3 年之前 · c22db66089
--- a/TEAMModelOS.SDK/Extension/JwtAuthExtension.cs
+++ b/TEAMModelOS.SDK/Extension/JwtAuthExtension.cs
@@ -14,7 +14,7 @@ namespace TEAMModelOS.SDK.Extension
 
				 {
			
 
				     public static class JwtAuthExtension
			
 
				     {
			
 
				-        public static string CreateAuthToken(string issuer, string id,string name,string picture, string salt, string schoolID = "", string[] roles = null, string[] permissions = null, int expire = 1)
			
 
				+        public static string CreateAuthToken(string issuer, string id,string name,string picture, string salt, string schoolID = "",string standard="", string[] roles = null, string[] permissions = null, int expire = 1)
			
 
				         {
			
 
				             // 設定要加入到 JWT Token 中的聲明資訊(Claims)  
			
 
				             var payload = new JwtPayload {
			
@@ -25,7 +25,8 @@ namespace TEAMModelOS.SDK.Extension
 
				                 { "name",name}, // 用戶的顯示名稱
			
 
				                 { "picture",picture}, // 用戶頭像
			
 
				                 { "roles",roles}, // 登入者的角色，角色類型 (Admin、Teacher、Student) 
			
 
				-                { "permissions",permissions} //登入者的權限請求
			
 
				+                { "permissions",permissions}, //登入者的權限請求
			
 
				+                { "standard",permissions} //登入者的權限請求
			
 
				             };
			
 
				 
			
 
				             // 建立一組對稱式加密的金鑰，主要用於 JWT 簽章之用
			
--- a/TEAMModelOS/Controllers/Teacher/InitController.cs
+++ b/TEAMModelOS/Controllers/Teacher/InitController.cs
@@ -302,17 +302,12 @@ namespace TEAMModelOS.Controllers
 
				                     roles.Add("teacher");
			
 
				                     roles.Add("student");
			
 
				                 }
			
 
				-                //TODO JJ，更新Token时，在取得学校资讯时，没有传入schoolId
			
 
				-                var auth_token = JwtAuthExtension.CreateAuthToken(_option.HostName, id, name?.ToString(), picture?.ToString(), _option.JwtSecretKey, schoolID: school_code.ToString(), roles: roles.ToArray(), permissions: permissions.ToArray());
			
 
				-
			
 
				                 //TODO JJ，调整为取得学校基础设置数据，取代下方學校學制、年級
			
 
				-                object school_base = null;
			
 
				-                response = await client.GetContainer(Constant.TEAMModelOS, "School").ReadItemStreamAsync(school_code.ToString(), new PartitionKey("Base"));
			
 
				-                if (response.Status == 200)
			
 
				-                {
			
 
				-                    using var json = await JsonDocument.ParseAsync(response.ContentStream);
			
 
				-                    school_base = json.RootElement.ToObject<object>();
			
 
				-                }
			
 
				+
			
 
				+                School school_base = await client.GetContainer(Constant.TEAMModelOS, "School").ReadItemAsync<School>($"{school_code}", new PartitionKey("Base"));
			
 
				+               
			
 
				+                //TODO JJ，更新Token时，在取得学校资讯时，没有传入schoolId
			
 
				+                var auth_token = JwtAuthExtension.CreateAuthToken(_option.HostName, id, name?.ToString(), picture?.ToString(), _option.JwtSecretKey, schoolID: school_code.ToString(),standard:school_base.standard, roles: roles.ToArray(), permissions: permissions.ToArray());
			
 
				 
			
 
				                 //取得班级
			
 
				                 List<object> school_classes = new List<object>();
			
--- a/TEAMModelOS/Filter/AuthTokenAttribute.cs
+++ b/TEAMModelOS/Filter/AuthTokenAttribute.cs
@@ -37,7 +37,7 @@ namespace TEAMModelOS.Filter
 
				             public void OnResourceExecuting(ResourceExecutingContext context)
			
 
				             {
			
 
				                 bool pass = false;
			
 
				-                string id = string.Empty, name = string.Empty, picture = string.Empty, school = string.Empty;
			
 
				+                string id = string.Empty, name = string.Empty, picture = string.Empty, school = string.Empty, standard=string.Empty;
			
 
				                 var authtoken = context.HttpContext.GetXAuth("AuthToken");
			
 
				                 if (!string.IsNullOrWhiteSpace(authtoken) && JwtAuthExtension.ValidateAuthToken(authtoken, _option.JwtSecretKey))
			
 
				                 {
			
@@ -46,7 +46,7 @@ namespace TEAMModelOS.Filter
 
				                     school = jwt.Payload.Azp;
			
 
				                     name = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("name") )?.Value;
			
 
				                     picture = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("picture"))?.Value;
			
 
				-
			
 
				+                    standard = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("standard"))?.Value;
			
 
				                     if (!string.IsNullOrWhiteSpace(_roles))
			
 
				                     {
			
 
				                         var roles = jwt.Claims.Where(c => c.Type .Equals("roles"));
			
@@ -79,6 +79,7 @@ namespace TEAMModelOS.Filter
 
				                     context.HttpContext.Items.Add("Name", name);
			
 
				                     context.HttpContext.Items.Add("Picture", picture);
			
 
				                     context.HttpContext.Items.Add("School", school);
			
 
				+                    context.HttpContext.Items.Add("Standard", standard);
			
 
				                 }
			
 
				                 else
			
 
				                     context.Result = new BadRequestResult();