自定义Header if (osType != null) { context.Response.Headers.Add("Access-Control-Expose-Headers", "X-Refresh-Token"); } Utils.WriteLog($"userName={loginUser.username},token={newToken}", "刷新token"); context.Response.Headers.Add("X-Refresh-Token", newToken); } } if (loginUser == null) { string msg = $"请求访问[{url}]失败,无法访问系统资源"; return msg; } return "success"; } } }