|
@@ -16,10 +16,12 @@ using TEAMModelOS.SDK.Models.Table;
|
|
|
using TEAMModelOS.SDK.Models.Cosmos.BI.BINormal;
|
|
|
using System.Text.Json;
|
|
|
using HTEXLib.COMM.Helpers;
|
|
|
+using TEAMModelOS.SDK.Models.Cosmos.OpenEntity;
|
|
|
|
|
|
namespace TEAMModelOS.Filter
|
|
|
{
|
|
|
- public class LimitPolicy {
|
|
|
+ public class LimitPolicy
|
|
|
+ {
|
|
|
/// <summary>
|
|
|
/// 颁发给谁的主体
|
|
|
/// </summary>
|
|
@@ -90,7 +92,7 @@ namespace TEAMModelOS.Filter
|
|
|
var azureRedis = services.GetService<AzureRedisFactory>();
|
|
|
var azureStorage = services.GetService<AzureStorageFactory>();
|
|
|
var azureCosmos = services.GetService<AzureCosmosFactory>();
|
|
|
- return new InternalAuthTokenFilter(azureCosmos , option ,azureRedis, Auth, Limit);
|
|
|
+ return new InternalAuthTokenFilter(azureCosmos, option, azureRedis, Auth, Limit);
|
|
|
}
|
|
|
|
|
|
private class InternalAuthTokenFilter : IResourceFilter
|
|
@@ -101,35 +103,36 @@ namespace TEAMModelOS.Filter
|
|
|
private readonly bool _limit;
|
|
|
private readonly AzureRedisFactory _azureRedis;
|
|
|
private readonly AzureCosmosFactory _azureCosmos;
|
|
|
- public InternalAuthTokenFilter(AzureCosmosFactory azureCosmos,IOptions<Option> option, AzureRedisFactory azureRedis, string auth, bool limit)
|
|
|
+ public InternalAuthTokenFilter(AzureCosmosFactory azureCosmos, IOptions<Option> option, AzureRedisFactory azureRedis, string auth, bool limit)
|
|
|
{
|
|
|
_option = option.Value;
|
|
|
_auth = auth;
|
|
|
_limit = limit;
|
|
|
_azureRedis = azureRedis;
|
|
|
- _azureCosmos=azureCosmos;
|
|
|
+ _azureCosmos = azureCosmos;
|
|
|
}
|
|
|
- public void OnResourceExecuting(ResourceExecutingContext context)
|
|
|
+ public async void OnResourceExecuting(ResourceExecutingContext context)
|
|
|
{
|
|
|
- var path = context.HttpContext.Request.Path;
|
|
|
+ var path = context.HttpContext.Request.Path;
|
|
|
string[] paths = path.ToString().Split("/");
|
|
|
string scope = "";
|
|
|
- if (paths.Any())
|
|
|
+ if (paths.Any())
|
|
|
{
|
|
|
if (paths[0].Equals("") && paths.Length > 1)
|
|
|
{
|
|
|
scope = paths[1];
|
|
|
}
|
|
|
- else {
|
|
|
+ else
|
|
|
+ {
|
|
|
scope = paths[0];
|
|
|
}
|
|
|
}
|
|
|
string msg = "";
|
|
|
int code = 0;
|
|
|
- if (scope.Equals("school") ||scope.Equals("business"))
|
|
|
+ if (scope.Equals("school") || scope.Equals("business"))
|
|
|
{
|
|
|
string id = string.Empty, school = string.Empty, jti = string.Empty;
|
|
|
-
|
|
|
+
|
|
|
bool pass = false;
|
|
|
var authtoken = context.HttpContext.GetXAuth("ApiToken");
|
|
|
if (!string.IsNullOrWhiteSpace(authtoken) && JwtAuthExtension.ValidateApiToken(authtoken, _option.JwtSecretKey))
|
|
@@ -148,7 +151,7 @@ namespace TEAMModelOS.Filter
|
|
|
#if !DEBUG
|
|
|
issuer = keys[0];
|
|
|
#else
|
|
|
- issuer= keys[1];
|
|
|
+ issuer = keys[1];
|
|
|
#endif
|
|
|
}
|
|
|
else if (_option.Location.Equals("China-Test"))
|
|
@@ -204,7 +207,8 @@ namespace TEAMModelOS.Filter
|
|
|
code = 401002;
|
|
|
}
|
|
|
}
|
|
|
- else {
|
|
|
+ else
|
|
|
+ {
|
|
|
msg = "学校编码为空!";
|
|
|
code = 401011;
|
|
|
}
|
|
@@ -227,28 +231,55 @@ namespace TEAMModelOS.Filter
|
|
|
//如果访问的接口是 business/get-schools
|
|
|
if (!string.IsNullOrWhiteSpace(XAuthSchool))
|
|
|
{
|
|
|
- var response = _azureCosmos.GetCosmosClient().GetContainer("TEAMModelOS", "Normal").ReadItemStreamAsync(id ,new Azure.Cosmos.PartitionKey("BizConfig")).Result ;
|
|
|
+ //访问次数记录 开始
|
|
|
+ long udate = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
|
|
|
+ var respon = _azureCosmos.GetCosmosClient().GetContainer("TEAMModelOS", "Normal").ReadItemStreamAsync(id, new Azure.Cosmos.PartitionKey("BizVisit")).Result;
|
|
|
+ if (respon.Status == 200)
|
|
|
+ {
|
|
|
+ BizVisitCnt bizVisit = JsonDocument.Parse(respon.Content).Deserialize<BizVisitCnt>();
|
|
|
+ bizVisit.visit += 1;
|
|
|
+ //var tempApi = bizVisit.apis.Find(f => f.name.Equals($"{path}"));
|
|
|
+ //if (tempApi != null)
|
|
|
+ //{
|
|
|
+ // tempApi.visit += 1;
|
|
|
+ // tempApi.upDate = udate;
|
|
|
+ //}
|
|
|
+ //else
|
|
|
+ bizVisit.apis.Add(new APIInfo() { name = $"{path}", upDate = udate });//记录加一下
|
|
|
+ await _azureCosmos.GetCosmosClient().GetContainer("TEAMModelOS", "Normal").ReplaceItemAsync<BizVisitCnt>(bizVisit, id, new Azure.Cosmos.PartitionKey("BizVisit"));
|
|
|
+ }
|
|
|
+ else
|
|
|
+ {
|
|
|
+ BizVisitCnt bizVisit = new() { id = id, visit = 1, apis = new List<APIInfo>() { new APIInfo() { name = $"{path}", upDate = udate } } };
|
|
|
+ await _azureCosmos.GetCosmosClient().GetContainer("TEAMModelOS", "Normal").CreateItemAsync<BizVisitCnt>(bizVisit, new Azure.Cosmos.PartitionKey("BizVisit"));
|
|
|
+ }
|
|
|
+ //访问次数记录 结束
|
|
|
+
|
|
|
+ var response = _azureCosmos.GetCosmosClient().GetContainer("TEAMModelOS", "Normal").ReadItemStreamAsync(id, new Azure.Cosmos.PartitionKey("BizConfig")).Result;
|
|
|
if (response.Status == 200)
|
|
|
{
|
|
|
- BizConfig bizConfig = JsonDocument.Parse(response.Content).Deserialize<BizConfig>() ;
|
|
|
- if (bizConfig.schools.IsNotEmpty() && bizConfig.schools.Select(z=>z.id).Contains(XAuthSchool))
|
|
|
+ BizConfig bizConfig = JsonDocument.Parse(response.Content).Deserialize<BizConfig>();
|
|
|
+ if (bizConfig.schools.IsNotEmpty() && bizConfig.schools.Select(z => z.id).Contains(XAuthSchool))
|
|
|
{
|
|
|
if (bizConfig.jti.Equals(jti))
|
|
|
{
|
|
|
school = XAuthSchool;
|
|
|
pass = true;
|
|
|
}
|
|
|
- else {
|
|
|
+ else
|
|
|
+ {
|
|
|
msg = "当前Token已经失效!"; code = 401003;
|
|
|
pass = false;
|
|
|
}
|
|
|
}
|
|
|
- else {
|
|
|
+ else
|
|
|
+ {
|
|
|
msg = "未开通学校数据访问授权!"; code = 401004;
|
|
|
pass = false;
|
|
|
}
|
|
|
}
|
|
|
- else {
|
|
|
+ else
|
|
|
+ {
|
|
|
msg = "企业信息不存在!"; code = 401005;
|
|
|
pass = false;
|
|
|
}
|
|
@@ -260,7 +291,8 @@ namespace TEAMModelOS.Filter
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
- else {
|
|
|
+ else
|
|
|
+ {
|
|
|
msg = "访问的接口不在学校或第三方业务范围内!"; code = 401007;
|
|
|
}
|
|
|
if (!string.IsNullOrEmpty(id) && !string.IsNullOrEmpty(school) && !string.IsNullOrEmpty(jti))
|
|
@@ -272,11 +304,13 @@ namespace TEAMModelOS.Filter
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
- else {
|
|
|
+ else
|
|
|
+ {
|
|
|
msg = "token的scope与接口的业务类型不匹配!"; code = 401008;
|
|
|
}
|
|
|
}
|
|
|
- else {
|
|
|
+ else
|
|
|
+ {
|
|
|
msg = "token error!"; code = 401009;
|
|
|
}
|
|
|
if (pass)
|
|
@@ -286,12 +320,13 @@ namespace TEAMModelOS.Filter
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
- JsonResult jsonResult = new JsonResult(new { msg="未授权",code=401});
|
|
|
+ JsonResult jsonResult = new JsonResult(new { msg = "未授权", code = 401 });
|
|
|
jsonResult.StatusCode = 401;
|
|
|
context.Result = jsonResult;
|
|
|
}
|
|
|
}
|
|
|
- else {
|
|
|
+ else
|
|
|
+ {
|
|
|
msg = "该接口暂未授权访问!";
|
|
|
code = 401010;
|
|
|
JsonResult jsonResult = new JsonResult(new { msg = "未授权", code = 401 });
|