LFlow/LFlow.Permission/PermissionMiddleware.cs

using System.Net.Sockets;
using LFlow.Base;
using LFlow.Base.Utils;
using LFlow.Middleware;
using LFlow.Permission.Service;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Routing;
using Newtonsoft.Json;

namespace LFlow.Permission;

/// <summary>
/// 权限中间件
/// </summary>
public class PermissionMiddleware : ILFlowMiddleware
{
    /// <summary>
    /// 优先级
    /// </summary>
    public int Priority => 1;

    /// <summary>
    /// 执行入口
    /// </summary>
    /// <param name="context"></param>
    /// <param name="next"></param>
    /// <returns></returns>
    /// <exception cref="NotImplementedException"></exception>
    public async Task RunAsync(HttpContext context, Func<Task> next)
    {
        var progName = context.GetRouteData()?.Values["controller"]?.ToString();
        var progAction = context.GetRouteData()?.Values["action"]?.ToString();
        if (progName != null)
        {
            var service = App.GetService<IPermissionService>();
            var progPermission = service != null ? await service.GetProgPerminssionListAsync(progName) : null;
            var currentPermission = progPermission?.FirstOrDefault(p => p.PermissionAction == progAction);
            if (currentPermission == null || currentPermission!.IsPublic)
            {
                await next();
            }
            else
            {
                //TODO 从缓存中根据Token获取用户信息，并判断是否有权限
                await context.Response.WriteAsync(JsonConvert.SerializeObject(ApiResult<object>.FailResult("无权限！", 100501)));
            }
        }
        // 预检请求
        if (context.Request.Method == "OPTIONS")
        {
            await next();
            // context.Response.StatusCode = StatusCodes.Status200OK;
        }
    }
}