瀏覽代碼

扩展Jwt standard

CrazyIter_Bin 3 年之前
父節點
當前提交
c22db66089

+ 3 - 2
TEAMModelOS.SDK/Extension/JwtAuthExtension.cs

@@ -14,7 +14,7 @@ namespace TEAMModelOS.SDK.Extension
 {
     public static class JwtAuthExtension
     {
-        public static string CreateAuthToken(string issuer, string id,string name,string picture, string salt, string schoolID = "", string[] roles = null, string[] permissions = null, int expire = 1)
+        public static string CreateAuthToken(string issuer, string id,string name,string picture, string salt, string schoolID = "",string standard="", string[] roles = null, string[] permissions = null, int expire = 1)
         {
             // 設定要加入到 JWT Token 中的聲明資訊(Claims)  
             var payload = new JwtPayload {
@@ -25,7 +25,8 @@ namespace TEAMModelOS.SDK.Extension
                 { "name",name}, // 用戶的顯示名稱
                 { "picture",picture}, // 用戶頭像
                 { "roles",roles}, // 登入者的角色,角色類型 (Admin、Teacher、Student) 
-                { "permissions",permissions} //登入者的權限請求
+                { "permissions",permissions}, //登入者的權限請求
+                { "standard",permissions} //登入者的權限請求
             };
 
             // 建立一組對稱式加密的金鑰,主要用於 JWT 簽章之用

+ 5 - 10
TEAMModelOS/Controllers/Teacher/InitController.cs

@@ -302,17 +302,12 @@ namespace TEAMModelOS.Controllers
                     roles.Add("teacher");
                     roles.Add("student");
                 }
-                //TODO JJ,更新Token时,在取得学校资讯时,没有传入schoolId
-                var auth_token = JwtAuthExtension.CreateAuthToken(_option.HostName, id, name?.ToString(), picture?.ToString(), _option.JwtSecretKey, schoolID: school_code.ToString(), roles: roles.ToArray(), permissions: permissions.ToArray());
-
                 //TODO JJ,调整为取得学校基础设置数据,取代下方學校學制、年級
-                object school_base = null;
-                response = await client.GetContainer(Constant.TEAMModelOS, "School").ReadItemStreamAsync(school_code.ToString(), new PartitionKey("Base"));
-                if (response.Status == 200)
-                {
-                    using var json = await JsonDocument.ParseAsync(response.ContentStream);
-                    school_base = json.RootElement.ToObject<object>();
-                }
+
+                School school_base = await client.GetContainer(Constant.TEAMModelOS, "School").ReadItemAsync<School>($"{school_code}", new PartitionKey("Base"));
+               
+                //TODO JJ,更新Token时,在取得学校资讯时,没有传入schoolId
+                var auth_token = JwtAuthExtension.CreateAuthToken(_option.HostName, id, name?.ToString(), picture?.ToString(), _option.JwtSecretKey, schoolID: school_code.ToString(),standard:school_base.standard, roles: roles.ToArray(), permissions: permissions.ToArray());
 
                 //取得班级
                 List<object> school_classes = new List<object>();

+ 3 - 2
TEAMModelOS/Filter/AuthTokenAttribute.cs

@@ -37,7 +37,7 @@ namespace TEAMModelOS.Filter
             public void OnResourceExecuting(ResourceExecutingContext context)
             {
                 bool pass = false;
-                string id = string.Empty, name = string.Empty, picture = string.Empty, school = string.Empty;
+                string id = string.Empty, name = string.Empty, picture = string.Empty, school = string.Empty, standard=string.Empty;
                 var authtoken = context.HttpContext.GetXAuth("AuthToken");
                 if (!string.IsNullOrWhiteSpace(authtoken) && JwtAuthExtension.ValidateAuthToken(authtoken, _option.JwtSecretKey))
                 {
@@ -46,7 +46,7 @@ namespace TEAMModelOS.Filter
                     school = jwt.Payload.Azp;
                     name = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("name") )?.Value;
                     picture = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("picture"))?.Value;
-
+                    standard = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("standard"))?.Value;
                     if (!string.IsNullOrWhiteSpace(_roles))
                     {
                         var roles = jwt.Claims.Where(c => c.Type .Equals("roles"));
@@ -79,6 +79,7 @@ namespace TEAMModelOS.Filter
                     context.HttpContext.Items.Add("Name", name);
                     context.HttpContext.Items.Add("Picture", picture);
                     context.HttpContext.Items.Add("School", school);
+                    context.HttpContext.Items.Add("Standard", standard);
                 }
                 else
                     context.Result = new BadRequestResult();