token 处理

HiTeachCE/Context/HttpGlobalExceptionInvoke.cs

@@ -84,7 +84,7 @@ namespace HiTeachCE.Context
                                 msg = exs.Message;
                                 break;
                             case 403:
-                               msg = "";
+                               msg = "金钥验证错误";
                                 break;
                             default:
                                 msg = "Unknown Error";

HiTeachCE/Controllers/ActivationCodeController.cs

@@ -29,7 +29,7 @@ namespace HiTeachCE.Controllers
         /// <param name="request"></param>
         /// <returns></returns>
         [HttpPost("list")]
-        [Authorize(Roles = Constant.Role_Root)]
+        [Authorize(Policy = Constant.Role_Root)]
         public BaseJosnRPCResponse List(PaginationJosnRPCRequest<Dictionary<string, string>> request)
         {
             JsonRPCResponseBuilder builder = new JsonRPCResponseBuilder();

HiTeachCE/Controllers/BaseController.cs

@@ -33,15 +33,16 @@ namespace HiTeachCE.Controllers
                 return null;
             }
             ClaimModel claimModel = JwtHelper.SerializeJWT(tokenHeader);
-            claimModel.Claim.TryGetValue(claimType, out var claimValue);
+          //  claimModel.Claim.TryGetValue(claimType, out var claimValue);
             string claimValues = "";
             foreach (Claim claim in claimModel.Claims)
             {
                 if (claim.Type.Equals(claimType))
                 {
-                    claimValues= claim.Value;
+                    claimValues= claimValues+claim.Value+",";
                 }
             }
+            claimValues = claimValues.Substring(0, claimValues.Length - 1);
             return claimValues;
         }
     }

HiTeachCE/Controllers/LoginController.cs

@@ -34,7 +34,7 @@ namespace HiTeachCE.Controllers
     public class LoginController : BaseController
     {
 
-        public static int smsTTL = 1 * 60;
+        public static int smsTTL = 4 * 60;
         public static int ticketTTL = 1 * 24 * 60 * 60;
         public static int freeTTL = 7 * 24 * 60 * 60;
         public static int deviceTTL = 1 * 24 * 60 * 60;
@@ -549,7 +549,7 @@ namespace HiTeachCE.Controllers
                 string base64 = "data:image/png;base64," + Convert.ToBase64String(imgbyte);
                 RedisHelper.HSet("captcha:" + request.@params, request.@params, code);
                 RedisHelper.Expire("captcha:" + request.@params, smsTTL);
-                return builder.Data(base64).build();
+                return builder.Data(base64).Extend(new Dictionary<string, object> { { "code", code } }).build();
             }
             else {
                 throw new BizException("随机码为空！", 2);

HiTeachCE/Controllers/OrganizationController.cs

@@ -43,7 +43,7 @@ namespace HiTeachCE.Controllers
         /// <param name="request"></param>
         /// <returns></returns>
         [HttpPost("list")]
-        [Authorize(Roles = Constant.Role_RootAdmin)]
+        [Authorize(Policy =Constant.Role_RootAdmin)]
         public BaseJosnRPCResponse List(PaginationJosnRPCRequest<Dictionary<string, string>> request)
         {
             string role = GetLoginUser(JwtClaimTypes.Role);
@@ -71,7 +71,14 @@ namespace HiTeachCE.Controllers
                     order = o => o.createTime;
                     organizations = organizationService.GetPageList(linq, request.@params.page, order, OrderByType.Desc);
                     extend.Add("manager", organizations.Select(x => x.code).ToList());
-                    
+
+                }
+                else {
+                    Expression<Func<Organization, object>> order = null;
+                    order = o => o.createTime;
+                    linq = m => 1 == 1;
+                    organizations = organizationService.GetPageList(linq, request.@params.page, order, OrderByType.Desc);
+                    extend.Add("manager", organizations.Select(x => x.code).ToList());
                 }
             }
             else {
@@ -106,7 +113,7 @@ namespace HiTeachCE.Controllers
         /// <param name="request"></param>
         /// <returns></returns>
         [HttpPost("update")]
-        [Authorize(Roles = Constant.Role_RootAdmin)]
+        [Authorize(Policy  = Constant.Role_RootAdmin)]
         public BaseJosnRPCResponse Update(JosnRPCRequest<Organization> request)
         {
             string unionid = GetLoginUser(JwtClaimTypes.Id);
@@ -133,6 +140,9 @@ namespace HiTeachCE.Controllers
                     request.@params.type = organization.type;
                     b = organizationService.Update(request.@params);
                 }
+                else {
+                    throw new BizException("登录管理员不能管理该组织机构", 2);
+                }
             }
             return builder.Data(b).build();
         }
@@ -142,7 +152,7 @@ namespace HiTeachCE.Controllers
         /// <param name="request"></param>
         /// <returns></returns>
         [HttpPost("add")]
-        [Authorize(Roles = Constant.Role_Root)]
+        [Authorize(Policy = Constant.Role_Root)]
         public BaseJosnRPCResponse Add(JosnRPCRequest<OrgDto> request)
         {
             JsonRPCResponseBuilder builder = JsonRPCResponseBuilder.custom();

HiTeachCE/Extension/Jwt/JwtAuth.cs

@@ -93,8 +93,8 @@ namespace HiTeachCE.Extension
                 options.AddPolicy(Constant.Role_Admin, policy => policy.RequireRole("admin").Build());
                 options.AddPolicy(Constant.Role_Lecturer, policy => policy.RequireRole("lecturer").Build());
                 options.AddPolicy(Constant.Role_Learner, policy => policy.RequireRole("learner").Build());
-                options.AddPolicy(Constant.Role_RootAdmin, policy => policy.RequireRole("root","admin").Build());
-                options.AddPolicy(Constant.Role_WebAll, policy => policy.RequireRole("root","admin" ,"learner").Build());
+                options.AddPolicy(Constant.Role_RootAdmin, policy => policy.RequireRole("root", "admin").Build());
+                options.AddPolicy(Constant.Role_WebAll, policy => policy.RequireRole("root", "admin", "learner").Build());
             });
         }
     }

HiTeachCE/Extension/Jwt/JwtHelper.cs

@@ -1,7 +1,10 @@
+using Grpc.Extension.Common;
 using IdentityModel;
 using Microsoft.Extensions.Configuration;
 using Microsoft.IdentityModel.Tokens;
+using Newtonsoft.Json.Linq;
 using System;
+using System.Collections;
 using System.Collections.Generic;
 using System.IdentityModel.Tokens.Jwt;
 using System.Linq;
@@ -10,6 +13,7 @@ using System.Security.Cryptography;
 using System.Threading.Tasks;
 using TEAMModelOS.SDK.Context.Configuration;
 using TEAMModelOS.SDK.Extension.JwtAuth.Models;
+using TEAMModelOS.SDK.Helper.Common.JsonHelper;
 using TEAMModelOS.SDK.Helper.Security.RSACrypt;
 
 namespace HiTeachCE.Extension
@@ -77,32 +81,16 @@ namespace HiTeachCE.Extension
                 return null;
             }
             JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(jwtStr);
-            object role = new object(); ;
-            jwtToken.Payload.TryGetValue(ClaimTypes.Role, out role);
-
-            //var tm = new TokenModelJWT
-            //{
-            //    Uid = (jwtToken.Id).ObjToInt(),
-            //    Role = role != null ? role.ObjToString() : "",
-            //};
-
-
-
-            // var jwtHandler = new JwtSecurityTokenHandler();
-            // JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(jwtStr);
+            jwtToken.Payload.TryGetValue(JwtClaimTypes.Role, out object role);
             ClaimModel claimModel = new ClaimModel();
-            //object role = new object();
-            // claimModel.Claim = jwtToken.Claims.ToDictionary(claim => claim.Type, claim => claim.Value);
             Dictionary<string, object> claimDict = new Dictionary<string, object>();
             foreach (Claim claim in jwtToken.Claims)
             {
                 claimDict.TryAdd(claim.Type, claim.Value);
             }
-            claimDict[ClaimTypes.Role] = role;
+            claimDict[JwtClaimTypes.Role] = role;
             claimModel.Claim = claimDict;
             claimModel.Claims = jwtToken.Claims.ToList();
-            jwtToken.Payload.TryGetValue(ClaimTypes.Role, out role);
-            if (role != null) claimModel.Roles = role.ToString().Split(",").ToList();
             return claimModel;
         }
     }

HiTeachCE/Helpers/Constant.cs

@@ -9,10 +9,10 @@ namespace HiTeachCE.Helpers
     {
         public static string az09 = "qwertyuiopasdfghjklzxcvbnm0123456789";
         public const string Role_WebAll = "WebAll";
-        public const string Role_Root = "Root";
-        public const string Role_Admin = "Admin";
-        public const string Role_Lecturer = "Lecturer";
-        public const string Role_Learner = "Learner";
+        public const string Role_Root = "root";
+        public const string Role_Admin = "admin";
+        public const string Role_Lecturer = "lecturer";
+        public const string Role_Learner = "learner";
         public const string Role_RootAdmin = "RootAdmin";
     }
 }

HiTeachCE/appsettings.Development.json

@@ -51,5 +51,5 @@
     "receiveDirectMethod": "$iothub/methods/POST/directMethod/#",
     "receiveTwin": "$iothub/twin/res/#"
   },
-  "RootUser": [ "15283771540", "17711533106", "18482133094", "19983148070" ]
+  "RootUser": [ "15283771540","18482133094", "19983148070" ]
 }

HiTeachCE/appsettings.json

@@ -42,5 +42,5 @@
     "receiveDirectMethod": "$iothub/methods/POST/directMethod/#",
     "receiveTwin": "$iothub/twin/res/#"
   },
-  "RootUser": [ "15283771540", "17711533106", "18482133094", "19983148070" ]
+  "RootUser": [ "15283771540", "18482133094", "19983148070" ]
 }

JwtTest/private.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA478XskPJlQaL216X0N/XkG23OKmPDJkorDVb7V4kLF48+zoo
+8SAZMipNPiQo4nMXMjERk8YYrgZzzCESfESiEnWtMpqCFKShTWvqDDBqxoS/61xv
+RmAVSTfgNiGTJSAgnStZ5qJfLFYjf10wy2N2rL1PT8K0mg48U50teiUApdOlM9Lx
+KvCscpwKSehvDcrM3gcp6QfCzZMPf/carA8lL8l0Ql/F+cjtBGIPKWMgHsm+70i0
+LZjYyJcFJUsbZW+0LTFVA6/JG7lsNDRpmn6m9REfJXgbQqNar8KNMNApM34BkzKz
+O88IWy/Kn3PRR2FPsxUJ3uIJt5yOCUYP2BtdgwIDAQABAoIBAQDVJctvs7G+H9pU
+/Tro6hY9vfF0vnx7Nfyy712R0kHYpHo+Rjh7M6dhI+YW+pCpHz3eY74np4cBmFhX
++7vpQfLNhAUNDz4fQ9UTOKRbtBS6pxNXm7MpElPZqsnU36dvX5omfqQtDlo0jIm8
+ceNw9y3ijWrlIz0T0a70Mm6Vmnv4tU/JDfJ5vmsn0cS8WavYn5n5UovNE6JOdR2a
+1vzSHcmIj0m/mtzRPAM46r2+NDeCMG90ZLRuD4WYeN5ob27DwazQXvVADqfexZET
+U+ECFNG70EvY2kOBqLGED0hfKmXLzckAU9UyCaWUF99JxoOjdH9HTbSjxr3wBmke
++uDTNNABAoGBAPw84m0tMy1PnkjYsQdCvcAhqDGXLdOy6GDNCl/GlWcF2LLile2x
+4wpLpOEm15DW/i7mtCc+eqq2ngVXpcnVH5EKHIE+SY1t1CXYkJvN/v802fVVSkd+
+JJW/HwgVnnK4s67atrx3BgBMGYYisA/AGwPWzeupHEne7jvDqimEltCDAoGBAOck
+sW1rwYy71FVM5RlAKw5vUlxS7BE4STNS18vJe+XfCyg4M8W7fX2HoYncihESzkKm
+KbuiidjTcJs6RaBq0HxHhv8/sKjO3LG8apbH5mFDIO1W4a4e7kc1FalOq3cDVwIG
+dncHK0ymsAOA+yCMNznhf8wqPST0vmCKTwDyKa8BAoGBAPmd5xXUHUlB+YptpwNg
+cReqNyCcU6Wk74KcZx/RDhkeGA0vXuATonOV2F1YawvTN0iC1tXfZtV6U3dF/bN3
+Tf3i28KrOW7UuZWac8E8YpV8YBYBibimhN4MfVEq09sEHg10NFLeFvpEVR4BRerQ
+Weu6r53/hRc1nt1WDRd5NyaxAoGAIT28qoDRr/yfN7k8RVpeFtBZpt9iBcPzewcR
+88PBJrjh8OHMSEaDcJcd2ya1UGlE8n7VB6ADdQRLcHd75esWmpjqyDCPpmdBg+oV
+5iNPdXNi+97/y7u1BtaSi+u9avs2+xqU1N9aEcbzDz3wX6jqlE9iwqjcbEEqU9Xw
+MLGi3wECgYAbiT2z/eN+Q6+eT7yPbUxTXcm3NexfMzTVADkNxX5uwSwgs6Jlk+HR
+/mXCwmzDagtbyW7lWAYr1KHjlRCOUpYZDep7NlF8GPlIi68iUlmP0m7J2N30RTEY
+WQ+wkcE4JX26l09uaRaGkvtRCqGWQnev/EpiU/iCBUNM69Gibkq/7A==
+-----END RSA PRIVATE KEY-----

JwtTest/public.pem

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA478XskPJlQaL216X0N/X
+kG23OKmPDJkorDVb7V4kLF48+zoo8SAZMipNPiQo4nMXMjERk8YYrgZzzCESfESi
+EnWtMpqCFKShTWvqDDBqxoS/61xvRmAVSTfgNiGTJSAgnStZ5qJfLFYjf10wy2N2
+rL1PT8K0mg48U50teiUApdOlM9LxKvCscpwKSehvDcrM3gcp6QfCzZMPf/carA8l
+L8l0Ql/F+cjtBGIPKWMgHsm+70i0LZjYyJcFJUsbZW+0LTFVA6/JG7lsNDRpmn6m
+9REfJXgbQqNar8KNMNApM34BkzKzO88IWy/Kn3PRR2FPsxUJ3uIJt5yOCUYP2Btd
+gwIDAQAB
+-----END PUBLIC KEY-----