Ling0925
/
LFlow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

重构权限检查逻辑 

将权限检查逻辑移至 `progName` 不为 null 的条件下,并在此条件下调用 `next()`。调整了对 OPTIONS 请求的处理,确保在权限不足时返回相应的错误信息。
This commit is contained in:
lihanbo 2025-03-10 17:58:37 +08:00
parent fa160cac83
commit e2ccb07b51
1 changed files with 29 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
LFlow.UserManagement/UserMiddleware.cs
View File

@ -44,10 +44,13 @@ namespace LFlow.UserManagement
//TODO 从缓存中根据Token获取用户信息并判断是否有权限 //TODO 从缓存中根据Token获取用户信息并判断是否有权限
await context.Response.WriteAsync(JsonConvert.SerializeObject(ApiResult<object>.FailResult("无权限!", 100501))); await context.Response.WriteAsync(JsonConvert.SerializeObject(ApiResult<object>.FailResult("无权限!", 100501)));
var token = context.Request.Cookies["Token"]?.ToString(); var token = context.Request.Cookies["Token"]?.ToString();
if(token != null){ if (token != null)
{
var user = selfCache.GetAsync<UserModel>(token!); var user = selfCache.GetAsync<UserModel>(token!);
var userPermissions = service.GetPermissions() var userPermissions = service?.GetPermissions();
}else{ }
else
{
await context.Response.WriteAsync(JsonConvert.SerializeObject(ApiResult<object>.FailResult("未登录!", 100500))); await context.Response.WriteAsync(JsonConvert.SerializeObject(ApiResult<object>.FailResult("未登录!", 100500)));
} }
} }
@ -56,7 +59,6 @@ namespace LFlow.UserManagement
if (context.Request.Method == "OPTIONS") if (context.Request.Method == "OPTIONS")
{ {
await next(); await next();
// context.Response.StatusCode = StatusCodes.Status200OK;
} }
} }
} }