OA2023/OASystem/OASystem.Api/OASystemAuthentication.cs

using Microsoft.AspNetCore.Mvc.Filters;
using System.IdentityModel.Tokens.Jwt;

namespace OASystem.API
{
    public class OASystemAuthentication : AuthorizeAttribute
    {
        public void OnAuthorization(AuthorizationFilterContext context)
        {
            string id = context.HttpContext.User.FindFirst("id")?.Value;
            if (string.IsNullOrEmpty(id))
            {
                context.Result = new StatusCodeResult(401); //返回鉴权失败
                return;
            }

            Console.WriteLine("我是Authorization过滤器");
            // 请求的地址
            //var url = context.HttpContext.Request.Path.Value;
            // 请求头信息
            var heads = context.HttpContext.Request.Headers;



            string token = heads["Authorization"];
            token = token.Replace("Bearer ", "");//去掉 "Bearer "才是真正的token
            if (string.IsNullOrEmpty(token))
            {
                Console.WriteLine("校验不通过");
                return;
            }

            //redis校验这个token的有效性，确定来源是sso和确定会话没过期
            //解析员工userNumber
            var jwtHandler = new JwtSecurityTokenHandler();
            JwtSecurityToken securityToken = jwtHandler.ReadJwtToken(token);
            //DateTime expDt = (securityToken.Payload[JwtRegisteredClaimNames.c] ?? 0).GetInt().GetTimeSpmpToDate();


            //if (!_cacheService.StringGet<bool>($"token:{token}"))
            //{
            //    Console.WriteLine($"token无效,token:{token}");
            //    context.Result = new StatusCodeResult(401); //返回鉴权失败
            //    return;
            //}

        }
    }
}