TEAMMODEL
/
TEAMModelOS


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120
							using Microsoft.AspNetCore.Mvc.Controllers;
using Microsoft.AspNetCore.Mvc.Filters;
using System.Security.Claims;
using System;
using System.Threading.Tasks;
using TEAMModelOS.SDK.Extension;
using Microsoft.Extensions.Logging;
using TEAMModelOS.SDK;
using DocumentFormat.OpenXml.Office2010.Excel;
using DocumentFormat.OpenXml.Wordprocessing;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using Azure.Core;
using DocumentFormat.OpenXml.Office2016.Excel;
using TEAMModelOS.SDK.DI;
using Microsoft.Extensions.Primitives;
using HTEXLib.Helpers.ShapeHelpers;

namespace TEAMModelOS.Filter
{
    public class RequestAuditFilter : IAsyncActionFilter
    {
        //private readonly ILogger _logger;
        private readonly HttpTrigger _httpTrigger;
        public RequestAuditFilter(/*ILoggerFactory loggerFactory*/HttpTrigger httpTrigger)
        {
          //  _logger = loggerFactory.CreateLogger<RequestAuditFilter>();
            _httpTrigger = httpTrigger;
        }
        public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
        {
            //============== 这里是执行方法之前获取数据 ====================

            // 获取控制器、路由信息
            //var actionDescriptor = context.ActionDescriptor as ControllerActionDescriptor;

            // 获取请求的方法
            //var method = actionDescriptor.MethodInfo;

            // 获取 HttpContext 和 HttpRequest 对象
            var httpContext = context.HttpContext;
            var httpRequest = httpContext.Request;

            // 获取客户端 Ipv4 地址
            var remoteIPv4 = httpContext.GetRemoteIpAddressToIPv4();

            // 获取请求的 Url 地址
           // var requestUrl = httpRequest.GetRequestUrlAddress();

            
            // 获取来源 Url 地址
           var refererUrl = httpRequest.GetRefererUrlAddress();

            // 获取请求参数（写入日志，需序列化成字符串后存储）
            var parameters = context.ActionArguments;

            // 获取操作人（必须授权访问才有值）"userId" 为你存储的 claims type，jwt 授权对应的是 payload 中存储的键名
            //var userId = httpContext.User?.FindFirstValue("userId");
            var authtoken = context.HttpContext.GetXAuth("AuthToken");
            string tokenSha = string.Empty,client = string.Empty;
            if (context.HttpContext.Request.Headers.TryGetValue("Authorization", out StringValues Authorization)) 
            {
                try {
                    string token = Authorization.ToString().Replace("Bearer ", "");
                    var jwt = new JwtSecurityTokenHandler().ReadJwtToken(token);
                      tokenSha = ShaHashHelper.GetSHA1(token);
                    client = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("roles"))?.Value;
                } catch (Exception ex ) { }
            }
            string id = string.Empty, name = string.Empty, picture = string.Empty, school = string.Empty, scope = string.Empty;
            if (!string.IsNullOrWhiteSpace(authtoken)) {
                var jwt = new JwtSecurityTokenHandler().ReadJwtToken(authtoken);
                id = jwt.Payload.Sub;
                school = jwt.Payload.Azp;
                name = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("name"))?.Value;
                scope = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("scope"))?.Value;
            }
            string secChUaPlatform = string.Empty;
            if (httpContext.Request.Headers.TryGetValue("Sec-Ch-Ua-Platform", out var values))
            {
                secChUaPlatform = values.FirstOrDefault();
            }
            // 请求时间
            var requestedTime = DateTimeOffset.Now.GetGMTTime(8).ToUnixTimeMilliseconds();
            //============== 这里是执行方法之后获取数据 ====================
            var actionContext = await next();
            // 获取返回的结果
            // var returnResult = actionContext.Result;

            // 判断是否请求成功，没有异常就是请求成功
            // var isRequestSucceed = actionContext.Exception == null;

            // 获取调用堆栈信息，提供更加简单明了的调用和异常堆栈
            // var stackTrace = EnhancedStackTrace.Current();
            // string region = await _searcher.SearchIpAsync(remoteIPv4);
            //同一个账号，同一IP，同一接口,UA标识（UA标识随意切换则表示可能会存在DDOS）,时间段
            //_logger.LogInformation(new{ ua=httpContext.GetUserAgent(), ip=remoteIPv4,time=requestedTime,path =$"{httpRequest.PathBase}{httpRequest.Path}",host= $"{httpRequest.Host}", param=parameters,id ,name ,school,succeed =isRequestSucceed }.ToJsonString());
            var data = new
            {
                ua = httpContext.GetUserAgent(),
                ip = remoteIPv4,
                time = requestedTime,
                path = $"{httpRequest.PathBase}{httpRequest.Path}",
                host = $"{httpRequest.Host}",
                param = parameters,
                id = id,
                name = name,
                school = school,
                client = client,
                tid = tokenSha,
                scope = scope,
                referer = refererUrl,
                platform = secChUaPlatform,
                p = "bi",
            };
            _= _httpTrigger.RequestHttpTrigger(data, "China", "http-log");
            
        }
    }
}